Infant Nirmal Priyan J
Bangalore
Summary
Certified Security Analyst with 5+ years of specialized experience in Information Security and SOC operations, equipped with certifications including Microsoft Azure Security (AZ-500), Microsoft Security, Compliance, and Identity Fundamentals (SC-900), Splunk Fundamentals, and CCSP. Skilled in SIEM operations, real-time threat monitoring, and incident response with tools like Splunk, XSOAR, IBM QRadar, and Azure Sentinel.
Demonstrated expertise in threat investigation and documentation, identifying Indicators of Compromise (IOCs) to support comprehensive incident analysis. Proficient in vulnerability assessment with Qualys and knowledgeable in network protocols (OSI layers, TCP/IP, DNS, DHCP), firewall monitoring, and Azure IAM for secure access management.
Works closely with service areas to implement recommendations based on threat findings, ensuring robust security practices and proactive incident containment. Known for strong analytical skills, attention to detail, and a commitment to enhancing security across all operations.
Overview
6
6
years of professional experience
Work History
Cyber Security Analyst
HCL
06.2022 - Current
- Monitored 24x7 SOC alerts (P1-P3) and investigated incidents using SIEM tools including Splunk, QRadar, XSOAR, Azure Sentinel, and Microsoft Defender.
- Conducted log monitoring and analysis across various devices, such as firewalls, EDR, MDI, MDE, MCAS and web servers, in rotational shifts.
- Created and updated SIEM dashboards in XSOAR and Splunk to streamline data analysis and track daily threats; maintained daily health checks and operational metrics.
- Prepared and presented daily reports of alert activity for SecOps meetings, consolidating data from multiple portals to support informed decision-making.
- Acted as L2 Analyst Response Coordinator, reviewing L1 work notes for enhanced understanding and providing approvals for containment actions; contributed to ongoing process improvements with cross-functional teams.
- Investigated O365 and phishing alerts to prevent credential leaks and account compromises, escalating incidents when needed.
- Actively managed email, web, and malware incidents; identified suspicious activity using email analysis and sandboxing for URLs and attachments.
- Collaborated cross-functionally to coordinate containment and remediation efforts for malware incidents, using tools like Sentinel, PhishLabs, and Trend Micro.
- Created tickets and updated trackers for incident lifecycle management, while ensuring timely escalation for incidents requiring deeper investigation by using Snow.
- Applied MITRE ATT&CK framework and Cybersecurity Kill Chain methodology in threat investigations to enhance root cause analysis and remediation.
- Customized and tuned SIEM rules to refine alert accuracy and optimize incident classification, working closely with Managed Services teams for ongoing SIEM enhancements.
- Conducted vulnerability assessments to identify critical issues and collaborated with IT teams to prioritize remediation, driving significant security improvements.
- Maintained strong expertise in Microsoft products, including Excel and PowerPoint, for reporting and collaboration.
- Demonstrated knowledge in cybersecurity fundamentals, including OWASP Top 10, threat modeling, TCP/IP, DDoS, and phishing detection.
- Proactively reviewed incidents to automate processes and improve response efficiency in alignment with ITIL processes for Change, Incident, and Problem Management.
Information Security Analyst
Innovative Digitech
03.2019 - 05.2022
- Conducted 24x7 log monitoring and initial triage of P1-P3 alerts in SOC using Sentinel and Splunk, escalating incidents requiring further investigation to L2 analysts.
- Utilized ServiceNow (SNOW) for ticket creation, updates, and tracking incidents through their lifecycle to ensure efficient resolution.
- Supported SOC operations by managing phishing alerts with PhishLabs, performing initial analysis and escalating high-risk incidents.
- Monitored email and web logs, identifying suspicious activities such as malware and spam incidents, and promptly escalated to senior analysts as necessary.
- Followed standard SOC procedures to maintain compliance with SLAs and ensure timely incident escalation and communication.
- Collaborated with team members to prepare daily operational reports, contributing to metrics tracking and SOC reporting.
Education
B.E. in ECE -
Anna University
05.2018
Skills
- SIEM Tools: XSOAR, IBM QRadar, Splunk, Azure Sentinel
- Microsoft Security Products: Microsoft Defender for Endpoint (MDE), Microsoft Defender for Identity (MDI), Microsoft Cloud App Security (MCAS), Azure IAM
- Antivirus: McAfee, Microsoft Defender
- Application & Email Security: Web Security, O365 Email Security, Phishing Email Analysis, Malware Detection
- Threat Analysis: Phishing, Malware, Brute Force Attack Detection, Security Incident Triage
- Vulnerability Assessment: Qualys, Nexpose
- Networking & Security Protocols: TCP/IP, Firewalls, VPNs, Proxies
- Soft Skills: Teamwork, Fast Learning, Collaboration
Timeline
Cyber Security Analyst
HCL
06.2022 - Current
Information Security Analyst
Innovative Digitech
03.2019 - 05.2022
B.E. in ECE -
Anna University
Similar Profiles
Norma De La RosaNorma De La Rosa
Project Implementation Manager at HCLProject Implementation Manager at HCL
Chuong Daniel Huu PhanChuong Daniel Huu Phan
Service Desk Agent at HCLService Desk Agent at HCL
Asdf QaswdAsdf Qaswd
Intern at HclIntern at Hcl