• Lead and coordinate incident response activities, ensuring timely identification, containment, eradication, and recovery from security incidents.• Conduct thorough analysis of security alerts and incidents, utilizing SIEM tools, EDR, log analysis, and other security technologies.• Develop and refine incident response procedures and playbooks to improve response efficiency and effectiveness.• Collaborate with cross-functional teams to investigate and remediate security incidents, working closely with IT, legal, and management stakeholders.• Monitored and analyzed security alerts, leveraging the MITRE ATT&CK Framework to identify patterns and potential threats.• Collaborate with SOC analysts on 24/7 call rotation, incident response teams, and system administrators to ensure timely resolution of security incidents.• Managed daily SOC operations, overseeing the monitoring of security alerts and incidents. Implement and fine-tune security detection and monitoring tools to enhance threat detection capabilities.• Experience managing queries to enhance threat detection and response capabilities in endpoint Detection and Response (EDR) • Analyzed and investigated security incidents, including malware infections, phishing attacks, and unauthorized access attempts.• Conducted digital forensics/malware analysis to determine the scope and impact of security incidents and implement appropriate tuning rules. • Collaborated with internal teams to implement security controls and preventive measures based on incident findings.• Develop engineering solutions to improve team efficiency by implementing solutions for repetitive processes.

• Monitored and analyzed SIEM, EDR alerts, network traffic, Azure Sentinel and log data to proactively identify and investigate potential security incidents.• Develop and refine incident response procedures and playbooks to improve response efficiency and effectiveness.• Collaborate with cross-functional teams to investigate and remediate security incidents, working closely with IT, legal, and management stakeholders.• Monitored and analyzed security alerts, leveraging the MITRE ATT&CK Framework to identify patterns and potential threats.• Experience in implementing and managing Endpoint Detection and Response EDR solutions to detect and responding to advanced threats.• Responsible for managing blue team operations and working on the security gaps within the organization.• Worked on analyzing cloud trail log and guard duty logs from AWS.• Experience managing queries to enhance threat detection and response capabilities in endpoint Detection and Response (EDR) • Provide 24/7 on-call support for critical incidents and contribute to the continuous improvement of incident response processes.• Lead a team of SOC analysts in monitoring and responding to security incidents, ensuring timely and effective resolution.• Analyzed and investigated security incidents, including malware infections, phishing attacks, and unauthorized access attempts.• Conducted digital forensics/malware analysis to determine the scope and impact of security incidents and implement appropriate tuning rules. • Collaborated with internal teams to implement security controls and preventive measures based on incident findings.• Developed and delivered training sessions to educate employees on security awareness and best practices.

• Lead and coordinate incident response activities, ensuring timely identification, containment, eradication, and recovery from security incidents.• Conducted threat hunting using the MITRE ATT&CK framework to detect and respond to advanced threats.• Skilled in investigating security incidents, conducting forensic analysis, and identifying indicators of compromise (IOCs)• Strong understanding of threat actor profiles and tactics, techniques, and procedures (TTPs). • Utilized Open Source Intelligence (OSINT) to gather relevant information about potential threats, threat actors, and vulnerabilities.• Developed and implemented incident response playbooks and procedures to ensure consistent and effective response to security incidents.• Assisted in the development and documentation of standard operating procedures for the SOC team and participated in 24/7 on-call rotation for incident response and escalations.• Implemented and managed firewall rules, VPN connections, and intrusion detection/prevention systems (IDS/IPS) in Palo Alto.• Conducted regular security audits and network scans to identify vulnerabilities and weaknesses.• Monitored cloud security logs and alerts, investigating, and mitigating potential threats in real-time.• Lead in monthly security risk briefings and make recommendations on any adjustments necessary to mitigate the risks.• Assist with the evaluation, selection and integration of security related tools and leverage them appropriately to deliver desired results in line with security policies.

• Monitor security alerts using SIEM tools, analyze incidents, and conduct in-depth investigations to identify and respond to security threats.• Collaborate with other SOC analysts, incident response teams, and system administrators to ensure timely resolution of security incidents.• Managed daily SOC operations, overseeing the monitoring of security alerts and incidents.Implement and fine-tune security detection and monitoring tools to enhance threat detection capabilities.• Provide detailed incident reports, root cause analysis, and recommendations for improving security posture.• Participated in the development and implementation of SOC procedures, including incident handling, escalation, and communication processes.• Conducted security log analysis, reviewed alerts, and performed correlation of events to identify potential security incidents.• Worked closely with threat intelligence sources to stay abreast of emerging threats and vulnerabilities.• Assisted in the maintenance and improvement of security documentation and knowledge base.• Monitored security alerts and incidents, responding to and mitigating potential threats.• Worked closely with threat intelligence teams to stay informed about the latest cyber threats and vulnerabilities.• Conducted log analysis, created reports, and provided recommendations for enhancing the security posture.• Participated in tabletop exercises and drills to ensure effective incident response capabilities.• Designed and implemented network security measures to safeguard critical assets and prevent unauthorized access.• Conducted security reviews of network infrastructure, identified vulnerabilities, and recommended corrective actions.• Collaborated with cross-functional teams to develop and implement incident response plans.• Regularly updated and maintained firewall rules, intrusion detection/prevention systems, and access controls.