Yash Verma

Cybersecurity | Security operations Center (SOC) | SOAR | Threat Intelligence | Threat Hunting | Malware Analysis | Incident Responder (IR) | Cloud Security (AWS, Azure) | Certified CompTIA Sec+ | AI Security

India

About

With 5 years of experience across both MSSP and in-house SOC environments, I specialize in SOC operations, incident response (IR), threat intelligence (TI), threat hunting, malware analysis, CrowdStrike Falcon administration, and DFIR. I bring strong expertise in log analysis, SIEM operations, endpoint protection, cloud security (AWS, Azure), and vulnerability management, consistently improving detection and response efficiency. I have hands-on experience in 24/7 SOC monitoring, including phishing detection, adversary tracking, and shift leadership during high-severity incidents. Skilled in incident handling, documentation, and digital forensics, I work across Windows, Linux, and macOS environments, performing disk and memory analysis with leading forensic tools. Key Competencies Incident Response & Threat Hunting: Detection, triage, containment, recovery, and malware analysis aligned with MITRE ATT&CK. Threat Intelligence: Deep/dark web monitoring, enrichment via Anomali, Group-IB, and Recorded Future for proactive threat hunting. SOC Operations: SIEM tuning, case management, escalation workflows, and process improvement. Tools & Platforms: Splunk, IBM QRadar, CrowdStrike Falcon, Microsoft Defender, Darktrace, Anomali, VirusTotal, Wiz, CyberArk, Jira, ServiceNow. Technical Proficiency Threat Intel: Digital Shadows, Cybersixgill, Group-IB, DomainTools SIEM & SOAR: Splunk, IBM QRadar, Siemplify, Splunk Phantom Endpoint & Email Security: CrowdStrike, Microsoft Defender for Endpoint & Office 365, KnowBe4 Cloud Security: AWS, Azure, Microsoft Defender for Cloud, Wiz Forensics & Sandbox: Falcon Sandbox, Joe Sandbox, VMRay, Recorded Future OS & Scripting: Kali Linux, Windows, Core Java, C, C++, KQL, AQL, SPL Perimeter & Risk: Akamai, Check Point, Arbor, Zscaler, SecurityScorecard Experienced in managing and configuring the CrowdStrike Falcon EDR platform for enterprise-grade threat detection and response. Passionate about threat intelligence-driven defense, advanced IR, and proactive hunting to strengthen enterprise cyber resilience. šŸ“§ [email protected] | šŸ“ž +91-9990397641 #socanalyst #cybersecurity #incidentresponse #threatintelligence #threathunting #dfir #malwareanalysis #siem #soar #edr #cloudsecurity #aws #azure #vulnerability #crowdstrike #microsoft #paloalto #zscaler #VisaSponsorship #GlobalTalent #SecurityAutomation #Netherlands #Germany #Ireland #UK #France #Switzerland #Belgium #Luxembourg #Sweden #Norway #Denmark #Finland #Poland #Spain #Italy #Portugal #Austria #CzechRepublic #Hungary #Estonia #Lithuania

Experience

  • Synchrony | Manager, Detection and Response at Synchrony
    Oct 2025 - Present Ā· 10 mos

  • National Australia Bank | Cyber Response Analyst at NAB
    Oct 2023 - Sep 2025 Ā· 2 yrs

  • HCL Technologies (Full-time Ā· 3 yrs)
    • Analyst | SRT (Security Response Team) | TI | TH | IR | Malware Analysis | Security operation Center
      Oct 2021 - Sep 2023 Ā· 2 yrs

      • Phishing Incident Response: Investigated and remediated phishing incidents using M365, KnowBe4, Siemplify, ServiceNow (SNOW), OSINT, and Sandbox environments. • Vendor & Brand Risk Assessment: Monitored vendor risks via Security Scorecard and conducted brand protection assessments using Digital Shadows. • Deep & Dark Web Monitoring: Performed intelligence gathering and threat monitoring through CyberSixGill. • Threat Hunting: Conducted hypothesis-driven and intelligence-driven threat hunting, delivering actionable day-to-day threat and vulnerability advisories using various TI and open-source platforms. • Query & Detection Skills: Hands-on experience with AQL queries and Sigma/YARA rules creation for threat detection. • AI & Automation: Applied ChatGPT (OpenAI) to enhance SOC workflows and day-to-day threat analysis. • Business Email Compromise (BEC): Responded to and analyzed the most commonly used initial access vectors, mitigating BEC threats. • Attack Surface Reduction: Provided global advisories on trending threats and vulnerabilities to strengthen organizational defenses. • MITRE ATT&CK Mapping: Mapped TTPs to configured SIEM rules and reviewed threat/vulnerability advisories before publication. • Malware Analysis & De-obfuscation: Basic knowledge of de-obfuscating malicious URLs and attachments; performed static and dynamic malware analysis, including PE and non-PE files (OLE, PDF, HTML, HTA, VBS/VBE, One, JS, WSF, JAR, LNK). • Ransomware Awareness: Familiar with ransomware incident response, attack vectors, TTPs, and encryption methods. • Programming & Scripting: Experience with C, C++, Java, PowerShell, Python, and other scripting languages. • Retro Hunt: Conducted retroactive threat hunts using VirusTotal to identify historical compromise indicators.

    • Graduate Trainee Engineer | Digital Threat Intelligence Team | Security Operations Center
      Oct 2020 - Oct 2021 Ā· 1 yr 1 mo

      • Actively contribute to day-to-day threat and vulnerability advisories, providing actionable insights to enhance organizational security posture. • Monitor Surface, Deep, and Dark Web activity using Digital Shadows Threat Intelligence Platform to identify emerging threats. • Track and investigate alerts via SIEM and SOAR platforms, ensuring timely detection and response to potential security incidents. • Conduct threat intelligence-driven and hypothesis-based threat hunting to proactively identify and mitigate risks.

  • Summer Intern at S O Info Tech Private Limited
    Jun 2019 - Aug 2019 Ā· 3 mos

    - Gained knowledge about Core Java - Created website with help of Angular8 and Firebase

  • Java Programmer at Ducat India
    Jun 2018 - Jul 2018 Ā· 2 mos