Shahid Hasan
Senior SOC Analyst
Noida
Summary
Seasoned IT professional with 10 years of comprehensive experience in the IT industry, including 6 years specialized in Cybersecurity with a focus on SOC operations and Incident Response. Proven expertise in threat detection, incident response, and vulnerability management, with a strong command of SIEM platforms and EDR solutions. Adept at identifying and mitigating advanced threats, analyzing complex security incidents, and implementing proactive defense strategies. Committed to strengthening organizational security posture, safeguarding critical assets, and contributing to a dynamic cybersecurity team by leveraging strong analytical, problem-solving, and collaboration skills.
Overview
11
11
years of professional experience
5
5
Certifications
Work History
SOC Analyst
Flexis IT Pvt. Ltd.
07.2022 - Current
- Manage and respond to escalated security incidents, perform in-depth threat analysis, and coordinate timely responses to mitigate cyber threats within the Security Operations Center (SOC).
- Enhance customer service by escalating tickets, onboarding new clients, and integrating new log sources while fine-tuning existing configurations to meet specific client requirements.
- Develop, implement, and optimize SIEM use cases, including correlation rules, alerts, dashboards, and reports to detect targeted threats and strengthen overall detection capabilities.
- Continuously refine SIEM correlation rules and alert logic to reduce false positives, improve detection accuracy, and enhance operational efficiency.
- Administer and maintain SIEM infrastructure, configure data sources, and ensure optimal system performance and availability.
- Configure and manage EDR solutions, define policies (allow/deny lists, recorder rules), and manage user roles and permissions for security compliance.
- Investigate alerts generated by EDR and SIEM systems, perform root cause analysis, and determine the full scope and impact of incidents.
- Execute containment and remediation actions, including endpoint isolation, blocking malicious indicators, and restoring systems to a clean operational state.
- Conduct detailed log and forensic analysis to identify patterns of compromise, suspicious behavior, and potential insider threats.
- Maintain documentation of all use cases, investigation reports, dashboards, and incident handling procedures for audit and knowledge sharing.
- Collaborate with cross-functional teams to optimize detection logic, automate response workflows, and continuously improve the SOC’s incident response posture.
- Client/Project: USA-based Project
Senior Associate – Cyber and IT Risk
Grant Thornton
05.2022 - 07.2022
- Monitor and analyze security alerts and events from SIEM platforms and other integrated security tools.
- Classify and prioritize security incidents based on severity, impact, and business risk to ensure effective response and escalation.
- Identify false positives and escalate verified threats to the Incident Response (IR) or L2/L3 teams for deeper investigation.
- Perform detailed log analysis from multiple sources — including firewalls, IDS/IPS, antivirus, proxy, and endpoint protection systems — to identify potential indicators of compromise (IOCs).
- Correlate events across network, endpoint, and application logs to detect suspicious or malicious activity.
- Investigate abnormal behavior patterns, validate alerts against known threat intelligence, and recommend immediate containment actions.
- Document and report all confirmed security incidents, observations, and recommendations in accordance with SOC procedures.
- Client/Project: SBI Card
Security Analyst
Securevel Solutions Pvt. Ltd.
12.2021 - 03.2022
- Identify and prioritize incoming incidents and service tickets (P1, P2, P3) received through ITSM tools, ensuring timely responses and resolutions by coordinating with end-users to ensure clear issue understanding.
- Monitor and analyze security events through SIEM platforms to detect anomalies, potential intrusions, or policy violations.
- Determine the validity of alerts by examining logs, network traffic, and endpoint data to differentiate between true positives and false positives.
- Conduct preliminary investigations into suspicious or malicious activities to assess the nature, scope, and potential impact of threats.
- Investigate, escalate, and document verified security incidents in accordance with established SOC incident response procedures and escalation matrices.
- Assist in vulnerability assessments, compliance checks, and periodic security audits, ensuring alignment with organizational policies and security standards.
- Client/Project: Bharti Airtel
Network & Security Analyst
Anemoi Technology Pvt. Ltd.
07.2019 - 04.2021
- Monitor and analyze information security events from multiple sources — including IDS, DLP, SIEM, and firewall logs — in a 24×7 SOC environment to promptly detect and validate potential cyber threats.
- Perform initial triage and investigation of alerts to distinguish true positives from false positives, ensuring accurate escalation of legitimate incidents.
- Follow established SOC playbooks and standard operating procedures (SOPs) to investigate suspicious activities and collect relevant evidence for further analysis.
- Respond to security incidents in real time by coordinating with IT and network teams to contain threats, such as isolating infected systems, disabling compromised user accounts, or blocking malicious IPs/domains.
- Serve as a technical escalation point and guide other L1 SOC analysts on incident triage and log analysis best practices.
- Client/Project: Tata SIA Airlines (Vistara)
Intern - Junior SOC Analyst
Deciefer Cyber Security India Pvt. Ltd.
06.2015 - 03.2019
- Assisted in monitoring and analyzing security events through SIEM platforms to identify and validate potential cyber threats.
- Conducted initial investigations on alerts and incidents, escalating verified security threats to senior SOC analysts as per incident response protocols.
- Supported SOC operations, including threat monitoring, log analysis, and incident response, ensuring prompt detection and containment of suspicious activities.
- Participated in vulnerability assessments and security audits, helping identify system weaknesses and verifying remediation efforts.
- Assisted in incident response and forensic investigations by collecting and reviewing relevant security data and artifacts.
Education
XII - Physics, Chemistry & Mathematics
BIEC Patna
BE - Electronics & Telecommunications
Chhattisgarh CSVTU University
01-2015
Skills
Splunk Enterprise FortiSIEM ArcSight SentinelOne EDR CrowdStrike Falcon Microsoft Defender Cortex XSOAR Nessus Vulnerability Scanner Forcepoint DLP Cisco Stealthwatch Trend Micro Tipping Point Malware Investigation Data Security Antivirus (Trend Micro) Threat Detection Log Analysis Cyber Defense Operations Security Monitoring Threat Detection & Response (TDR) Log Analysis Incident Management (Incident / Problem / Change) Endpoint & Network Defense Cyber Threat Hunting
Certification
Enrolled SPLUNK Admin from SIEM XPERT
Declaration
I hereby declare that the information given above is accurate to the best of my knowledge. Also, I assure the correctness of the information provided by me. Shahid Hasan
Timeline
SOC Analyst
Flexis IT Pvt. Ltd.
07.2022 - Current
Senior Associate – Cyber and IT Risk
Grant Thornton
05.2022 - 07.2022
Security Analyst
Securevel Solutions Pvt. Ltd.
12.2021 - 03.2022
Network & Security Analyst
Anemoi Technology Pvt. Ltd.
07.2019 - 04.2021
Intern - Junior SOC Analyst
Deciefer Cyber Security India Pvt. Ltd.
06.2015 - 03.2019
XII - Physics, Chemistry & Mathematics
BIEC Patna
BE - Electronics & Telecommunications
Chhattisgarh CSVTU University