SOC Analyst at PegasusInfoCorp (Client-Protean eGov Technologies Ltd) (2025-03 – Present)
SOC Analyst with hands-on experience on Splunk, Innspark SIEM Tool, and SOAR
- Hands on experience on Splunk, Inn spark, SIEM Tool, and experience on SOAR
- Investigated and triaged security alerts, performing log analysis across Windows, Linux, firewall, and network devices
- Created and fine-tuned custom correlation rules in SIEM to detect brute-force attacks, privilege escalation, lateral movement, and suspicious login patterns
- Reducing false positives through improved correlation rules and fine-tuned detection logic
- Onboarded new assets (servers, endpoints, firewalls, applications, network device) into SIEM by configuring log forwarding, validating log integrity, and normalizing event fields
- Prepared daily, weekly, and monthly security monitoring reports highlighting incident trends, critical alerts, and SLA adherence
- Created automated playbooks using SOAR tools to perform IOC enrichment, user isolation, and ticket creation
SOC Analyst - L1 at IU Technologies Pvt. Ltd. (2024-03 – 2025-03)
SOC Analyst L1 focused on security event monitoring, alert analysis, and incident response
- Monitored and analyzed security events using SIEM tools such as Splunk and to detect suspicious activities and potential security breaches
- MonitoringSecurity alerts generated by SIEM
- Performing Real-Time Monitoring, investigation, analysis, reporting, and Escalations of Security alerts from various log sources
- Analyzing SIEM alerts by following runbooks and using tools
- Analysis on alerts such as malware, Brute Force Attack, Port Scanning Activity, and Phishing Email
- Analyze various open-source and paid threat intelligence and use them forthreat hunting activities
- Good knowledge of the Cyber Kill Chain and MITRE ATT&CK framework to identify attack stages
- Follow-up with incident responds to estimator remediation
