About
Security Operations Analyst with 2 years of experience in 24×7 SOC environments specializing in security monitoring, threat detection, and incident investigation. Skilled in analyzing security alerts using SIEM platforms (Splunk, IBM QRadar, Microsoft Sentinel) and EDR tools (CrowdStrike Falcon, Microsoft Defender). Experienced in log analysis across firewall, proxy, endpoint, and email systems, with strong capability in phishing investigations, incident escalation, and SOC playbook-driven response.
Skills & Expertise (43)
Work Experience
SOC Analyst
RAYGAIN TECHNOLOGIES PRIVATE LIMITED
Feb 2024 - Present
Monitor SIEM dashboards and perform initial triage of security alerts. Analyze basic log sources (Firewall, Proxy, Endpoint, Email, IPS/IDS) to identify suspicious or abnormal activities. Validate alerts and categorize them as False Positive or potential security incidents. Investigate phishing emails, review headers/body/links, and provide recommendations to users. Escalate confirmed incidents to L2 teams with complete evidence, logs, and timeline details. Track and manage incidents in ticketing tools (ServiceNow / OS Ticket) and maintain clear investigation notes. Monitor the health of security tools, log sources, and sensors, and raise tickets for any SIEM ingestion or connectivity issues. Follow SOC playbooks for alert handling, escalation, documentation, and reporting. Perform continuous monitoring to ensure timely detection of threats and maintain strong situational awareness. Support overall SOC operations by coordinating with internal teams, ensuring smooth workflows, and improving alert-handling efficiency.
Education
Bachelor of Science (B.Sc.) – Cyber Security
- · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Relocation
Open to Relocation
Skills (43)
Click a skill to find developers with the same skill
