Summary
Overview
Work History
Education
Skills
Certification
Languages
Timeline
Generic

Mohammed Javadudeen Palliyalil - SOC L2

Malappuram

Summary

Experienced Security Operations Center (SOC) professional with over 5 years of expertise in Security Information and Event Management (SIEM), including security monitoring, log inspection, and analysis. Skilled in CrowdStrike Endpoint Detection and Response (EDR), with hands-on experience in fine-tuning detection rules to reduce false positives and enhance threat visibility. Proficient in SOAR solutions to streamline incident response and automation. Strong background in SOC operations, threat detection, and incident response, ensuring proactive security measures and swift mitigation of cyber threats.

Overview

7
7
years of professional experience
1
1
Certificate

Work History

SOC L2 Security Analyst

LTI Mindtree
- 08.2024
  • Monitor and manage security incidents in 24x7 rotational shifts.
  • Experience with SIEM tools (QRadar, Google chronicle Back Story, Splunk, Elastic, McAfee ESM etc.)
  • Utilized advanced tools including XSOAR Security, Google Chronical, Crowdstrike, Microsoft Defender.
  • Investigated security incidents escalated from L1 analysts, performing deep-dive analysis using SIEM tools.
  • Performed root cause analysis (RCA) and recommended mitigation strategies to reduce risk exposure.
  • Provided guidance to L1 analysts for triaging alerts and improving detection accuracy.
  • Review security logs, generate analysis reports, and fine-tune correlation rules based on new threats.
  • Develop and update SOPs for incident handling.
  • Monitor the health of SIEM components and escalate incidents.
  • Triage events and ensure incidents are handled per SLA.
  • Generate reports, create handover documents, and assist in creating SOPs.
  • Served as a Primary SPOC of contact analyst for a critical US client.

Cyber Security Consultant

ActivBytes Technologies
05.2023 - 08.2024
  • Developed SIEM-simulated cyber drill environments (Cyber Range) for immersive learning experiences using platforms such as Splunk, IBM QRadar, and Elastic.
  • Responsible for 24/7 monitoring and operational support using SIEM solutions (Splunk, Elastic, IBM QRadar) for various customers.
  • Integrating log sources (Firewalls, IDS/IPS, servers, applications) into the SIEM.
  • Configured and maintained indexing, retention policies, and data lifecycle strategies to optimize performance and reduce storage costs.
  • Maintaining and troubleshooting Splunk SIEM servers.
  • Led end-to-end deployment and configuration of Splunk Enterprise across distributed, multi-site environments, including indexers, search heads, deployment servers, and heavy/universal forwarders.
  • Developed and maintained deployment server infrastructure, managing Splunk apps and configuration bundles using server classes for automated forwarder management.

Soc Analyst

SISA Information Security
06.2021 - 04.2023
  • Continuously monitor security events and alerts generated by the SIEM system (an in-house tool based on the ELK Stack) in the Security Operations Centre (SOC).
  • Perform monitoring, alert detection, and alert response activities.
  • Create and fine-tune use cases, and develop dashboards for effective monitoring and analysis.
  • Generate and deliver daily, weekly, and monthly reports to clients in various formats as per their requirements.
  • Analyse security events and logs to report on threats and incidents across diverse platforms and environments.

Network Support Engineer

Digiplus IT Solutions
02.2020 - 03.2021
  • Maintaining and administering Computer Networks and Related Computing Environments Including System software, Applications software, Hardware and Configurations.
  • Configuring and Maintaining the UTL-ONT-72 BBNL Router.
  • Optical Line Terminal (OLT) Device Configuring Maintaining and Fiber Power Checking and Maintaining.
  • State Government Project named Kerala Wi-Fi Project Supporter.

Information Security Analyst

CMS IT Services
02.2019 - 01.2020
  • Managing and configuration of Web-sense and Force-point web proxy.
  • Monitoring Internet requests, logs activity, Internet usage filters, and reports on activity.
  • Active directory administration and managing.
  • Managing McAfee e-policy Orchestrator.
  • McAfee Data Loss Prevention (DLP), File and Removable media Protection (FRP) installation.
  • Enabling Bit-locker encryption for Removable and Non-Removable devices.
  • Installing and managing Anti-Virus services locally and remotely.

Technical Support Engineer

Universal Business Solutions
01.2018 - 06.2018
  • Configuring hardware and software components after installation.
  • Performing routine maintenance on technology equipment.
  • Testing equipment to troubleshoot the issues.

Education

B.Tech - Computer Science and Engineering

04.2017

Skills

  • SIEM TOOLS : (SPLUNK, GOOGLE CHRONICLE BACK STORY, IBM QRADAR , ELASTIC SEARCH)
  • SPLUNK ADMINISTRATION
  • SPLUNK FORWARDER SETUP (UF/HF INSTALLATION)
  • DATA ONBOARDING
  • LOG PARSING & INDEXER CLUSTERING
  • EDR (FALCON CROWDSTRIKE)
  • EMAIL SECURITY SOLUTION (PROOFPOINT&COFENSE)
  • DIVVY CLOUD PRISMA
  • CLOUD SOAR (PALO ALTO XSOAR)
  • DLP
  • ACTIVE DIRECTORY
  • SERVICE NOW (TICKETING TOOL)
  • MICROSOFT AZURE
  • MICROSOFT O365 DEFENDER
  • BEYOND-TRUST
  • AWS CONTROL TOWER
  • BLUECAT

Certification

  • Splunk E-Learning
  • Cyber Forensic - Great Learning
  • Foundations of operationalizing MITRE ATT&CK
  • McAfee Enterprise Security Manager - ESM
  • Fortinet Network Security Expert - NSE1

Languages

English
Bilingual or Proficient (C2)
Arabic
Upper intermediate (B2)

Timeline

Cyber Security Consultant

ActivBytes Technologies
05.2023 - 08.2024

Soc Analyst

SISA Information Security
06.2021 - 04.2023

Network Support Engineer

Digiplus IT Solutions
02.2020 - 03.2021

Information Security Analyst

CMS IT Services
02.2019 - 01.2020

Technical Support Engineer

Universal Business Solutions
01.2018 - 06.2018

SOC L2 Security Analyst

LTI Mindtree
- 08.2024

B.Tech - Computer Science and Engineering

Similar Profiles

CREATE PROFILE
Mohammed Javadudeen Palliyalil - SOC L2