Hello! I am Sangram Rajput

A SOC Analyst who
|
beyond the noise

Focused on alert correlation, incident investigation,
and real-world SOC response using Splunk SIEM.

SOC Analyst Avatar

About Me

SOC Analyst with hands-on experience in SIEM alert triage, incident investigation, EDR monitoring, and phishing & malware analysis using Splunk.

Worked on investigating high-priority security alerts, correlating related events, and identifying true incidents beyond false positives.

Key Experience

Core Skills

Alert Correlation Incident Investigation (L2) SIEM Monitoring & Triage Phishing & Malware Analysis Log Analysis Threat Intelligence (IOC Validation)

Tools & Platforms

Splunk SIEM (SPL, Dashboards, Correlation Rules) EDR – CrowdStrike Falcon SOAR – Cortex XSOAR Nessus Vulnerability Scanner ServiceNow (SOC Ticketing)

Foundations & Workflow

Incident Documentation & Escalation Network Security Fundamentals Log Onboarding & Forwarding (Splunk UF) Incident Communication Under Pressure

SOC Projects

Phishing Email Analysis – SOC Tier 2

Investigated phishing emails to identify malicious indicators, assess impact, and document findings following SOC workflows.

Phishing Analysis IOC Identification Email Header Analysis SOC Documentation
View Technical Details (GitHub)

Full investigation steps and evidence are documented in the GitHub repository.

Role: SOC Analyst (Tier 2)

Phishing Email Analysis SOC Tier 2 Report Screenshot

Click image to view investigation report (PDF)


SOC Brute Force Detection & Incident Response

End-to-end SOC project demonstrating detection, investigation, and escalation of brute-force attacks using Splunk SIEM.

Splunk SIEM Brute Force Detection Windows Log Analysis Alert Triage Incident Response SOC Documentation
View Technical Details (GitHub)

Full investigation steps and evidence are documented in the GitHub repository.

Role: SOC Analyst (Tier 2)

SOC Brute Force Report Screenshot

Click image to view investigation report (PDF)


Suspicious PowerShell & Lateral Movement Detection

This project simulates a real-world SOC investigation where suspicious PowerShell activity was detected and analyzed using Splunk SIEM.

Splunk SIEM PowerShell Detection Windows Event Analysis Process Correlation Lateral Movement Detection Incident Response SOC Documentation
View Technical Details (GitHub)

Full investigation steps and evidence are documented in the GitHub repository.

Role: SOC Analyst (Tier 2)

SOC_PowerShell_Lateral_Movement_Project

Click image to view investigation report (PDF)


Enterprise Firewall Threat Hunting & Detection Engineering

This project simulates a real-world SOC investigation where firewall logs were analyzed in Splunk to detect port scanning, exposed services (RDP), and potential lateral movement behavior.

Splunk SIEM Firewall Log Analysis Port Scan Detection Detection Engineering Threat Hunting Correlation Analysis Incident Response
View Technical Details (GitHub)

Full investigation steps and evidence are documented in the GitHub repository.

Role: SOC Analyst (Tier 2)

Firewall_SOC_Threat_Hunting_Splunk

Click image to view investigation report (PDF)


Automated Incident Response System

Built an end-to-end SOC automation workflow using Splunk and Python to detect brute force attacks, enrich threats using VirusTotal API, generate incident reports, and simulate response actions — reducing manual effort and improving response time.

Splunk SIEM Python Automation Incident Response Threat Intelligence (VirusTotal) Detection Engineering Log Analysis SOC Workflow
View Technical Details (GitHub)

Full investigation steps and evidence are documented in the GitHub repository.

Role: SOC Analyst (Tier 2)

Automated-Incident-Response-System

Click image to view investigation report (PDF)


VPN Log Monitoring & Threat Detection System

This project demonstrates a SOC-based VPN monitoring system built using Splunk SIEM to detect and investigate suspicious authentication activities. It covers real-world use cases such as brute-force attacks, impossible travel detection, and high-risk geolocation logins, along with alerting, incident triage, and response simulation.

Splunk SIEM Cybersecurity SOC Operations Threat Hunting Behavioral Analytics Incident Triage Log Correlation Security Alerts
View Technical Details (GitHub)

Full investigation steps and evidence are documented in the GitHub repository.

Role: SOC Analyst (Tier 2)

VPN-Log-Monitoring-&-Threat-Detection-System-System

Click image to view investigation report (PDF)

Contact

Interested in SOC Analyst opportunities, collaboration, or discussing investigations. The best way to reach me is via email or LinkedIn.

Available for SOC roles
Download Resume (PDF)
Email sangramrajput436@gmail.com
GitHub github.com/sangram-1436
LinkedIn linkedin.com/in/sangramrajput101b2435a