Abdul Aziz Junaid Mohammad

- Assisted in monitoring IT and security events in a structured SOC environment
- Analyzed alerts and supported initial incident triage under supervision
- Logged incidents and documented reports in accordance with SOPs
- Gained exposure to IT security workflows, operational processes, and teamwork

• Monitored and triaged security events daily via Splunk SIEM across networks, endpoints, and systems, maintaining continuous
threat visibility and reducing mean time to detect (MTTD).
• Validated and classified alerts for phishing attempts, malware activity, and unauthorized access events; produced severity-rated
incident reports per SOC procedures.
• Investigated authentication logs, firewall logs, and endpoint telemetry to detect IOCs mapped to MITRE ATT&CK tactics and
techniques.
• Built Splunk correlation rules (Event ID 4625) to detect login anomalies; generated automated alerts and operational KPI
dashboards for management visibility.
• Conducted cross-system log correlation to surface discrepancies and data integrity gaps; escalated confirmed incidents with
documented root cause analysis.
• Maintained security documentation and enforced access control policies aligned with ISO 27001 and NIST CSF frameworks.

- Supported analysis of IT security systems and identification of basic vulnerabilities
- Assisted in system documentation and understanding of cybersecurity best practices

• Completed structured cybersecurity training covering Palo Alto Networks platforms, threat prevention concepts, firewall policies,
and secure network design principles.
• Performed vulnerability assessment and risk analysis exercises; documented findings and remediation steps aligned with industry
SOC standards.