MOHAMMED JABAER

SOC Analyst

About

Highly dedicated and results-oriented SOC Analyst with 4+ years of experience in Information Security, specializing in threat analysis, security monitoring, and incident management across diverse industries. Proficient in leveraging SIEM tools like Splunk and Azure Sentinel, alongside expertise in phishing, log, and network security analysis, to proactively detect, analyze, and mitigate complex cyber threats. Proven ability to enhance security posture and lead team development through effective training and guidance.

Work Experience

SOC Analyst

Informage Techo Solutions Pvt Ltd

Jun 2024 - Jul 2024

Hyderabad, Telangana, IN

Currently serving as a SOC Analyst, responsible for real-time security event monitoring, incident investigation, and threat mitigation to maintain robust organizational security posture.

  • Actively monitored and analyzed security events across endpoint, network, and application logs using Splunk Enterprise and Azure Sentinel, ensuring robust organizational security posture.
  • Investigated and triaged security incidents, including EDR alerts and log analysis, to identify threats, prioritize response actions, and effectively mitigate risks.
  • Developed and managed Splunk dashboards and alerts for real-time threat detection and incident response, enhancing visibility into security-relevant data sources and supporting 24/7 SOC operations.
  • Collaborated with cross-functional teams and third-party vendors to ensure timely resolution of security incidents and effective implementation of security controls, maintaining a secure environment.
  • Generated detailed reports on security incidents and trends, including daily false positive/true positive trends and RCA documents, providing actionable insights for senior management and compliance with PCI DSS standards.

SOC Analyst

S.A. TALKE Pvt ltd

Apr 2021 - May 2024

Jubail, Eastern Province, SA

Served as a SOC Analyst, contributing to comprehensive security monitoring, threat analysis, and incident response for multiple global customers in a 24x7 Security Operations Center.

  • Monitored and analyzed security events using Splunk Enterprise and Azure Sentinel, identifying potential threats and anomalies across diverse client networks to safeguard data and infrastructure.
  • Conducted in-depth EDR analysis (Microsoft Defender) to identify malicious activities and contain threats promptly, reducing potential impact on client systems.
  • Performed proactive threat hunting using Splunk to detect anomalies, lateral movement, and potential data exfiltration, enhancing overall security posture.
  • Analyzed logs from various network devices (IDS/IPS, Firewalls) and operating systems (Windows) using SIEM tools, effectively identifying potential security threats and vulnerabilities.
  • Trained and onboarded new team members, providing guidance and support to enhance team capabilities and streamline security processes.

Education

Information Technology

JNTU Hyderabad

Jan 2010 - Jan 2014

Hyderabad, Telangana, IN

Skills

SIEM & Security Tools

  • Splunk Enterprise
  • Azure Sentinel
  • Microsoft Defender (EDR)
  • CORTEX XSIAM (XDR)
  • MX Toolbox
  • Imperva (WAF)
  • Palo Alto (Firewall)
  • Virus Total
  • Cisco Talos
  • SIEM Tools

Threat Analysis & Incident Response

  • Threat Analysis
  • Security Monitoring
  • Incident Management
  • Endpoint Detection & Response
  • Phishing Analysis
  • Log Analysis
  • Network Security
  • Threat Detection
  • Log Correlation
  • MITRE ATT&CK
  • Cyber Kill Chain
  • IDS/IPS

Security Operations

  • Security Operations Center (SOC)
  • Information Security
  • Security Controls
  • PCI DSS Compliance
  • Security Audits
  • Documentation
  • Reporting
  • Continuous Improvement
  • Client Network Security