Sujay Kumar

Cyber Security Analyst

About

Security Operations Center (SOC) Analyst with 2.5+ years of hands-on experience in real-time threat detection, incident response, and SIEM engineering across enterprise and multi-client environments. Experienced in handling P1/ P2 security incidents, tuning detection rules, conducting threat hunting, and improving SOC operational efficiency. Strong expertise in SIEM platforms including IBM QRadar, Splunk, and Microsoft Sentinel, along with EDR, DLP, and vulnerability management solutions. Focused on proactive defense, MITRE ATT&CK-aligned detection strategies, and continuous security posture improvement.

Professional Experience

Cyber Security Analyst

Data Marshall Pvt Ltd -- Hyderabad

07/2024 -- Apr 2026

--Monitor and triage 400+ daily security alerts across QRadar, Splunk, and
--Microsoft Sentinel environments.
--Lead investigations of high-severity (P1/ P2) incidents including phishing
--campaigns, lateral movement, brute-force attempts, and data exfiltration.
--Perform advanced log correlation across firewall, IDS/ IPS, endpoint,
--database, and cloud telemetry.
--Develop and fine-tune 15+ correlation rules and detection use cases,
--improving threat detection coverage and reducing false positives.
--Conduct proactive threat hunting aligned with MITRE ATT&CK techniques
--using behavioral and IOC-based detection methods.
--Investigate and validate data exfiltration alerts in Symantec DLP; escalate
--confirmed data leakage incidents to stakeholders.
--Analyze suspicious emails, extract IOCs (malicious IPs, domains, hashes),
--and coordinate environment-wide blocking.
--Design and maintain SOC runbooks and incident response documentation
--to standardize investigation workflows.
--Build real-time dashboards in QRadar and generate daily/ weekly/ monthly
--security reports aligned with client KPIs.
--Perform Azure Sentinel health checks using Workbooks to ensure ingestion
--integrity and detection reliability.
--Manage complete incident lifecycle in ServiceNow ensuring SLA adherence
--and accurate documentation.

Cyber Security Associate

Cognizant -- Bangalore

09/2023 -- 07/2024

--Working in Security Operation Center (24x7) and is responsible for
--responding to various security alerts for various clients.
--Monitoring for P1, P2, P3 alerts in SOC operations for real-time
--monitoring, analyzing logs from various security/ Industrial appliances by
--using SIEM - Qradar, Splunk.
--Analyzing risks, threats and vulnerability of the channels being
--implemented.
--Serving as an escalation point of L1 operator liaison with the SOC
--management.
--Creating filters, active channels, queries, Rules etc. in IBM Qradar for
--monitoring purpose.
--Developed and maintained PCI DSS documentation, including policies,
--procedures and system inventories.
--Knowledge in rules creation, Reference set management.
--Escalated alerts indicating malicious behavior and unusual network traffic.
--Identify malicious URL's and suspicious IPs from IDS events generated and
--also block.
--Preparing daily, weekly and monthly reports along with their complete
--analysis.
--Provide threat analysis and security logs for security device.
--Better understanding on log searches and log analysis.
--Monitoring endpoint detection alerts and in-depth analysis.
--Better understanding of IOCs investigation and host management.
--Effectively utilized the Qualys tool for comprehensive vulnerability
--management and assessment.

Skills

IT Security Operations and Management: SIEM & Monitoring

SIEM & Monitoring: IBM QRadar

Splunk

Microsoft Sentinel

Threat Detection & Response: Alert triage

Incident investigation (P1/ P2/ P3)

Log correlation

IOC analysis

Threat hunting

Use-case development

Security Tools & Platforms: Symantec DLP

Qualys VMDR

EDR platforms

IDS/ IPS

Firewalls

Ticketing & Reporting: ServiceNow

SLA tracking

KPI reporting

Dashboard creation

Security Domains: Email Security

Endpoint Security

Network Security Monitoring

Data Loss Prevention

Operating Systems: Windows

Linux

Education

BCA

Aditya Degree College -- Kakinada

08/2020 -- 06/2023

Intermediate(MPC)

Narayana Junior College -- Kakinada

2017 -- 2020

S.S.C

Bhasyam Public School -- Kakinada

2016 -- 2017

Contact

Interested in working together? Feel free to reach out.

[email protected]8374496555

Hyderabad

About

Professional Experience

Cyber Security Analyst

Data Marshall Pvt Ltd -- Hyderabad

07/2024 -- Apr 2026

--Monitor and triage 400+ daily security alerts across QRadar, Splunk, and
--Microsoft Sentinel environments.
--Lead investigations of high-severity (P1/ P2) incidents including phishing
--campaigns, lateral movement, brute-force attempts, and data exfiltration.
--Perform advanced log correlation across firewall, IDS/ IPS, endpoint,
--database, and cloud telemetry.
--Develop and fine-tune 15+ correlation rules and detection use cases,
--improving threat detection coverage and reducing false positives.
--Conduct proactive threat hunting aligned with MITRE ATT&CK techniques
--using behavioral and IOC-based detection methods.
--Investigate and validate data exfiltration alerts in Symantec DLP; escalate
--confirmed data leakage incidents to stakeholders.
--Analyze suspicious emails, extract IOCs (malicious IPs, domains, hashes),
--and coordinate environment-wide blocking.
--Design and maintain SOC runbooks and incident response documentation
--to standardize investigation workflows.
--Build real-time dashboards in QRadar and generate daily/ weekly/ monthly
--security reports aligned with client KPIs.
--Perform Azure Sentinel health checks using Workbooks to ensure ingestion
--integrity and detection reliability.
--Manage complete incident lifecycle in ServiceNow ensuring SLA adherence
--and accurate documentation.

Cyber Security Associate

Cognizant -- Bangalore

09/2023 -- 07/2024

--Working in Security Operation Center (24x7) and is responsible for
--responding to various security alerts for various clients.
--Monitoring for P1, P2, P3 alerts in SOC operations for real-time
--monitoring, analyzing logs from various security/ Industrial appliances by
--using SIEM - Qradar, Splunk.
--Analyzing risks, threats and vulnerability of the channels being
--implemented.
--Serving as an escalation point of L1 operator liaison with the SOC
--management.
--Creating filters, active channels, queries, Rules etc. in IBM Qradar for
--monitoring purpose.
--Developed and maintained PCI DSS documentation, including policies,
--procedures and system inventories.
--Knowledge in rules creation, Reference set management.
--Escalated alerts indicating malicious behavior and unusual network traffic.
--Identify malicious URL's and suspicious IPs from IDS events generated and
--also block.
--Preparing daily, weekly and monthly reports along with their complete
--analysis.
--Provide threat analysis and security logs for security device.
--Better understanding on log searches and log analysis.
--Monitoring endpoint detection alerts and in-depth analysis.
--Better understanding of IOCs investigation and host management.
--Effectively utilized the Qualys tool for comprehensive vulnerability
--management and assessment.

Skills

IT Security Operations and Management: SIEM & Monitoring

SIEM & Monitoring: IBM QRadar

Splunk

Microsoft Sentinel

Threat Detection & Response: Alert triage

Incident investigation (P1/ P2/ P3)

Log correlation

IOC analysis

Threat hunting

Use-case development

Security Tools & Platforms: Symantec DLP

Qualys VMDR

EDR platforms

IDS/ IPS

Firewalls

Ticketing & Reporting: ServiceNow

SLA tracking

KPI reporting

Dashboard creation

Security Domains: Email Security

Endpoint Security

Network Security Monitoring

Data Loss Prevention

Operating Systems: Windows

Linux