Sai Sushrita Rao Sonthi
SOC Analyst (Security Operations Center Analyst)
About
Cybersecurity professional with 1.9 years of experience as a SOC Analyst in 24/7 Security Operations environments. Skilled in SIEM monitoring, threat detection, incident response, and security event analysis using platforms such as IBM QRadar and Wazuh. Experienced in log correlation, alert triage, and investigation of phishing, endpoint, and network-based threats. Analyzed 5,000+ security alerts daily, achieving 20–30% reduction in false positives. Proficient in incident escalation, SOC dashboard monitoring, and maintaining SLA-driven security operations in high-volume enterprise environments.
Skills & Expertise (20)
Work Experience
SOC Analyst (Security Operations Center Analyst)
ZeroFox
Jun 2022 - Feb 2024
Supported the implementation and optimization of IBM QRadar SIEM, integrating multiple log sources such as firewalls, IDS/IPS, and endpoint security tools. Assisted in developing correlation rules and AQL queries to improve threat detection and reduce false positives. Monitored and analysed security alerts using SIEM platforms (IBM QRadar, Wazuh) to detect potential cyber threats and suspicious activities. Performed alert triage, log analysis, and incident investigation to identify phishing attempts, endpoint threats, and abnormal network behaviour. Investigated high volumes of security events and prioritised incidents based on severity, impact, and organisational risk. Executed initial incident response activities, including alert validation, incident analysis, containment support, and escalation following SOC procedures and SLA guidelines. Reduced false positives through alert correlation and SIEM rule tuning, improving SOC monitoring efficiency. Monitored network, system, and application logs to detect indicators of compromise (IOCs) and suspicious activity. Supported security incident response investigations by analysing logs, identifying attack patterns, and escalating confirmed incidents to senior security teams. Assisted in incident response activities, including log analysis, containment support, and documentation during security investigations. Documented security incidents, investigation findings, and remediation actions for internal reporting, compliance, and security audits.
Education
Bachelor of Technology (B.Tech) in Computer Science and Engineering - GITAM University
- 2021 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Skills (20)
Click a skill to find developers with the same skill