About
Dear Hiring Manager, I am writing to express my interest in the SOC Analyst position at your organization. With more than two years of hands-on experience in Security Operations, I have developed strong expertise in monitoring, analyzing, and responding to security incidents while helping organizations strengthen their cybersecurity posture. I am proficient in working with security tools such as SIEM platforms, EDR solutions, and network monitoring systems. I also have a solid understanding of security frameworks, threat intelligence, and best practices in cybersecurity. I am eager to bring my skills and dedication to your team and contribute to maintaining a secure and resilient IT environment. I would welcome the opportunity to discuss how my experience aligns with your organization’s needs. Thank you for your time and consideration. Sincerely, R Subhransu Subhrajyoti
Skills & Expertise (32)
Work Experience
Junior Engineer
HL Mando Anand India Pvt Ltd
Sep 2023 - Nov 2024
Monitoring and Detection: Monitor security events and alerts generated by Splunk to identify potential security incidents or threats. Analyze logs, network traffic, and other security data for suspicious activities. Incident Response: Respond promptly to security incidents, including triaging, investigating, and containing the incidents. Utilize Splunk's capabilities to identify the root cause, impact, and scope of security incidents. SIEM Management: Manage and maintain the Splunk SIEM platform, including configuration, correlation, and tuning. Ensure the system is up to date with the latest patches and updates to maintain optimal performance and security. Log Analysis: Analyze and correlate security logs, events, and data from various sources, such as firewalls, IDS/IPS, endpoint protection systems, and other security tools integrated with Splunk. Identify patterns, anomalies, and indicators of compromise. Incident Documentation and Reporting: Document all relevant details of security incidents, including the timeline, actions taken, and lessons learned. Prepare incident reports, security metrics, and executive summaries to provide insights into the security posture of the organization. Collaboration and Communication: Collaborate with cross-functional teams, including network operations, system administrators, and other security teams, to ensure a coordinated response to security incidents. Communicate effectively with stakeholders, providing timely updates and recommendations. Continuous Improvement: Stay abreast of emerging threats, security technologies, and industry trends. Recommend and implement process improvements, automation, and optimization strategies to enhance the efficiency and effectiveness of the SOC operations.
Incident Responder and SOC Analyst
XOBIT TECHNOLOGIES
Nov 2024 - Present
Worked in a 24x7 Security Operations Center and Monitoring the customer network using Splunk enterprise SIEM, CrowdStrike EDR and CloudSEK Cyber Threat Intelligence. Respond promptly to security incidents, including triaging, investigating, and containing the incidents. Utilize Splunk enterprise SIEM, Crowd Strike EDR capabilities to identify the root cause, impact, and scope of security incidents. Analyze and correlate security logs, events, and data from various sources, such as firewalls, IDS/IPS, EDR (Crowd Strike), and other security tools integrated with Splunk enterprise. Identify patterns, anomalies, and indicators of compromise. Escalating the security incidents based on the client's SLA and providing meaningful information related to security incidents by doing in-depth analysis of event payload, providing recommendations regarding security incidents mitigation which in turn makes the customer business safe and secure. Creating tickets on Service now ticketing tools and assigning it to the respective team and taking the follow-up until closer. Integration of new devices with SIEM such as Windows, Linux, etc. Doing the troubleshooting if any device is not sending the logs to the SIEM tool. Monitors and analyzes data from endpoints to detect and respond to cyber threats using CrowdStrike. Handling CloudSEK Contextual Al engine Cyber Threat Intelligence and Attack Surface monitoring to proactively predict and prevent an organization's Employees and Customers from phishing, Data Leak, DarkWeb and Brand Threats and Infra threats. Creating and Generating Report as per as Customer Requirement. Document all relevant details of security incidents, including the timeline, actions taken, and lessons learned. Prepare (IR) incident reports, security metrics, and executive summaries to provide insights into the security posture of the organization. Creating SOP related to different process and incident investigation analysis.
Education
Bachelor Of Technology in Mechanical Engineering - DR. M.G.R Educational and Research Institute
- 2021 · Afghanistan
Diploma in Mechanical Engg. - Nilachal Polytechnic
- 2016 · Afghanistan
Class 10 - R.M.J Higher School
- 2013 · Afghanistan
