Hi, I'm

SOC Analyst

SIEM Monitoring • Alert Triage • Incident Response • Splunk • QRadar • Python • MITRE ATT&CK

Dubai, UAE

01

About

I'm a SOC Analyst with 1.5+ years of hands-on experience (plus a 1-year cybersecurity internship) in SOC operations, SIEM monitoring, alert triage, threat detection, and incident response.

I analyze events across Splunk, QRadar, firewalls, EDR, IDS/IPS, Windows Event Logs, and network traffic — skilled in IOC analysis, MITRE ATT&CK mapping, threat intelligence checks, and evidence documentation.

I also build Python-based detection automation for Blue Team workflows, including SOAR and detection projects that speed up IOC lookups and evidence documentation.

Certified EC-Council CSA (Certified SOC Analyst), CEH (Certified Ethical Hacker), and Splunk Core Certified User.

Key Achievements

  • Reduced false-positive escalations by 20% through improved alert triage and validation across Splunk and QRadar, while consistently handling 20-30 alerts/day.
  • Maintained SLA adherence above 95% across P1-P3 incidents, ensuring timely escalation and response in a live SOC environment.
  • Cut average phishing investigation time by ~20% by applying Python-based automation to accelerate IOC lookups and evidence documentation.
02

GitHub Contributions

Contributions111 total
JulAugSepOctNovDecJanFebMarAprMayJunJul
Less
More
03

Experience

SOC Analyst L1 · HashSlash

February 2024 — Present
  • Triaged 10-20 SIEM alerts/day across Splunk and QRadar, validating events and escalating confirmed incidents per SOC workflows while reducing false positives by 20%.
  • Maintained SLA adherence above 95% across P1-P3 incidents by monitoring firewall, EDR, IDS/IPS, endpoint, server, authentication, and network traffic logs for suspicious activity and IOCs.
  • Investigated 5-10 phishing and malicious URL cases/month plus brute-force and suspicious login alerts, documenting evidence, severity, impact, and recommended response actions.
  • Mapped 10+ MITRE ATT&CK techniques across investigations and built Python-based automation for Blue Team workflows, cutting average phishing investigation time by ~30%.
SplunkQRadarMITRE ATT&CKIncident Response

Cybersecurity Intern · AndyInfosec

January 2023 — January 2024
  • Supported SIEM monitoring, alert validation, incident response, phishing analysis, and vulnerability assessment using standard security tools.
  • Performed threat analysis on 10+ cases/month using authentication logs, firewall events, and packet captures; prepared incident notes and security reports with senior analysts.
SplunkQRadarVulnerability Assessment
04

Certifications

Certified SOC Analyst (CSA)

EC-Council · ECC8120457369

Certified Ethical Hacker (CEH)

EC-Council · ECC0562384197

Splunk Core Certified User

Splunk

07

Skills

SOC & SIEM

SplunkQRadarSecurity OnionSOC OperationsCyber Defense Center SupportSIEM MonitoringAlert TriageIncident ResponseSecurity MonitoringSecurity Reporting

Detection & Log Analysis

Windows Event LogsFirewall LogsEDR AlertsIDS/IPS AlertsAuthentication LogsPacket AnalysisIOC AnalysisThreat DetectionBasic Threat Hunting

Security Investigations

Phishing InvestigationMalicious URL AnalysisIncident HandlingSeverity ClassificationEvidence DocumentationEscalationBasic Digital Forensics

Network & Vulnerability Security

WiresharkNessusTCP/IPDNSVPNFirewallsIDS/IPSVulnerability AssessmentRisk Assessment

Scripting & Frameworks

PythonBashPowerShellMITRE ATT&CK
08

Education

Bachelor of Engineering, Computer Science Engineering

BMS Institute of Technology & Management · Bengaluru, India

09

Recent Posts from X

Auto-generated by my SOC/detection-engineering bot, @_notmohammed_.

Jul 11, 2026

Security isn't paranoia. 🛡️ It's being realistic about what attackers will actually try—then being ready before they do.

Jul 11, 2026

🕵️ Threat hunting tip: Hunt lateral movement, not the initial breach. Attackers spend WAY more time moving through your network than getting in. That's your window. ⏱️

Jul 11, 2026

🎯 Detection engineering truth: The best detections catch attackers when they get lazy. Stop chasing edge cases—focus on high-confidence patterns that actually fire. 🔥

11

Contact

Open to SOC Analyst, Cybersecurity Analyst, and SIEM Analyst roles. Feel free to reach out — I usually reply within a day.

mohammedtawheed9317@outlook.com

+91-9980412233