Jaazab Ghalob
Cyber Security SOC Analyst
Stevenage,HRT
Summary
Results-driven Cyber Security SOC Analyst with extensive experience in monitoring, analysing, and responding to cyber threats in 24/7 Security Operations Centres. Proficient in SIEM solutions such as Splunk, LogRhythm, Darktrace, and Azure Sentinel, as well as endpoint security tools like Trellix, Carbon Black, and Microsoft Defender. Skilled in conducting threat intelligence, forensic investigations, and implementing mitigation strategies in alignment with ISO 27001, GDPR, MITRE ATT&CK, and MOD frameworks. Proven ability to optimise SOC workflows, reduce false positives, and enhance overall security posture through automation and process improvements. A strong communicator and team player with a track record of mentoring junior analysts and collaborating with cross-functional teams to strengthen cybersecurity defences.
Overview
7
7
Years of Information Technology experience
5
5
Years of Cyber Security experience
Work History
SOC Analyst Consultant (Mid)
ATOS / Eviden (Contractor)
Stevenage, Hertfordshire
10.2024 - Current
- Maintained accurate documentation of all SOC activities, facilitating knowledge sharing across the organisation.
- Assisted in designing and implementing custom security policies based on ISO 27001, NIST and MOD frameworks, enhancing compliance and operational security.
- Provided strategic recommendations for SOC workflow enhancements, including automated alert prioritisation, improving analyst efficiency.
- Implemented automated tools and processes for continuous monitoring of system logs, reducing manual efforts by the team.
- Enhanced network security by monitoring systems for potential threats and vulnerabilities.
- Conducted regular threat hunts based on Threat Intelligence feed from Recorded Future and proactive hunts.
- Trained junior analysts in threat intelligence gathering techniques, improving overall team efficiency.
- Facilitated cross-departmental collaboration efforts to develop unified security protocols.
- Coordinated with external security vendors to enhance threat intelligence and defense mechanisms.
SOC Analyst Consultant (Jnr)
ATOS / Eviden (Contractor)
Stevenage, Hertfordshire
03.2023 - 10.2024
- Operated within a 24x7 Security Operations Center (SOC), continuously monitoring and responding to cyber threats to ensure enterprise security.
- Managed shift performing Jnr / Snr analyst role and responsibilities alone for the first 8 months.
- Investigated and triaged security alerts across corporate and classified networks, utilising LogRhythm, Splunk, DarkTrace and Trellix in alignment with MOD regulations and protocols.
- Collaborated on cyber resilience projects, developing enhanced incident response strategies that reduced threat response time by 20%.
- Partnered with Incident Management (IM) teams to deploy advanced security measures, such as endpoint detection improvements and network segmentation, strengthening data protection.
- Reduced false alarms by 25% through fine-tuning SIEM correlation rules and refining detection logic based on historical threat patterns.
- Optimised incident management workflows by integrating JIRA, MatterMost, Confluence and Shift Handovers facilitating faster coordination between SOC analysts and IM teams.
- Conducted root cause analysis of security breaches using Splunk, Wireshark, ObserveIT, Recorded Future and Infoblox leading to improved threat mitigation strategies.
- Delivered real-time technical support during high-priority security incidents, minimising business impact.
Cyber Security SOC Analyst
Novacoast Inc
Manchester, Greater Manchester
05.2020 - 06.2022
- Operated within a 24x7 Security Operations Center (SOC), proactively monitoring and responding to cybersecurity threats to ensure uninterrupted business operations.
- Monitored, investigated, and mitigated security incidents using LogRhythm, Splunk, Alienvault, Azure Sentinel, Proofpoint, ServiceNow, NovaSOC and Carbon Black, ensuring rapid response to cyber threats.
- Conducted in-depth log analysis from SIEM, Firewall, IDS/IPS, and WAF sources, identifying and containing an average of 3 security incidents per month.
- Investigated IPs, domains, and phishing emails for malicious activity using OSINT tools like VirusTotal, URLScan, URLVoid, Symantec Site Review, Shodan, and AbuseIPDB, recommending mitigation strategies.
- Executed daily SOC operations, including threat intelligence gathering, incident response coordination, and log analysis, ensuring smooth security operations.
- Applied critical thinking to analyze attack vectors, assess risks, and implement proactive threat mitigation strategies to enhance security posture.
- Maintained round-the-clock security monitoring, ensuring threat response continuity across nights, weekends, and holidays.
- Identified cyber threats, performed forensic analysis, and implemented security measures to prevent data breaches and system vulnerabilities.
- Trained and mentored new SOC analysts in SIEM solutions (LogRhythm, Splunk), improving team efficiency and reducing onboarding time by 20%.
- Performed regular system monitoring and reporting on the status of systems for optimal performance.
Cyber Security Researcher / Analyst
ECSC Group
Bradford, West Yorkshire
04.2019 - 04.2020
- Operated within a 24x7 Security Operations Center (SOC), investigating security threats and implementing response measures to protect client environments.
- Investigated malware infections, unauthorized access attempts, and suspicious network activity, providing actionable mitigation strategies that enhanced client security.
- Monitored PCI-DSS compliant environments, ensuring adherence to security standards and promptly identifying compliance violations.
- Analyzed security violations such as unauthorized access and misconfigured firewalls, developing custom mitigation plans to prevent future breaches.
- Implemented encryption protocols (AES, TLS, RSA) and configured firewall rules to safeguard confidential client data from cyber threats.
- Utilised SIEM tools and access control mechanisms to monitor data usage, ensuring only authorized personnel accessed sensitive information.
- Conducted security assessments and recommended enhancements to IDS/IPS rules, endpoint security policies, and log retention practices, strengthening client cybersecurity postures.
- Applied Linux command-line expertise for log analysis, network forensics, and intrusion detection, complementing advanced Windows security knowledge.
Customer Support Analyst Apprentice
European Metal Recycling Ltd
Warrington, Cheshire
09.2017 - 03.2019
- Troubleshot and resolved hardware, software, and network-related issues using IronPort, Cisco Jabber, TeamViewer, and Cisco Unified CallManager, ensuring minimal downtime and efficient IT operations.
- Managed 50+ daily support calls and tickets, reducing response times by answering calls within 3 rings and proactively sharing knowledge base articles for common application and system issues.
- Processed IT procurement requests, ensuring timely availability of hardware/software and aligning with ISO 27001 compliance for secure asset management.
- Improved customer satisfaction by providing fast and effective resolutions, ensuring compliance with ISO 27001 security protocols, and maintaining high IT service reliability.
- Collaborated with internal teams to assess IT needs, leveraging EDR (MS Defender, Sophos) and RSA tools to deliver tailored support and system security improvements.
- Delivered high-pressure technical support, including a critical laptop Wi-Fi issue for an executive scheduled to leave the country the same day. Diagnosed and resolved Wi-Fi adapter misconfiguration, ensuring seamless connectivity and receiving direct executive recognition for quick turnaround.
Education
BCS Level 4 Certificate in Cyber Security -
04.2019 - 04.2020
Grade: PASS
OCR Level 3 Cambridge Technical Subsidiary Diploma - Computing & IT
2016.09 - 2017.06
(1st Year)
Date: 2015-09 to 2016-06
Grade: Distinction* Distinction*
(Awarded 100% Attendance)
(2nd Year)
Date: 2016-09 to 2017-06
Final Grade: Distinction* Distinction* Distinction*
GCSE -
05.2012 - 2015.08
- Achieved 8 A*-C GCSE's including Maths, English and ICT
Skills
Security Information and Event Management (SIEM) & Threat Intelligence:
Timeline
SOC Analyst Consultant (Mid) - ATOS / Eviden (Contractor)
10.2024 - Current
SOC Analyst Consultant (Jnr) - ATOS / Eviden (Contractor)
03.2023 - 10.2024
Cyber Security SOC Analyst - Novacoast Inc
05.2020 - 06.2022
Cyber Security Researcher / Analyst - ECSC Group
04.2019 - 04.2020
QA Ltd - BCS Level 4 Certificate in Cyber Security,
04.2019 - 04.2020
Customer Support Analyst Apprentice - European Metal Recycling Ltd
09.2017 - 03.2019
Bridgewater High School - GCSE,
05.2012 - 2015.08
Warrington Collegiate - OCR Level 3 Cambridge Technical Subsidiary Diploma, Computing & IT
2016.09 - 2017.06
Security Clearance
- BPSS
- SC
- DV
References & Certificates
References and certificates can be provided upon request.
Similar Profiles
Manjit SarmahManjit Sarmah
SAP S4 Hana Service Delivery Manager at ATOS-SYNTEL (Renamed as Eviden- An ATOS Business)SAP S4 Hana Service Delivery Manager at ATOS-SYNTEL (Renamed as Eviden- An ATOS Business)
Ganesh SairamGanesh Sairam
Senior Manager, (Aisaac Threat Management) at ATOS (Eviden)Senior Manager, (Aisaac Threat Management) at ATOS (Eviden)
Brian BrochuBrian Brochu
Quality Assurance Engineer at ATOS / EvidenQuality Assurance Engineer at ATOS / Eviden
Blenti KapllaniBlenti Kapllani
Lead Generation & Sales Specialist at AgenBordLead Generation & Sales Specialist at AgenBord
Megan GeeMegan Gee
Shop Worker at AsdaShop Worker at Asda