Summary
Overview
Work History
Education
Skills
Activities
Websites
Languages
Timeline
Generic
Sagnik Bera

Sagnik Bera

Kolkata

Summary

Information Security Analyst with deep experience in SOC operations, specializing in real-time threat detection, investigation, and incident response. Successfully led high-severity incidents as an Incident Commander, overseeing containment, eradication, and recovery across cross-functional teams.

Proficient in threat hunting, vulnerability management, and log analysis using SIEM (Splunk, Sumo Logic) and EDR/XDR platforms (CrowdStrike, Defender ATP, Cortex XDR). Skilled in deploying detection use cases, investigating phishing and malware threats, and delivering actionable root cause and remediation reports.

Overview

4
4
years of professional experience

Work History

ASSOCIATE ENGINEER II

PowerSchool
Bangalore
02.2023 - Current
  • Monitored and analyzed real-time security events in Security Operations Center using Splunk, Defender ATP, and CrowdStrike.
  • Served as Incident Commander for high-severity incidents, leading teams to contain and recover from breaches.
  • Led coordinated incident response activities across functional teams, ensuring comprehensive documentation and timely communication throughout each stage of the incident lifecycle.
  • Conducted root cause analysis and published post-incident reports outlining lessons learned and remediation strategies.
  • Performed threat hunting and IOC-based investigations to uncover hidden threats and suspicious activities.
  • Managed end-to-end vulnerability assessments across organizational assets, coordinating with relevant teams through to patch deployment and verification.
  • Created and deployed custom Splunk use cases and correlation rules into production to enhance alerting and detection capabilities across critical log sources.
  • Presented internal threat briefs and security awareness sessions to educate users on phishing risks, emerging threats, and policy compliance.

CYBERSECURITY ASSOCIATE

FICO
Bangalore
01.2022 - 12.2022
  • Working in SOC as the L1 analyst in 24/7 environment.
  • Investigated and responded to intrusion events/incidents using SIEM, EDR, XDR and email security solutions.
  • Monitor events from log sources that include firewalls, web proxies, IDS/IPS, cloud platforms, and active directory.
  • Perform initial investigation and triage of potential incidents and escalate or close events as applicable.
  • Performing security research and intelligence gathering on emerging threats and exploits.
  • Giving ideas of use cases to team lead for better security posture.
  • Reviewing of reports and dashboards on daily basis.
  • Audited networks and security systems to identify vulnerabilities.
  • Monitor critical log sources that are not reporting to SIEM and create tickets with respective teams.
  • Raised tickets with concerned teams regarding security issues on Service now ticketing tool.
  • Take follow ups and closing of tickets based on user response.
  • Mentored junior employees in departmental activities and procedures.

Education

Master Of Technology - Cyber Security

Jain University
Bangalore
06.2022

Bachelor Of Technology - Computer Science

RCCIIT
Kolkata
06.2020

Skills

  • Splunk Enterprise
  • Sumologic
  • Microsoft Defender Advanced Threat Protection
  • Microsoft Cloud App security
  • CrowdStrike
  • Cortex XDR
  • Demisto
  • Palo Alto
  • Imperva
  • Proofpoint Tap
  • Proofpoint Trap
  • Abnormal Security
  • KnowBe4
  • Autopsy
  • FTK Imager
  • Virustotal
  • Insights
  • IntelFinder
  • Shodan
  • AWS
  • Code 42
  • Cyber Heaven
  • Microsoft Defender
  • ServiceNow
  • Cybersecurity best practices

Activities

  • Sports
  • Travel

Websites

Languages

English
First Language

Timeline

ASSOCIATE ENGINEER II

PowerSchool
02.2023 - Current

CYBERSECURITY ASSOCIATE

FICO
01.2022 - 12.2022

Master Of Technology - Cyber Security

Jain University

Bachelor Of Technology - Computer Science

RCCIIT

Similar Profiles

CREATE PROFILE
Sagnik Bera