Mumbai, Maharashtra, India
Dynamic SOC Analyst with 3+ years of hands-on experience in threat detection, incident response, and security operations. I am a Security Analyst with Responsibilities of soc operations focusing on SIEM monitoring. I responsible for 24/7 SIEM monitoring, analyzing security events and providing incident response as First Responser. I have exceptionally good understanding of network security related tools.
Hands-on experience in handling various SIEM solutions like Qradar for analyzing logs from Network devices, Security Devices, Endpoints. Monitoring SIEM Alerts and reviewing SIEM reports for detecting security incidents and malicious activities. Using Symphony Summit to handle & track all kinds of incidents. Co-coordinating with customer security team and customer business team related to security event and incident discussion. Supporting and guiding business team for closure of security events and incidents related ticket. Responsible for first level incident response and incident management in managed SOC for different industries. Responsible for performing investigation of the incidents captured in the SIEM and notifying clients with all the findings. Responsible for monitoring the phishing attempts. Hand-on Experience in handling incidents and ensuring SLA’s to be met.
Monitored and triaged security alerts from SIEM, EDR, email security, and network tools. Performed initial alert validation, identifying false positives and escalating true incidents. Executed incident response playbooks for phishing, malware, brute-force, and suspicious login cases. Conducted log analysis across Windows systems, network logs, and security tools. Investigated phishing emails, malicious URLs, and attachments. Validated Indicators of Compromise (IOCs) using internal tools and threat intelligence sources. Analyzed alerts from IDS/IPS and network security tools to detect anomalies. Assisted in incident containment and remediation actions. Created and maintained incident tickets in ServiceNow / Symphony Summit. Documented incident findings, RCA reports, and investigation steps. Worked in 24x7 SOC environment with shift rotations and SLA adherence.