Follow weak signals until the story becomes clear.
SOC OPERATIONS / INCIDENT RESPONSE / THREAT HUNTING
Cybersecurity Analyst
Security operations analyst focused on SOC triage, endpoint response, WAF operations, threat hunting, DFIR, and practical reporting for banking, government, and enterprise environments.
Connect logs, behavior, identity, and context.
Separate practical risk from background noise.
Turn technical findings into decisions people can act on.
PROFESSIONAL HIGHLIGHTS
Operational security experience across SOC, banking, and government environments.
EDR/XDR Operations
Managed and investigated incidents across Cortex XDR, SentinelOne, CrowdStrike, Microsoft Defender, and other endpoint platforms.
Incident Response & Threat Hunting
Performed alert triage, IOC analysis, root cause investigation, phishing analysis, and proactive threat hunting.
Client-Facing Security Delivery
Led posture reviews, monthly reporting, analyst mentorship, SOP/playbook creation, and security onboarding.
PORTFOLIO / RESUME PROFILE
SOC analyst profile built on enterprise, banking, and government security operations.
Resume-backed overview of my cybersecurity experience, technical strengths, certifications, and client-facing security delivery.
Professional Summary
Cybersecurity professional with 4.5+ years in Security Operations, Cloud Security, Digital Forensics, and Incident Response across global SOC environments. Experienced in SIEM, EDR, XDR, endpoint forensics, threat hunting, MITRE ATT&CK-aligned detection, client-facing operations, analyst mentorship, and enterprise security onboarding.
Security Strengths
SOC Operations
Incident Response
Threat Hunting
DFIR
SIEM Administration
EDR/XDR Management
IOC Analysis
MITRE ATT&CK
Client Reporting
Certifications
CEH v12
CCNA
Fortinet NSE 1-3 & 5
Cortex XDR
ArcSight & Splunk SIEM
CCIO
Experience Timeline
Oct 2025 - Current
Senior Security Analyst, NTT Global Data Centers
- Administer Akamai WAF operations for a major banking client across 300+ hostnames.
- Oversee Palo Alto Cortex XDR across 5,000+ endpoints and lead incident response investigations.
- Conduct WAF log analysis and threat investigations to identify attack patterns and improve posture.
- Create monthly WAF and Cortex XDR reports for VPs and senior leadership.
- Recognized by client leadership for delivery standards in a high-stakes banking environment.
Oct 2024 - Apr 2025
Lead Analyst, SecurityHQ
- Directed the security operations lifecycle and drove a 95% 24-hour incident resolution rate.
- Investigated complex incidents, performed root cause analysis, and executed remediation actions.
- Led EDR/XDR integrations for high-impact clients aligned to detection use cases and controls.
- Created SOPs and SOAR playbooks from scratch to reduce triage time.
- Coached L1/L2 analysts and interns to improve response maturity.
Feb 2024 - Sept 2024
Associate Security Operations Analyst, IG Group
- Supported 24/7 internal security operations and rapid incident escalation management.
- Resolved security incidents with cross-functional teams while minimizing operational disruption.
- Performed IOC hunts to strengthen defensive controls and reduce exposure risk.
- Assessed user-reported phishing emails, derived attack patterns, and recommended preventive measures.
- Documented incident timelines and findings for audits, compliance, and regulatory reviews.
Jul 2023 - Dec 2023
Security Analyst Associate Tier 1, ReliaQuest
- Triaged 50+ daily alerts by correlating SIEM, XDR, and IDS/IPS logs.
- Partnered with detection engineers to refine rule logic and reduce false positives.
- Researched emerging attack patterns and adjusted detection strategies in GreyMatter XDR.
- Delivered tailored threat intelligence feeds through Digital Shadows for dark web and data exposure monitoring.
Sept 2021 - Jul 2023
Senior Security Analyst, NTT Global Data Centers
- Led security operations for an Indian government project, including onboarding and full-scope security operations.
- Supervised threat activity across 18,000 endpoints using EDR/XDR platforms.
- Correlated logs, identified root cause, and translated findings into new detection rules and policies.
- Improved threat coverage by 25% and maintained 100% SLA compliance.
- Presented incident reports and threat intelligence updates to clients and mentored L1 analysts.
SECURITY OPERATIONS SCOPE
Areas I have handled professionally
EDR/XDR Incident Response
Investigated and contained endpoint threats using platforms such as Cortex XDR, SentinelOne, CrowdStrike, Microsoft Defender, and other EDR/XDR tools.
- EDR/XDR
- Containment
- Root Cause
Phishing & IOC Investigation
Assessed user-reported phishing emails, derived attack patterns, conducted IOC hunts, and supported preventive controls.
- Email Security
- IOC Review
- Threat Intel
SIEM & Log Correlation
Correlated SIEM, XDR, IDS/IPS, and firewall telemetry to validate alerts, identify root cause, and improve signal quality.
- Splunk
- QRadar
- Azure Sentinel
WAF Security Operations
Administered Akamai WAF operations for banking environments, reviewed attack traffic, and prepared leadership-ready security reporting.
- Akamai WAF
- Attack Traffic
- Banking
Threat Intelligence & OSINT
Researched emerging attack patterns, reviewed IOCs, and used Digital Shadows and threat intelligence feeds to support monitoring decisions.
- OSINT
- Dark Web
- IOC Feeds
Digital Forensics & Malware Analysis
Reviewed endpoint evidence, suspicious processes, timelines, and artifacts to support containment, escalation, and incident documentation.
- DFIR
- Endpoint Evidence
- Timelines
Security Onboarding & Operations
Handled onboarding, monitoring, control coverage, and operational security delivery for enterprise and government SOC environments.
- Onboarding
- Operations
- Coverage
SOC Leadership & Playbooks
Created SOPs and SOAR playbooks, coached L1/L2 analysts and interns, and translated investigations into repeatable response workflows.
- SOPs
- SOAR
- Mentorship
BLOG / SECURITY WRITING
Security notes that feel like field reports.
Practical writeups built from ransomware response, alert triage, IOC analysis, and investigation patterns that can actually help another analyst work faster.
Loading blog posts...
Your writeups will appear here as soon as the latest content is available.
Please waitFULL ARTICLE VIEW
Select a post
Select any writeup to open the full article here.
CONTACT / START A CONVERSATION
Let us connect around security work, writing, or collaboration.
Send a concise note about security roles, SOC work, incident response collaboration, or writing opportunities. I will keep the conversation practical and focused.