About
SOC Analyst with 3 years of practical experience in security monitoring, incident response, and threat hunting using SIEM platforms (Splunk, QRadar, Sentinel) and EDR solutions (CrowdStrike, Microsoft Defender). Demonstrated ability to identify and contain threats quickly, improve detection rules, and enhance SOC efficiency. Strong background in phishing investigation, vulnerability management (Qualys, Nessus), and enterprise-wide log analysis including AWS CloudTrail logs to support proactive defense and risk reduction. Experienced in implementing cybersecurity best practices aligned with NIST, ISO 27001, and SOC 2 frameworks.
Skills & Expertise (43)
Work Experience
SOC Analyst
ScienTec Consulting Pte.Ltd.
Jan 2023 - Present
Performed continuous security monitoring and alert triage using SIEM platforms (Splunk, QRadar, Microsoft Sentinel, LogRhythm) across enterprise environments. Investigated alerts by correlating authentication, endpoint, network, proxy, firewall, email gateway, and WAF logs to identify true security incidents. Analyzed and responded to alerts from EDR, Firewall, IDS/IPS, Proxy, VPN, Anti-Malware, Email Security, and WAF solutions. Monitored and analyzed AWS CloudTrail logs to detect unauthorized access, privilege escalation, unusual API calls, and cloud infrastructure security incidents. Investigated phishing and suspicious email reports, including header analysis, URL inspection, attachment analysis, and user impact assessment. Collected, analyzed, and operationalized threat intelligence feeds to identify and manage relevant Indicators of Compromise (IOCs). Ingested, enriched, and validated IOCs across SIEM, EDR, Firewall, and WAF platforms to improve detection coverage. Reviewed IOC detection effectiveness and coordinated with internal teams to enhance monitoring and response capabilities. Developed and fine-tuned SIEM correlation rules and monitoring use cases to reduce false positives and improve detection accuracy. Gained working knowledge of SOAR concepts, including playbook-driven alert handling, automated enrichment, and integration of SIEM, EDR, threat intelligence, and ticketing systems. Conducted network vulnerability assessments using Qualys VMDR and Nessus to identify security weaknesses and prioritize remediation actions. Assisted in implementing cybersecurity best practices aligned with NIST Cybersecurity Framework, ISO 27001, and SOC 2 compliance requirements. Maintained and improved internal cybersecurity tools, dashboards, and reporting mechanisms to enhance security visibility. Collaborated with security team on protocols, procedures, and deployments of security technologies including firewalls, endpoint protection, and email filtering. Stayed current with cybersecurity trends, threat intelligence, and emerging technologies to enhance threat detection capabilities. Managed and analyzed Microsoft 365 Security Center alerts and reports for threat detection and incident response. Documented incidents, investigation findings, and remediation actions in ServiceNow and OSticket, ensuring SLA compliance.
Education
Bachelor Of Engineering - Savitribai Phule Pune University
- · Afghanistan