Hi, I'm
SOC Analyst
SIEM Monitoring • Alert Triage • Incident Response • Splunk • QRadar • Python • MITRE ATT&CK
Dubai, UAE
About
I'm a SOC Analyst with 1.5+ years of hands-on experience (plus a 1-year cybersecurity internship) in SOC operations, SIEM monitoring, alert triage, threat detection, and incident response.
I analyze events across Splunk, QRadar, firewalls, EDR, IDS/IPS, Windows Event Logs, and network traffic — skilled in IOC analysis, MITRE ATT&CK mapping, threat intelligence checks, and evidence documentation.
I also build Python-based detection automation for Blue Team workflows, including SOAR and detection projects that speed up IOC lookups and evidence documentation.
Certified EC-Council CSA (Certified SOC Analyst), CEH (Certified Ethical Hacker), and Splunk Core Certified User.
Key Achievements
- Reduced false-positive escalations by 20% through improved alert triage and validation across Splunk and QRadar, while consistently handling 20-30 alerts/day.
- Maintained SLA adherence above 95% across P1-P3 incidents, ensuring timely escalation and response in a live SOC environment.
- Cut average phishing investigation time by ~20% by applying Python-based automation to accelerate IOC lookups and evidence documentation.
GitHub Contributions
Experience
SOC Analyst L1 · HashSlash
February 2024 — Present- Triaged 10-20 SIEM alerts/day across Splunk and QRadar, validating events and escalating confirmed incidents per SOC workflows while reducing false positives by 20%.
- Maintained SLA adherence above 95% across P1-P3 incidents by monitoring firewall, EDR, IDS/IPS, endpoint, server, authentication, and network traffic logs for suspicious activity and IOCs.
- Investigated 5-10 phishing and malicious URL cases/month plus brute-force and suspicious login alerts, documenting evidence, severity, impact, and recommended response actions.
- Mapped 10+ MITRE ATT&CK techniques across investigations and built Python-based automation for Blue Team workflows, cutting average phishing investigation time by ~30%.
Cybersecurity Intern · AndyInfosec
January 2023 — January 2024- Supported SIEM monitoring, alert validation, incident response, phishing analysis, and vulnerability assessment using standard security tools.
- Performed threat analysis on 10+ cases/month using authentication logs, firewall events, and packet captures; prepared incident notes and security reports with senior analysts.
Certifications
Certified SOC Analyst (CSA)
EC-Council · ECC8120457369
Certified Ethical Hacker (CEH)
EC-Council · ECC0562384197
Splunk Core Certified User
Splunk
Projects
SIEM AI Agent
Security DashboardDashboard workflow to ingest security events, generate alerts, score risk, enrich alerts with MITRE ATT&CK context, and support SOC triage.
Latest from GitHub
Pulled live from github.com/Tawheed30 — new repos show up here automatically.
Skills
SOC & SIEM
Detection & Log Analysis
Security Investigations
Network & Vulnerability Security
Scripting & Frameworks
Education
Bachelor of Engineering, Computer Science Engineering
BMS Institute of Technology & Management · Bengaluru, India
Recent Posts from X
Auto-generated by my SOC/detection-engineering bot, @_notmohammed_.
Security isn't paranoia. 🛡️ It's being realistic about what attackers will actually try—then being ready before they do.
🕵️ Threat hunting tip: Hunt lateral movement, not the initial breach. Attackers spend WAY more time moving through your network than getting in. That's your window. ⏱️
🎯 Detection engineering truth: The best detections catch attackers when they get lazy. Stop chasing edge cases—focus on high-confidence patterns that actually fire. 🔥
Contact
Open to SOC Analyst, Cybersecurity Analyst, and SIEM Analyst roles. Feel free to reach out — I usually reply within a day.
mohammedtawheed9317@outlook.com+91-9980412233