Rohit Kumar J

Security Operations Center (SOC) Analyst – Level 3

• Monitor and analyze alerts across security platforms including CrowdStrike, IBM QRadar, Microsoft 365 Defender, and Proofpoint to detect and respond to potential threats.
• Lead containment and remediation efforts for security incidents, including isolating compromised endpoints and removing malware.
• Investigate phishing attacks and execute response protocols to minimize impact and prevent recurrence.
• Mentor and provide technical guidance to L1 and L2 analysts, fostering continuous improvement and team capability growth.
• Evaluate new security tools and technologies; conduct initial assessments, develop usage processes, and create documentation.
• Develop and maintain playbooks to standardize incident response procedures for common alert types.
• Assist in fine-tuning SIEM and EDR systems to improve detection fidelity and reduce false positives.
• Deliver technical presentations during internal cybersecurity knowledge-sharing sessions (Tech Talks).
• Actively contribute to client tabletop exercises simulating security incident scenarios.

Security Incident Manager

• Acted as the primary point of contact for all major incidents, ensuring swift resolution and clear communication across stakeholders.
• Monitored incident queues to ensure adherence to Service Level Agreements (SLAs).
• Conducted ticket audits to maintain process compliance and identify improvement areas.
• Oversaw daily operations, managed escalations, and worked directly with clients to resolve critical issues.
• Compiled and submitted monthly reports to clients, including metrics on ticket volumes, alert types, and validated true positives.