About
Dedicated and results-driven SOC Analyst with over 3 years of hands-on experience in Security Operations, Incident Response, and Threat Detection. Proficient in monitoring, triaging, and responding to complex security incidents using tools such as Cortex XDR, CrowdStrike, SentinelOne, Splunk, QRadar, and Microsoft Sentinel. Experienced in analyzing phishing attacks, endpoint threats, and user behavior anomalies across cloud and hybrid environments using Azure AD, Entra ID, FortiSASE, FortiCASB, and Office Defender Cloud. Skilled in vulnerability management (Nessus), SIEM rule tuning, and integrating threat intelligence from platforms like Digital Shadows. Strong understanding of DLP, WAF, IDS/IPS, and security best practices.
Skills & Expertise (10)
Work Experience
Security Analyst
United Systec Solutions
10-2023 - Present
Oversaw and evaluated security events using SIEM platforms like Splunk, Microsoft Sentinel, and QRadar. Executed real-time threat detection and incident response utilizing Cortex XDR, FortiSASE, and FortiCASB.
Security Analyst
United Systec Solutions
10-2023 - Present
Oversaw and evaluated security events using SIEM platforms like Splunk, Microsoft Sentinel, and QRadar. Executed real-time threat detection and incident response utilizing Cortex XDR, FortiSASE, and FortiCASB. Analyzed suspicious Azure AD login attempts and account breaches, employing Azure AD, Entra ID, and Office Defender Cloud. Executed malware analysis, IOC correlation, and endpoint triage using CrowdStrike, SentinelOne, and Cortex XDR. Executed phishing investigations utilizing O365 Defender, Proofpoint, and KnowBe4, escalating confirmed threats. Established and managed incident tickets through Jira and ServiceNow, ensuring SLA adherence. Collaborated with Threat Intelligence tools, including Digital Shadows, to monitor external threats aimed at the organization. Facilitated vulnerability remediation and reporting through Nessus, coordinating with IT teams for effective patching. Engaged in threat hunting utilizing the MITRE ATT&CK framework, producing comprehensive, deep-dive reports. Recorded SOPs, IR workflows, and an enhanced SOC knowledge base for improved incident handling. Managed incident response activities, including the investigation and reporting of security breaches. Monitored network traffic for suspicious activity to prevent cyberattacks and data breaches. Partner with various teams across the organization to strengthen the security posture. Working in 24/7 rotational shift.
Security Analyst
United Systec Solutions
10-2023 - Present
Oversaw and evaluated security events using SIEM platforms like Splunk, Microsoft Sentinel, and QRadar. Executed real-time threat detection and incident response utilizing Cortex XDR, FortiSASE, and FortiCASB. Analyzed suspicious Azure AD login attempts and account breaches, employing Azure AD, Entra ID, and Office Defender Cloud. Executed malware analysis, IOC correlation, and endpoint triage using CrowdStrike, SentinelOne, and Cortex XDR. Executed phishing investigations utilizing O365 Defender, Proofpoint, and KnowBe4, escalating confirmed threats. Established and managed incident tickets through Jira and ServiceNow, ensuring SLA adherence. Collaborated with Threat Intelligence tools, including Digital Shadows, to monitor external threats aimed at the organization. Facilitated vulnerability remediation and reporting through Nessus, coordinating with IT teams for effective patching. Engaged in threat hunting utilizing the MITRE ATT&CK framework, producing comprehensive, deep-dive reports. Recorded SOPs, IR workflows, and an enhanced SOC knowledge base for improved incident handling. Managed incident response activities, including the investigation and reporting of security breaches. Monitored network traffic for suspicious activity to prevent cyberattacks and data breaches. Partner with various teams across the organization to strengthen the security posture. Working in 24/7 rotational shift.
SOC Analyst
ICICI Bank
08-2022 - 10-2023
Continuous security monitoring, investigation, and triage of security events and alerts using SIEM platforms to identify potential threats and escalated incidents.
SOC Analyst
ICICI Bank
08-2022 - 10-2023
Continuous security monitoring, investigation, and triage of security events and alerts using SIEM platforms (Splunk, QRadar, Microsoft Sentinel) to identify potential threats and escalated incidents, correlating events from endpoints, network, and cloud sources. Conducted end-to-end incident response activities, including initial triage, containment, root cause analysis, remediation, and comprehensive documentation for various attack vectors, such as malware, phishing, insider threats, and unauthorized access attempts. Investigated and remediated email threats (e.g., phishing, business email compromise) using Proofpoint and Google Workspace (GWS) Admin consoles, ensuring the swift mitigation of malicious campaigns. Performed vulnerability assessments with Tenable Nessus, generating detailed reports, supporting remediation, and collaborating with IT teams to close security gaps across endpoints and cloud environments. Utilized threat intelligence platforms (BitSight, Flashpoint, Digital Shadows) to proactively gather tactical and strategic insights, enrich alerts, and optimize incident handling and risk assessment. Managed security tickets and incident workflows via ServiceNow and Jira, ensuring accurate, timely escalation, and resolution with cross-functional stakeholders. Maintained security tools and integrations across AWS, Azure AD, Entra ID, Office Defender, FortiCASB, FortiSASE, Netskope, Logic Apps, and ELK, ensuring robust monitoring and continuous improvement in line with security best practices. Delivered timely, clear security incident reports and recommendations to management and customers, fostering a culture of transparency and ongoing improvement. Participated in threat hunting, proactive investigations, and periodic security awareness campaigns to stay ahead of evolving tactics and improve organizational resilience.
SOC Analyst
ICICI Bank
08-2022 - 10-2023
Continuous security monitoring, investigation, and triage of security events and alerts using SIEM platforms (Splunk, QRadar, Microsoft Sentinel) to identify potential threats and escalated incidents, correlating events from endpoints, network, and cloud sources. Conducted end-to-end incident response activities, including initial triage, containment, root cause analysis, remediation, and comprehensive documentation for various attack vectors, such as malware, phishing, insider threats, and unauthorized access attempts. Investigated and remediated email threats (e.g., phishing, business email compromise) using Proofpoint and Google Workspace (GWS) Admin consoles, ensuring the swift mitigation of malicious campaigns. Performed vulnerability assessments with Tenable Nessus, generating detailed reports, supporting remediation, and collaborating with IT teams to close security gaps across endpoints and cloud environments. Utilized threat intelligence platforms (BitSight, Flashpoint, Digital Shadows) to proactively gather tactical and strategic insights, enrich alerts, and optimize incident handling and risk assessment. Managed security tickets and incident workflows via ServiceNow and Jira, ensuring accurate, timely escalation, and resolution with cross-functional stakeholders. Maintained security tools and integrations across AWS, Azure AD, Entra ID, Office Defender, FortiCASB, FortiSASE, Netskope, Logic Apps, and ELK, ensuring robust monitoring and continuous improvement in line with security best practices. Delivered timely, clear security incident reports and recommendations to management and customers, fostering a culture of transparency and ongoing improvement. Participated in threat hunting, proactive investigations, and periodic security awareness campaigns to stay ahead of evolving tactics and improve organizational resilience.
Education
BTech
2016 - 2020 · India
BTech
2016 - 2020 · India
