Cyber Security Analyst
CurrentMonitored systems and promptly detected security threats and breaches within a SOC environment, contributing significantly to SOC operations and establishing a strong foundation as a security analyst•Monitored and detected cyber events by using various sources including IDS/IPS, email, web security, WAF, NetFlow and Threat Intelligence through the Splunk SIEM system•Identified potential threats through SIEM alerts and reported to internal management and client •Triaged security alerts and assisted in identifying incident category and severity•Analyzed and investigated security alerts, maintained SOC incident Run sheet•Implemented incident management policies and processes including containment and remediation•Contributed to update incident response playbooks and process improvements •Completed SOC monthly report to senior management and alerted customers•Developed Splunk dashboards to enhance team visibility, enabling efficient trend analysis, anomaly detection, and rapid identification of critical events•Collaborated with team to optimize cloud servers, resulting in a 30% cost reduction