Sharookh Abdul Salam
Cybersecurity Analyst
Varkala
Summary
Cybersecurity professional with 10+ years of experience specializing in Endpoint Detection & Response (EDR), SOC operations, and incident investigation. Hands-on expertise in CrowdStrike and Cybereason, with strong capabilities in threat analysis, MalOp investigation, containment, and remediation. Proven ability to reduce false positives, improve response time, and strengthen endpoint security posture across enterprise environments.
Overview
11
11
years of professional experience
2
2
Certifications
Work History
EDR Platform Support Engineer
CyberProof, a UST Company
Techno Park, Kerala
08.2022 - Current
- Managed enterprise endpoint security operations using Cybereason, Microsoft Defender for Endpoint, and CrowdStrike Falcon.
- Investigated and responded to advanced threats including malware infections, lateral movement, privilege escalation, and persistence mechanisms.
- Performed detailed MalOp and timeline analysis to identify root cause, attack vectors, and impacted assets.
- Executed containment actions such as host isolation, process termination, hash blocking, and IOC enforcement.
- Conducted proactive threat hunting to detect stealthy or dormant threats within the environment.
- Tuned detection policies and alert rules to reduce false positives and improve SOC efficiency.
- Coordinated with IT and infrastructure teams for remediation, patching, and system hardening.
- Prepared incident reports, root cause analysis (RCA), and executive-level summaries.
- Supported onboarding and configuration of new endpoints into EDR platforms.
- Ensured compliance with security standards and internal response SLAs.
SOC Anlayst
UST Global
Trivandrum
03.2021 - 08.2022
- Monitored and analyzed security alerts from SIEM, EDR, firewall, email security, and other security tools in a 24/7 SOC environment.
- Investigated security incidents including phishing, malware infections, brute-force attempts, suspicious logins, and policy violations.
- Performed log analysis using SIEM platforms to identify indicators of compromise (IOCs) and anomalous activities.
- Conducted initial triage, escalation, and incident handling as per defined playbooks and response procedures.
- Reduced false positives by fine-tuning alert rules and improving detection logic.
- Created detailed incident reports, Root Cause Analysis (RCA), and documented remediation steps.
- Coordinated with IT, network, and endpoint teams for containment and recovery actions.
- Supported vulnerability management by tracking critical findings and ensuring timely remediation.
- Maintained SLA compliance and ensured timely response to high and critical severity alerts.
- Contributed to continuous improvement of SOC processes, runbooks, and knowledge base documentation.
IT Support Engineer (Application & Infrastructure)
UST Global
Techno Park, Kerala
10.2014 - 03.2021
- Provided application support across critical business areas, resolving incidents with minimal business disruption.
- Assisted in software deployments, upgrades, and configuration changes in line with IT standards.
- Handled installation, configuration, and maintenance of PCs, servers, and peripheral devices.
- Maintained accurate asset and configuration records in line with audit and finance compliance.
- Supported end-users with troubleshooting of applications, databases, and network connectivity.
- Collaborated with problem management to identify recurring issues and apply permanent fixes.
Education
Master’s in computer application - undefined
Kerala University
01.2013
B.Sc. - Computer Science
Kerala University
01.2009
Skills
Endpoint Detection & Response (Cybereason, Microsoft Defender, CrowdStrike)
SOC Monitoring & Incident Triage
Threat Hunting & Malware Investigation
MalOp & Timeline Analysis
SIEM Log Analysis & Alert Tuning
Incident Response & Root Cause Analysis
IOC Identification & Containment Actions
Windows & Active Directory Security
Key Achievements
- Successfully managed and investigated advanced endpoint security incidents using EDR solutions (Cybereason, Microsoft Defender, CrowdStrike), reducing mean time to response (MTTR) significantly.
- Led multiple MalOp investigations, performed deep timeline analysis, root cause identification, and containment actions across enterprise environments.
- Improved threat detection efficiency by tuning policies and optimizing EDR configurations, minimizing false positives and enhancing SOC productivity.
- Coordinated with cross-functional teams (SOC, IT Ops, Infra, End-Users) to implement remediation and preventive security controls.
- Acted as a technical escalation point for complex endpoint incidents including malware, lateral movement, and suspicious persistence mechanisms.
- Conducted proactive threat hunting activities to identify stealthy or undetected threats within enterprise endpoints.
- Supported incident response lifecycle including: Detection, Analysis, Containment, Eradication and Recovery
- Post-incident reporting
- Delivered detailed incident reports and executive summaries for management and stakeholders.
- Assisted in PoC (Proof of Concept) validation and onboarding of new EDR/security tools.
- Ensured compliance with organizational security policies and best practices during endpoint investigations.
Certification
Certified Ethical Hacker from EC-Council (CertNo: ECC0615487392)
DECLARATION
I do hereby declare that the particulars of the information and facts stated herein above are true, correct and complete to the best of my knowledge and belief. Best Regards, Sharookh Abdul Salam 10/01/2026
Timeline
EDR Platform Support Engineer
CyberProof, a UST Company
08.2022 - Current
SOC Anlayst
UST Global
03.2021 - 08.2022
IT Support Engineer (Application & Infrastructure)
UST Global
10.2014 - 03.2021
Master’s in computer application - undefined
Kerala University
B.Sc. - Computer Science
Kerala University