Jaazab Ghalob
Cyber Security SOC Consultant
Stevenage
Summary
Results-driven Cyber Security SOC Analyst with extensive experience in monitoring, analysing, and responding to cyber threats in 24/7 Security Operations Centres. Proficient in SIEM solutions such as Splunk, LogRhythm, Darktrace, and Azure Sentinel, as well as endpoint security tools like Trellix, Carbon Black, and Microsoft Defender. Skilled in conducting threat intelligence, forensic investigations, and implementing mitigation strategies in alignment with ISO 27001, GDPR, MITRE ATT&CK, and MOD frameworks. Proven ability to optimise SOC workflows, reduce false positives, and enhance overall security posture through automation and process improvements. A strong communicator and team player with a track record of mentoring junior analysts and collaborating with cross-functional teams to strengthen cybersecurity defences.
Overview
8
8
years of professional experience
6
6
Years of Cyber Security experience
Work History
SOC Analyst Consultant (Snr)
ATOS / Eviden + Guidant Global (Contractor)
03.2025 - 01.2026
- Enhanced communication among team members to foster collaborative and supportive work environment.
- Identified areas of improvement for clients' operations, implementing targeted solutions to increase productivity.
- Streamlined internal processes to enhance team efficiency and improve overall project outcomes.
- Advised improvements in security systems and procedures.
- Evaluated emerging security technologies to stay current on industry trends and incorporate innovative solutions into client projects where applicable.
SOC Analyst Consultant (Mid)
ATOS / Eviden (Contractor)
10.2024 - 03.2025
- Provided strategic recommendations for SOC workflow enhancements, including automated alert prioritisation, improving analyst efficiency.
- Maintained accurate documentation of SOC activities, facilitating knowledge sharing across the team.
- Enhanced network security by monitoring systems for potential threats and vulnerabilities.
- Trained junior analysts in security & network analysis techniques, improving overall team efficiency.
- Facilitated cross-departmental collaboration efforts to develop unified security protocols.
- Coordinated with external security vendors to enhance threat intelligence and defense mechanisms.
SOC Analyst Consultant (Jnr)
ATOS / Eviden (Contractor)
03.2023 - 10.2024
- Operated within a 24x7 Security Operations Center (SOC), continuously monitoring and responding to cyber threats to ensure enterprise security.
- Capable of managing shift responsibility solo performing Jnr / Snr analyst role and responsibilities alone for the first 8 months.
- Investigated and triaged security alerts across corporate and classified networks, utilising LogRhythm, Splunk, DarkTrace and Trellix in alignment with MOD regulations and protocols.
- Partnered with Incident Management (IM) teams to deploy advanced security measures, such as endpoint detection improvements and network segmentation, strengthening data protection.
- Reduced false alarms through fine-tuning SIEM correlation rules and refining detection logic based on historical threat patterns.
- Optimised incident management workflows by integrating JIRA, MatterMost, Confluence and Shift Handovers facilitating faster coordination between SOC analysts and IM teams.
- Conducted root cause analysis of security breaches using Splunk, Wireshark, ObserveIT, Recorded Future and Infoblox leading to improved threat mitigation strategies.
- Delivered real-time technical support during high-priority security incidents, minimising business impact.
Cyber Security SOC Analyst
Novacoast Inc
05.2020 - 06.2022
- Operated within a 24x7 Security Operations Center (SOC), proactively monitoring and responding to cybersecurity threats to ensure uninterrupted business operations.
- Monitored, investigated, and mitigated security incidents using LogRhythm, Splunk, Alienvault, Azure Sentinel, Proofpoint, ServiceNow, NovaSOC and Carbon Black, ensuring rapid response to cyber threats.
- Conducted in-depth log analysis from SIEM, Firewall, IDS/IPS, and WAF sources, identifying and containing an average of 3 security incidents per month.
- Investigated IPs, domains, and phishing emails for malicious activity using OSINT tools like VirusTotal, URLScan, URLVoid, Symantec Site Review, Shodan, and AbuseIPDB, recommending mitigation strategies.
- Executed daily SOC operations, including threat intelligence gathering, incident response coordination, and log analysis, ensuring smooth security operations.
- Applied critical thinking to analyze attack vectors, assess risks, and implement proactive threat mitigation strategies to enhance security posture.
- Maintained round-the-clock security monitoring, ensuring threat response continuity across nights, weekends, and holidays.
- Identified cyber threats, performed forensic analysis, and implemented security measures to prevent data breaches and system vulnerabilities.
- Trained and mentored new SOC analysts in SIEM solutions (LogRhythm, Splunk), improving team efficiency and reducing onboarding time by 20%.
- Performed regular system monitoring and reporting on the status of systems for optimal performance.
Cyber Security Researcher / Analyst
ECSC Group
04.2019 - 04.2020
- Operated within a 24x7 Security Operations Center (SOC), investigating security threats and implementing response measures to protect client environments.
- Investigated malware infections, unauthorized access attempts, and suspicious network activity, providing actionable mitigation strategies that enhanced client security.
- Monitored PCI-DSS compliant environments, ensuring adherence to security standards and promptly identifying compliance violations.
- Analyzed security violations such as unauthorized access and misconfigured firewalls, developing custom mitigation plans to prevent future breaches.
- Implemented encryption protocols (AES, TLS, RSA) and configured firewall rules to safeguard confidential client data from cyber threats.
- Utilised SIEM tools and access control mechanisms to monitor data usage, ensuring only authorized personnel accessed sensitive information.
- Conducted security assessments and recommended enhancements to IDS/IPS rules, endpoint security policies, and log retention practices, strengthening client cybersecurity postures.
- Applied Linux command-line expertise for log analysis, network forensics, and intrusion detection, complementing advanced Windows security knowledge.
Customer Support Analyst Apprentice
European Metal Recycling Ltd
09.2017 - 03.2019
- Troubleshot and resolved hardware, software, and network-related issues using IronPort, Cisco Jabber, TeamViewer, and Cisco Unified CallManager, ensuring minimal downtime and efficient IT operations.
- Managed 50+ daily support calls and tickets, reducing response times by answering calls within 3 rings and proactively sharing knowledge base articles for common application and system issues.
- Processed IT procurement requests, ensuring timely availability of hardware/software and aligning with ISO 27001 compliance for secure asset management.
- Improved customer satisfaction by providing fast and effective resolutions, ensuring compliance with ISO 27001 security protocols, and maintaining high IT service reliability.
- Collaborated with internal teams to assess IT needs, leveraging EDR (MS Defender, Sophos) and RSA tools to deliver tailored support and system security improvements.
- Delivered advanced technical support, including a critical laptop Wi-Fi issue for an executive scheduled to leave the country the same day. Diagnosed and resolved Wi-Fi adapter misconfiguration, ensuring seamless connectivity and receiving direct executive recognition for quick turnaround.
Education
BCS Level 4 Certificate in Cyber Security -
04.2020
Grade: PASS
OCR Level 3 Cambridge Technical Subsidiary Diploma - Computing & IT
06.2017
(1st Year)
- Date: 2015-09 to 2016-06
- Grade: Distinction* Distinction*
- Awarded 100% Attendance
(2nd Year)
- Date: 2016-09 to 2017-06
- Final Grade: Distinction* Distinction* Distinction*
GCSE -
08.2015
- Achieved 8 A*-C GCSE's including Maths, English and ICT
Skills
Security Information and Event Management (SIEM) & Threat Intelligence:
LogRhythm
Splunk (Enterprise Security)
Azure Sentinel
AlienVault
NovaSOC
DarkTrace (Threat Visualizer Email)
Recorded Future
Endpoint & Network Security:
FireEye / Trellix (HX, NX, AX, EX, CMS)
Carbon Black EDR
Microsoft Defender (MS Defender)
Sophos EDR
Ivanti Pulse Secure
Proofpoint
Proofpoint Communities
Mimecast
IronPort
Okta
RSA
Threat Detection & Analysis Tools:
Wireshark / Tshark
Nessus / Qualys scanning
Wazuh
Ossec
ModSec
Infoblox
PRTG
ObserveIT
OSINT & Cyber Threat Hunting:
OSINT Framework
AbuseIPDB
VirusTotal
Urlscan
Shodan
Urlvoid
Symantec Site Review
AnyRun
IT Infrastructure & Administration:
Active Directory
Exchange
Cisco Unified CallManager Administration
Avery Weigh-Tronix (Weighman software)
Collaboration & Ticketing Systems:
Jira
ServiceNow
OSTicket
Rocketchat
Microsoft Teams
Amazon Chime
MatterMost
Skype
Confluence
Cisco Webex
Scripting & Development:
Regex
PSQL
Apache
Bash
System Utilities & Productivity Tools:
7-Zip / Zip
LibreOffice
Thunderbird
TeamViewer
Kaspersky
Malwarebytes
Operating Systems & Command Line:
Linux Command Line
Windows
Unix
Timeline
SOC Analyst Consultant (Snr) - ATOS / Eviden + Guidant Global (Contractor)
03.2025 - 01.2026
SOC Analyst Consultant (Mid) - ATOS / Eviden (Contractor)
10.2024 - 03.2025
SOC Analyst Consultant (Jnr) - ATOS / Eviden (Contractor)
03.2023 - 10.2024
Cyber Security SOC Analyst - Novacoast Inc
05.2020 - 06.2022
Cyber Security Researcher / Analyst - ECSC Group
04.2019 - 04.2020
Customer Support Analyst Apprentice - European Metal Recycling Ltd
09.2017 - 03.2019
QA Ltd - BCS Level 4 Certificate in Cyber Security,
Warrington Collegiate - OCR Level 3 Cambridge Technical Subsidiary Diploma, Computing & IT
Bridgewater High School - GCSE,
Security Clearance
- BPSS
- SC
- DV
References & Certificates
References and certificates can be provided upon request.