About
SOC Analyst with 2 years of hands-on experience in 24x7 Security Operations, specializing in SIEM monitoring, endpoint threat detection, and cloud security operations. Proven expertise in Splunk and LogRhythm for real-time log analysis, alert correlation, and incident investigation. Strong background in CrowdStrike EDR for endpoint detection, containment, and remediation of advanced threats. Experienced in vulnerability management using Qualys, including CVE analysis, risk prioritization, and remediation tracking. Skilled in IDS/IPS monitoring, network traffic analysis, and threat identification. Hands-on experience with AWS cloud security services including CloudTrail, GuardDuty, and IAM monitoring. Adept at incident response, threat hunting, and security event escalation aligned with SOC best practices.
Skills & Expertise (9)
Work Experience
SOC Analyst
TCS
03-2024 - Present
Monitored and analyzed security events using Splunk and LogRhythm SIEM to detect suspicious activities and potential threats. Created, tuned, and optimized SIEM correlation rules to reduce false positives and improve alert fidelity. Performed real-time alert triage, investigation, and escalation following SOC runbooks and SLAs. Conducted endpoint threat analysis using CrowdStrike Falcon, including malware detection and host containment. Investigated phishing emails, malicious URLs, and file hashes using threat intelligence platforms. Executed Qualys vulnerability scans, analyzed findings, and prioritized risks based on CVSS scores. Coordinated with IT teams for vulnerability remediation and validation. Monitored IDS/IPS alerts to identify network-based attacks and anomalous traffic patterns. Analyzed AWS security logs from CloudTrail, GuardDuty, and VPC Flow Logs for cloud threats. Investigated IAM anomalies, unauthorized access attempts, and misconfigurations in AWS environments. Performed incident response activities including containment, eradication, and recovery support. Conducted proactive threat hunting using SIEM queries and endpoint telemetry. Documented incidents with detailed root cause analysis and mitigation recommendations. Supported SOC compliance reporting and security metrics generation. Collaborated with L2/L3 teams for advanced investigations and post-incident reviews. Collate security incident and event data to produce monthly exception and management reports.
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Current Company
Tata Consultancy Services
Visa Status
No Visa
Relocation
Open to Relocation
