Professional Summary

Cybersecurity professional with 3 years of SOC experience in threat detection, incident response, and cloud security. Skilled at leading analysts, reducing false positives, and strengthening defenses across EDR, SIEM, and DLP platforms. Certified in AWS, Azure, and CompTIA, with proven ability to deliver actionable intelligence and advise clients on effective risk mitigation against evolving threats.

Threat Hunting Incident Response EDR (CrowdStrike) SIEM (Kibana / LogScale) Netskope DLP AWS / Azure Security

Technical Skills

Security

EDR (CrowdStrike), SIEM (Kibana / LogScale / ManageEngine), Netskope DLP, Vulnerability Mgmt, Threat Intel

Networking

TCP/IP, DNS, DHCP, Firewalls, IDS/IPS, VLAN, 802.1X, Syslog, Netflow, Wireshark, Nmap

Cloud

AWS, Azure, Microsoft 365

IAM

Intune, Active Directory / Group Policy, AWS IAM

Experience

SOC Supervisor / Analyst — InPhySec (a Fujitsu Company)

Jan 2024 – Present
  • Lead SOC analysts to deliver detection, triage, and incident response.
  • Threat hunting across CrowdStrike Falcon, SIEM, and Microsoft Defender.
  • Review and tune Netskope DLP policies to reduce false positives.
  • Monitor threat intel and notify clients of exposures.
  • Collaborate with engineers and stakeholders to remediate incidents.

SOC Analyst — InPhySec

Oct 2023 – Jan 2024
  • Monitored network, endpoint, and cloud telemetry; investigated alerts.
  • Tuned detections to cut false positives and improve focus.
  • Supported containment and recovery during incident response.

Junior SOC Analyst — InPhySec

Oct 2022 – Oct 2023
  • Performed triage of detections against SLAs; escalated true positives.
  • Assisted in threat hunting and forensic analysis.
  • Deployed DLP solutions and used SIEM for correlation.

Selected Projects

LOLBins Hunting — developed and optimized Falcon queries to detect misuse.

Led an initiative to detect and mitigate LOLBin misuse in client environments. Built and fine-tuned CrowdStrike Falcon threat hunting queries by analyzing expected binary behavior, reviewing collected data, and identifying deviations that signaled malicious use.

RMM Tool Abuse Detection — built detection hunts to uncover unauthorized RMM activity.

Developed targeted Falcon queries to uncover unauthorized or suspicious use of RMM tools. Reviewed tool usage patterns, analyzed supporting data, and highlighted abnormal activity, enabling clients to reduce the risk of remote access abuse.

Browser Extension Risk Review — assessed extension usage and defined monitoring patterns.

Conducted a structured review of browser extensions to identify malicious or high-risk activity. Gathered and analyzed extension data in Falcon, pinpointed suspicious behaviors, and provided clients with strategies to mitigate risks from unsafe or compromised extensions.