About
6 months of experience in monitoring security alerts using Azure Sentinel (SIEM) for real-time threat detection. Supported SOC team in triaging incidents, analyzing logs, and identifying suspicious activity. Helped investigate security events and escalated critical findings to senior analysts. Performed basic analysis of network traffic using knowledge of TCP/IP, OSI model, VPN, and security protocols. Assisted in identifying and responding to phishing, malware, brute force, and suspicious login attempts. Worked on mapping security incidents to MITRE ATT&CK techniques for better investigation understanding. Supported incident handling using the Incident Response Life Cycle (Detection → Analysis → Containment → Recovery). Helped validate alerts from Microsoft Defender XDR and collected evidence for investigations. Assisted in reviewing IDS/IPS, firewall, and endpoint security alerts to reduce false positives. Supported blocking of malicious URLs and IPs to improve proactive defense. Gained exposure to security frameworks like Cyber Kill Chain and common OWASP vulnerabilities. Maintained documentation for incidents, findings, and investigation steps for SOC reporting.
Skills & Expertise (17)
Work Experience
SOC Analyst L1 Intern
Rout Technologies
Aug 2025 - Jan 2026
Monitored, analyzed, and triaged security alerts for multiple client environments in a 24x7 MSSP setup. Strong understanding of security solutions such as Antivirus, IPS, and Email Security. Perform real-time event monitoring and correlation through SIEM tools such as Azure Sentinel. Investigate and respond to alerts from multiple log sources including Static and Dynamic alerts on endpoints with deep-dive investigations using Microsoft Defender XDR. Analyze and respond to infrastructure vulnerabilities and threats, including Phishing and Spam Email Analysis. Utilize strong knowledge of Intrusion Detection (deep TCP/IP understanding), and experience with IDS/IPS, firewalls, and various operating systems (Windows/Linux) for cybersecurity measures. Investigate security incidents to determine the root cause. Serve as the first point of contact for security issues, coordinating rapid responses to security incidents and breaches. Monitor and analyze SIEM alerts, raising security incidents in the Ticketing tool. Good knowledge in writing KQL queries.
Education
Bachelor of Science (Information of Technology) - Maharaja Agrasen Himalayan Garhwal University
2021 - 2024 · Afghanistan
