India
With 5 years of experience across both MSSP and in-house SOC environments, I specialize in SOC operations, incident response (IR), threat intelligence (TI), threat hunting, malware analysis, CrowdStrike Falcon administration, and DFIR. I bring strong expertise in log analysis, SIEM operations, endpoint protection, cloud security (AWS, Azure), and vulnerability management, consistently improving detection and response efficiency. I have hands-on experience in 24/7 SOC monitoring, including phishing detection, adversary tracking, and shift leadership during high-severity incidents. Skilled in incident handling, documentation, and digital forensics, I work across Windows, Linux, and macOS environments, performing disk and memory analysis with leading forensic tools. Key Competencies Incident Response & Threat Hunting: Detection, triage, containment, recovery, and malware analysis aligned with MITRE ATT&CK. Threat Intelligence: Deep/dark web monitoring, enrichment via Anomali, Group-IB, and Recorded Future for proactive threat hunting. SOC Operations: SIEM tuning, case management, escalation workflows, and process improvement. Tools & Platforms: Splunk, IBM QRadar, CrowdStrike Falcon, Microsoft Defender, Darktrace, Anomali, VirusTotal, Wiz, CyberArk, Jira, ServiceNow. Technical Proficiency Threat Intel: Digital Shadows, Cybersixgill, Group-IB, DomainTools SIEM & SOAR: Splunk, IBM QRadar, Siemplify, Splunk Phantom Endpoint & Email Security: CrowdStrike, Microsoft Defender for Endpoint & Office 365, KnowBe4 Cloud Security: AWS, Azure, Microsoft Defender for Cloud, Wiz Forensics & Sandbox: Falcon Sandbox, Joe Sandbox, VMRay, Recorded Future OS & Scripting: Kali Linux, Windows, Core Java, C, C++, KQL, AQL, SPL Perimeter & Risk: Akamai, Check Point, Arbor, Zscaler, SecurityScorecard Experienced in managing and configuring the CrowdStrike Falcon EDR platform for enterprise-grade threat detection and response. Passionate about threat intelligence-driven defense, advanced IR, and proactive hunting to strengthen enterprise cyber resilience. š§ [email protected] | š +91-9990397641 #socanalyst #cybersecurity #incidentresponse #threatintelligence #threathunting #dfir #malwareanalysis #siem #soar #edr #cloudsecurity #aws #azure #vulnerability #crowdstrike #microsoft #paloalto #zscaler #VisaSponsorship #GlobalTalent #SecurityAutomation #Netherlands #Germany #Ireland #UK #France #Switzerland #Belgium #Luxembourg #Sweden #Norway #Denmark #Finland #Poland #Spain #Italy #Portugal #Austria #CzechRepublic #Hungary #Estonia #Lithuania
⢠Phishing Incident Response: Investigated and remediated phishing incidents using M365, KnowBe4, Siemplify, ServiceNow (SNOW), OSINT, and Sandbox environments. ⢠Vendor & Brand Risk Assessment: Monitored vendor risks via Security Scorecard and conducted brand protection assessments using Digital Shadows. ⢠Deep & Dark Web Monitoring: Performed intelligence gathering and threat monitoring through CyberSixGill. ⢠Threat Hunting: Conducted hypothesis-driven and intelligence-driven threat hunting, delivering actionable day-to-day threat and vulnerability advisories using various TI and open-source platforms. ⢠Query & Detection Skills: Hands-on experience with AQL queries and Sigma/YARA rules creation for threat detection. ⢠AI & Automation: Applied ChatGPT (OpenAI) to enhance SOC workflows and day-to-day threat analysis. ⢠Business Email Compromise (BEC): Responded to and analyzed the most commonly used initial access vectors, mitigating BEC threats. ⢠Attack Surface Reduction: Provided global advisories on trending threats and vulnerabilities to strengthen organizational defenses. ⢠MITRE ATT&CK Mapping: Mapped TTPs to configured SIEM rules and reviewed threat/vulnerability advisories before publication. ⢠Malware Analysis & De-obfuscation: Basic knowledge of de-obfuscating malicious URLs and attachments; performed static and dynamic malware analysis, including PE and non-PE files (OLE, PDF, HTML, HTA, VBS/VBE, One, JS, WSF, JAR, LNK). ⢠Ransomware Awareness: Familiar with ransomware incident response, attack vectors, TTPs, and encryption methods. ⢠Programming & Scripting: Experience with C, C++, Java, PowerShell, Python, and other scripting languages. ⢠Retro Hunt: Conducted retroactive threat hunts using VirusTotal to identify historical compromise indicators.
⢠Actively contribute to day-to-day threat and vulnerability advisories, providing actionable insights to enhance organizational security posture. ⢠Monitor Surface, Deep, and Dark Web activity using Digital Shadows Threat Intelligence Platform to identify emerging threats. ⢠Track and investigate alerts via SIEM and SOAR platforms, ensuring timely detection and response to potential security incidents. ⢠Conduct threat intelligence-driven and hypothesis-based threat hunting to proactively identify and mitigate risks.
- Gained knowledge about Core Java - Created website with help of Angular8 and Firebase