Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Riyas Mohamed

Trichy

Summary

Cybersecurity Engineer with three years of experience in SOC operations, incident response, and cybersecurity project delivery across enterprise and critical infrastructure clients. Skilled in SIEM (Splunk, ArcSight), EDR/XDR (Trellix, Symantec, Check Point Harmony), Email and Mobile Security (Google Workspace, Check Point), and DLP solutions, with proven success in multi-client SOC management, ransomware defense, compliance alignment, and cloud security.

Overview

2
2
years of professional experience
1
1
Certification

Work History

Security Analyst / SOC Operation

Imsquareinfotech
01.2024 - Current
  • Managed 24/7 SOC operations for multiple clients, including TATA Advanced Systems, Privacy4Cars, Eicore Tech, ONGC, TATA Defence, and TATA Aerospace, safeguarding critical infrastructure and enterprise IT assets.
  • Led cybersecurity projects across multiple customers, deploying and managing: EDR/XDR platforms (Trellix, Symantec, Check Point Harmony) Email security solutions (Google Workspace Security, Checkpoint Email Security, DLP, anti-phishing policies) Mobile device security (MDM platforms, Checkpoint Mobile Security for iOS, and Android)
  • Conducted advanced threat detection and hunting using SIEM (Splunk, Arc Sight) and EDR telemetry, proactively identifying ransomware and malware campaigns.
  • Directed vulnerability and patch management, achieving 95% SLA compliance, and reducing critical risk exposure by 40%.
  • Enhanced incident response playbooks, cutting mean time to respond (MTTR) by 30%.
  • Performed firewall log analysis, and collaborated with network teams to strengthen perimeter defence.
  • Supported ISO 27001, NIST, and PCI DSS compliance, including risk assessments, incident reporting, and audit preparations.
  • Delivered cloud security posture reviews (AWS, M365), focusing on IAM hardening, secure configurations, and anomaly detection.
  • Coordinated with the red team and penetration testers to validate SOC detection gaps, and applied compensating controls.
  • Prepared and presented executive-level reports for clients on security posture, incident trends, and risk reduction.
  • Data Protection: Utilizing advanced Data Loss Prevention (DLP) techniques and robust full-disk encryption to safeguard sensitive information, ensuring compliance with regulations, and minimizing the risk of data breaches.

SOC Analyst (L1)

Sattrix Information Security
03.2023 - 10.2023
  • Conducted real-time monitoring and triage of security events in Splunk, Force point DLP, and Symantec EDR, supporting multiple global clients.
  • Performed malware and ransomware investigations using sandboxing and forensic tools (Autopsy, FTK Imager).
  • Blocked indicators of compromise (IoCs) across AV, IDS/IPS, and firewall systems, preventing escalation.
  • Produced technical documentation and incident reports for SOC leadership and client stakeholders.
  • Conducted threat intelligence research, enriching detection rules, and SIEM correlation use cases.
  • Participated in vulnerability assessments, aligning remediation with ISO 27001 and NIST frameworks.
  • Assisted in cloud security monitoring (AWS, Office 365), flagging abnormal login behaviors, and privilege escalations.
  • Maintained up-to-date knowledge of the cyber threat landscape by researching the latest attack trends and techniques used by attackers.

Education

Diploma in Cybersecurity -

Systech
Trichy, India
12-2022

Diploma in Engineering - Mechanical

Government Polytechnic College
Trichy, Tamilnadu
08.2020

SSLC -

St. Little Flower Matriculation Higher Secondary School
Trichy, Tamilnadu
04.2017

Skills

  • Security operations
  • Incident response
  • Threat and vulnerability management
  • Mobile device security (checkpoint, MDM)
  • Email security (checkpoint, Google workspace security)
  • Endpoint protection
  • Cybersecurity solutions
  • Stakeholder management
  • Analytical thinking
  • Cross-functional team management
  • Market analysis
  • Security Operations Center (SOC)
  • Splunk Enterprise Security
  • ArcSight ESM management
  • Threat hunting
  • Trellix ePolicy Orchestrator
  • Trellix endpoint security
  • Checkpoint Harmony endpoint (EDR, XDR)
  • Google Workspace
  • MDM platform
  • ManageEngine (Desktop Central)
  • Autopsy
  • FTK Imager, Nmap, Burp Suite, and Wireshark
  • EDR management

Certification

  • CompTIA A+ and N+
  • CCNA and CCNP (Routing and Switching)
  • MCSE (Microsoft Certified Solutions Expert)
  • AWS (Amazon Web Services)
  • CEH (Certified Ethical Hacker)
  • Digital Forensic Essentials (D|EF - EC-Council, Certification No: 279881
  • Event Log Analyzer – ManageEngine Certified Product Associate, Certification No: MECP00038807

Timeline

Security Analyst / SOC Operation

Imsquareinfotech
01.2024 - Current

SOC Analyst (L1)

Sattrix Information Security
03.2023 - 10.2023

Diploma in Cybersecurity -

Systech

Diploma in Engineering - Mechanical

Government Polytechnic College

SSLC -

St. Little Flower Matriculation Higher Secondary School
Riyas Mohamed