About
SOC Analyst with 8+ years of overall IT experience and 5+ years in 24×7 Security Operations Center (SOC) environments. Strong hands-on expertise in SIEM monitoring, alert triage, incident response, log analysis, and escalation using DNIF, and ArcSight. Solid understanding of network security, firewalls, EDR/XDR, MITRE ATT&CK framework, SOC playbooks, SLAs. Proven ability to reduce false positives, improve detection quality, and support rapid incident containment. Seeking SOC Analyst with immediate joiner available.
Skills & Expertise (23)
Work Experience
Senior SOC Analyst
Tata Consultancy Services
Nov 2021 - Oct 2025
Monitored and analyzed security alerts in a 24x7 SOC using DNIF, ArcSight SIEM, handling network, endpoint, and firewall-related incidents. Performed alert triage and log analysis across network, firewall, endpoint, and system logs to identify malicious activity. Distinguished true positives vs false positives, reducing alert noise and improving SOC efficiency. Investigated incidents related to network traffic, firewall events, endpoint security, and authentication logs. Create and update SIEM rules, alerts, dashboards, and reports to improve detection quality. Documented incidents, investigations, and remediation actions in ServiceNow and Jira. Integrate new log sources into SIEM and validate log ingestion and parsing. Conducted daily SIEM health checks and coordinated with infrastructure teams to resolve log collection issues. Follow defined SOC SOPs, SLAs, and compliance requirements. Providing advanced technical guidance to L2 and documenting complex procedures and Act as an escalation point for L1 and L2 SOC Analyst. Coordinate with customers and internal teams to contain, remediate, and close high-priority incidents. Investigated brute-force attacks using Windows authentication logs (4625, 4740). Analyzed phishing incidents involving malicious URLs, credential harvesting, and account compromise. Performed malware investigations using endpoint alerts, hash analysis, and IOC enrichment. Mapped incidents to MITRE ATT&CK techniques and supported RCA documentation.
Security Engineer
Impact InfoTech Pvt. Ltd.
Oct 2020 - Jul 2021
Worked in a 24x7 Security Operations Center. Driving SIEM system integration, designing rules and dashboards to improve monitoring efficiency, and developing incident response plans, reducing containment times. Monitored and analyzed security alerts generated by various security devices and systems, including firewalls, IPS, Webserver, application, antivirus, and windows etc. Performing Real-Time Monitoring, Investigation, Analysis, Reporting and Escalations of Security Events from Multiple log sources. Elevating verified security incidents to the appropriate team for further investigation and action. Determine the scope of security incident and its potential impact to Client network; recommend steps to handle the security incident with all information and supporting evidence of security events. Doing the troubleshooting if any device is not sending the logs to the SIEM.
IT Engineer
Aforeserve.com limited
Oct 2017 - Sep 2020
Configured, installed, and troubleshot Cisco routers and switches in enterprise environments. Managed VLANs, STP, VTP, Port Security, Port Mirroring, and Link Aggregation. Configured and supported routing protocols including RIP, EIGRP, OSPF, and BGP. Performed firmware upgrades on routers, switches, and firewalls. Managed firewall policy creation, IP blacklisting, and access controls. Administered and backed up configurations for Palo Alto firewalls. Generated and scheduled security and traffic reports using Forti Analyzer. Ensured network security through MAC binding, port security, and access controls. Supported RMA activities and post-replacement configuration validation.
Desktop Support L2
Renovision Automation Services Pvt. Ltd
Mar 2016 - Oct 2017
Installed and administered Active Directory, user accounts, disk quotas, and file permissions. Configured and supported backup and restore operations. Resolved Windows OS, application, and network issues via remote and on-site support. Implemented antivirus solutions and resolved malware-related security incidents. Supported end-users for connectivity, printers, scanners, and peripheral devices. Provided technical support via phone, email, remote tools, and in-person troubleshooting. Installed and configured computer hardware, software, and networking equipment. Implemented antivirus solutions and resolved security issues related to malware infections. Installing and configuring computer hardware, software, peripherals, and networking equipment, Providing end-user contribute to, resolving technical issues, and as long as technical assistance for all Operating System and workstation applications.
Education
Bachelor of Technology (B.Tech) – Electronics & Communication Engineering - Uttar Pradesh Technical University (UPTU)
2010 - 2014 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Citizen
Relocation
Open to Relocation
Skills (23)
Click a skill to find developers with the same skill
