Ahalya Rathnam

SOC Analyst with around 3 years of experience in SOC operations, specializing in SIEM monitoring, alert triage, and incident investigation using Splunk and IBM QRadar. Skilled in threat detection, log correlation, and SIEM rule tuning to improve detection efficiency. Experienced in Active Directory analysis, phishing investigations, and endpoint security using CrowdStrike, Proofpoint, and Cofense.

Familiar with SOAR concepts, including playbook development and basic automation workflows, with working knowledge of Python.

SOC Analyst at CGI Inc. (2023-08 – 2026-04)

• Monitored and investigated security alerts using Splunk and IBM QRadar, identifying suspicious activities and potential security incidents in real time.
• Performed incident triage, threat detection, and response by correlating events across multiple log sources within SIEM platforms, improving detection accuracy and response efficiency.
• Analyzed system, network, and application logs to detect abnormal user behavior, unauthorized access attempts, and potential threats aligned with MITRE ATT&CK techniques.
• Investigated Active Directory events including authentication anomalies, privilege escalations, and failed login attempts to identify suspicious activities.
• Conducted endpoint threat analysis using CrowdStrike, identifying malware, suspicious processes, and indicators of compromise (IOCs) to support incident response.
• Analyzed phishing emails, malicious URLs, and attachments using Proofpoint and Cofense, following defined incident response procedures and standard workflows to ensure consistent threat handling.
• Performed network traffic and firewall log analysis, identifying suspicious IP connections and abnormal traffic patterns using TCP/IP, DNS, and HTTP protocols.
• Executed initial incident response activities following predefined workflows and standard incident response procedures, escalating high-severity threats with detailed investigation findings.
• Assisted in SIEM alert tuning and rule optimization, improving detection efficiency and supporting structured response workflows aligned with automation and SOAR concepts.
• Conducted phishing simulation campaigns and social engineering assessments using Cofense to improve user security awareness.
• Monitored infrastructure and system health using Zabbix, ensuring high availability and identifying performance or security issues proactively.
• Supported patch management processes, ensuring timely deployment of security updates to mitigate vulnerabilities.

M.Sc. in Cyber Security – National Forensic Sciences University, Gandhinagar, Gujarat (2021-11 – 2023-06)

B.SC. in Cyber Forensics – School of Technology and Applied Sciences, Edappally, Kerala (MG University) (2018-08 – 2021-09)