About
Security Analyst with 4+ years of experience in security operations and threat detection across hybrid cloud environments. Proficient in using SIEM and SOAR platforms for event correlation and automated response. Specialized in email threat protection, endpoint security, vulnerability management, and identity access governance.
Skills & Expertise (32)
Work Experience
Security Analyst
Crisil Limited
Jun-2021 - Current-Current
Implemented and managed Data Loss Prevention (DLP) controls across endpoints, email, and cloud platforms using Microsoft Purview, ensuring secure handling of sensitive data and alignment with organizational compliance requirements. Coordinated and delivered enterprise-wide vulnerability assessments through Qualys, Nessus, Wiz, and Microsoft Defender, actively tracking remediation efforts and ensuring timely resolution of high-risk findings. Conducted real-time threat monitoring and incident triage using Azure Sentinel (KQL) and Splunk, applying custom detection rules and escalating confirmed threats in accordance with predefined workflows. Enforced identity governance and access control policies using Azure Entra ID, including RBAC, Conditional Access, and MFA, to reduce the risk of unauthorized access and credential-based attacks. Maintained and optimized cloud security posture by leveraging Defender for Cloud, Wiz, and Azure CSPM, detecting misconfigurations, weak controls, and potential cloud-native threats. Investigated and mitigated endpoint and email threats using Microsoft Defender XDR, MDE, and Abnormal Security, effectively responding to malware infections, phishing attempts, and lateral movement. Configured and maintained accurate asset and vulnerability databases, ensuring continuous visibility and scan coverage across hybrid and cloud environments. Created and refined incident response playbooks and SOPs, enabling consistent handling of various alert types including DLP events, malware detections, and anomalous behavior across systems. Tuned SIEM alert thresholds, correlation rules, and DLP detection policies to enhance alert quality, reduce false positives, and improve operational response time. Developed and executed SOAR playbooks in Azure Sentinel (Logic Apps) for automated response, including phishing investigations, endpoint isolation, and malicious IP blocking. Collaborated with GRC and compliance teams to align technical security controls with regulatory frameworks, audit requirements, and internal risk management policies. Performed post-incident analysis using SOAR-generated investigations artifacts, ensuring accurate RCA and documentation for compliance audits. Monitored and secured network activity via Netskope CASB, Akamai WAF, and Fortinet Firewalls, ensuring both perimeter defense and cloud traffic protection. Translated technical findings into business-aligned risk reports, delivering actionable insights to stakeholders and guiding remediation priorities based on operational impact. Participated in on-call rotations and led the resolution of high-priority incidents, ensuring minimal downtime and effective communication across security, IT, and business units. Provided guidance and mentorship to junior SOC analysts, supporting skill development in triage, alert handling, and vulnerability management workflows. Ensured security operations aligned with recognized industry frameworks including MITRE ATT&CK, CIS Benchmarks, and OWASP Top 10, improving organizational detection and response maturity. Evaluated and adjusted vulnerability scoring models based on CVSS and threat intelligence, continuously refining prioritization criteria to reflect evolving security landscape.
Education
Master of Science in Computer Applications
2013 - 2013 · India
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Other
Relocation
Open to Relocation