Cyber Security Analyst | SOC Analyst with 3+ years of experience in 24x7 Security Operations Center (SOC) environments. Skilled in SIEM monitoring, security event analysis, alert triage, incident investigation, and incident response across endpoint, email, and network security domains. Experienced in handling 25–40 alerts per day, performing severity classification, IOC analysis, and ensuring SLA-driven incident management. Strong understanding of the Incident Response Lifecycle, MITRE ATT&CK framework, and Cyber Kill Chain, with proven ability to reduce false positives, escalate high-severity threats, and maintain accurate incident documentation in enterprise SOC operations.
Currently working in an enterprise-level 24x7 Security Operations Center (SOC), responsible for advanced security monitoring, in-depth incident investigation, threat correlation, and response across endpoint, email, and network infrastructures. Focused on handling high-severity incidents, improving detection efficiency, and strengthening overall security posture through proactive analysis and collaboration.
Roles & Responsibilities
SIEM Monitoring & Threat Detection
Monitor and analyze correlated security events in SIEM to detect advanced threats across endpoint, network, and cloud environments
Root Cause Analysis
Perform root cause analysis (RCA) for high and critical security incidents, identifying attack vectors and impacted assets
Supported SIEM use case tuning and alert optimization to improve detection accuracy
Endpoint Forensics
Conduct endpoint forensic triage using EDR telemetry to identify persistence mechanisms and malicious processes
Malware & URL Analysis
Analyze malicious files and URLs using sandboxing and threat intelligence platforms to determine impact and risk level
Alert Validation & Enrichment
Validate and enrich alerts using IOC feeds (hash, IP, domain reputation) before escalation or containment
Incident Communication
Participate in incident bridge calls with stakeholders during critical incidents to provide real-time technical updates
SLA & Compliance
Ensure adherence to SLA metrics and maintain quality incident documentation for audit and compliance requirements
Enterprise Security Operations Center (SOC) Operations
Wipro Limited | SOC Analyst | Dec 2022 – Apr 2025
Roles & Responsibilities
24x7 SIEM Monitoring
Performed 24x7 SIEM monitoring, analyzing 25–40 security alerts per day across endpoint, email, and network environments
Alert Triage & Validation
Conducted alert triage and validation, reducing false-positive alerts by 20% through contextual and log-based analysis
IOC Identification
Executed indicator of compromise (IOC) identification and correlation using SIEM logs, email artifacts, and endpoint telemetry
Incident Classification
Classified incidents based on severity (Low / Medium / High) and ensured timely escalation of medium to critical incidents to L2/L3 teams
Incident Response Lifecycle
Supported the full incident response lifecycle, including containment, eradication, recovery, and remediation coordination
MITRE ATT&CK Mapping
Mapped security incidents to MITRE ATT&CK tactics and Cyber Kill Chain stages to improve threat classification and analysis
Phishing Investigations
Performed detailed phishing email investigations, analyzing headers, URLs, and attachments to mitigate user risk
Incident Documentation
Maintained accurate incident documentation in ServiceNow and collaborated with infrastructure and security teams during root cause analysis (RCA) and remediation
Education & Certifications
Education
Bachelor of Technology (B.Tech) in Computer Science and Engineering
Dr. Babasaheb Ambedkar Technological University
July 2019 – July 2022
Kolhapur, Maharashtra
CGPA: 9.01/10
Certifications & Training
Wipro Internal SOC Training
Alert triage, incident investigation, escalation, and reporting.