About
SOC Analyst (L1) with 2.5 years of experience in 24x7 SOC environments, specializing in QRadar, Splunk SIEM, CrowdStrike EDR, Forcepoint DLP, ServiceNow, alert triage, incident response, phishing, malware, brute-force, network & endpoint security, MITRE ATT&CK, incident lifecycle, and false-positive reduction.
Skills & Expertise (21)
Work Experience
SOC Analyst (L1)
Capgemini
Sep 2023 - Present
Actively monitoring and analyzing security alerts in a 24x7 SOC environment using Splunk SIEM. Investigating security incidents across multiple log sources, including firewall, proxy, IDS/IPS, EDR, and system logs. Performing alert triage, prioritization, and classification based on severity (P1–P4) and business impact. Conducting in-depth phishing email analysis including header analysis, URL reputation checks, and attachment inspection. Investigating endpoint security alerts generated by CrowdStrike EDR and performing containment and remediation actions. Performing malware analysis using hash reputation, behavioral indicators, and sandboxing techniques. Correlating events across multiple security tools to identify attack patterns and potential threats. Reducing false positives by tuning alerts and improving Splunk use cases. Managing incidents using ServiceNow, ensuring accurate documentation, escalation, and timely closure within SLA. Preparing daily SOC health check reports, incident summaries, and client-specific security reports. Collaborating with SOC team members and senior analysts during high-severity incidents. Following SOC procedures, incident response playbooks, and internal security policies.
Education
Master of Science - Shivaji University, Kolhapur
- · Afghanistan
Bachelor of Science - Shivaji University, Kolhapur
- · Afghanistan
