About
SOC Analyst with 2 years of experience in monitoring and analyzing security alerts in a 24x7 SOC environment. Skilled in alert triage, log analysis, and incident handling using SIEM and EDR tools such as Splunk and CrowdStrike. Experienced in identifying false positives, escalating true positives, and following standard operating procedures (SOPs) to ensure timely response and SLA compliance.
Skills & Expertise (21)
Work Experience
SOC Analyst L1
AU TECHNOLOGY CONSULTING PRIVATE LIMITED
Jun 2024 - Present
Monitored and analyzed security alerts using Splunk SIEM in a 24x7 SOC environment while maintaining SLA compliance. Performed initial triage of alerts to identify false positives and potential security incidents. Analyzed logs, events, and indicators of compromise (IOCs) to assess suspicious activities. Investigated phishing emails by analyzing headers, URLs, attachments, and user activity. Investigated phishing emails, domains, and IPs using open-source intelligence tools and recommended appropriate blocking measures. Correlated logs from multiple sources such as firewall, proxy, and endpoint tools for investigation. Utilized CrowdStrike EDR for basic investigation, host isolation (as per SOP), and threat containment support. Reduced false positives by validating alerts and recommending tuning improvements to enhance detection accuracy. Created and updated tickets in ServiceNow, including documentation of findings, actions taken, and escalation details. Followed standard operating procedures (SOPs) and playbooks for incident handling. Collaborated with IT and network teams for log onboarding and monitoring enhancements.
Education
Bachelor of Technology (B.Tech) – Computer Science & Engineering - RGPV University
- · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Skills (21)
Click a skill to find developers with the same skill
