Soc Analyst
Current- As a 24/7 Cyber Security Operations Center (SOC) member, played a crucial role in threat detection, incident response, and support.- Monitored and managed security events using IBM QRadar and Splunk Enterprise Security (ES); addressed a variety of security incidents, including authentication failures, malware connections, suspicious network traffic, firewall denials, and potential data exfiltration.- Conducted in-depth log analysis using SIEM solutions like IBM QRadar and Splunk ES, providing actionable recommendations to technical teams through TheHive and Jira ticketing systems.- Created executive summary reports detailing Indicators of Compromise (IOCs). - Utilized Endpoint Detection and Response (EDR) tools such as CrowdStrike Falcon and SentinelOne for device monitoring.- Employed Proofpoint cloud-based email security for analyzing email legitimacy, leveraging OSINT tools for file, domain, and email verification.- Performed network traffic analysis using Wireshark to identify and investigate anomalous activities. - Served as a SOC Team Lead assisting other Analysts with investigations and reporting.