Amey Mohite

Cybersecurity professional with 3.4 years of experience in Security Operations Center (SOC), Incident Response, Threat Hunting, Security Monitoring, and SIEM Administration, having experience of hands-on IBM QRadar Administration. Experienced in monitoring and analyzing security events from endpoints, networks, servers, cloud environments, and identity platforms using SIEM, EDR/XDR, IDS/IPS, Firewall, and Cloud Security tools. Having knowledge of Google Chronicle and SecOps.

Strong expertise in incident triage, offense investigation, root cause analysis, malware detection, threat intelligence, vulnerability management, QRadar administration, log source onboarding, correlation rule tuning, and security operations. Proven ability to work in 24×7 SOC environments and improve security posture through proactive monitoring and continuous improvement initiatives.

SOC Analyst - Infosys.Pvt.Ltd - Pune

• Monitor and investigate security alerts using IBM QRadar, CrowdStrike Falcon, IDS/IPS, Firewalls, VPN, and Cloud Security tools.
• Perform incident triage, threat analysis, containment, remediation, and root cause analysis.
• Conduct proactive threat hunting using IOCs and MITRE ATT&CK techniques.
• Administer IBM QRadar environment including log source onboarding, DSM troubleshooting, offense investigation, correlation rule tuning, and use-case optimization.
• Create incident reports, SOC dashboards, executive reports, and operational documentation.
• Reduced false positives by tuning correlation rules and optimizing detection logic.
• Monitored SIEM alerts and investigated phishing, malware, brute-force, and account compromise incidents.
• Performed log analysis across Windows, Linux, Firewall, VPN, and Active Directory environments.
• Assisted in incident response, threat intelligence analysis, and remediation activities.

IBM QRadar Administration - Infosys.Pvt.Ltd - Pune

• Administer IBM QRadar SIEM platform supporting enterprise-wide security monitoring.
• Onboard and configure log sources including Windows, Linux, Firewalls, VPNs, Active Directory, and security appliances.
• Troubleshoot DSM parsing issues and ensure accurate event normalization.
• Perform offense investigation and deep event analysis.
• Create, modify, and tune correlation rules and custom use cases.
• Monitor QRadar health, event collection, and system performance.
• Manage EPS/FPS utilization and optimize SIEM performance.
• Support QRadar patch upgrades, deployment changes, backup and restore activities.
• Participate in HA monitoring and disaster recovery validation.
• Strong understanding of MITRE ATT&CK Framework and Cyber Kill Chain.
• Experience working in 24×7 SOC environments.
• Excellent analytical, troubleshooting, and incident investigation skills.
• Effective collaboration with infrastructure, network, cloud, and application teams.

B.Tech - Mechanical - Shivaji University, Kolhapur (2022)