I provide Security Operations Center (SOC) support and SIEM monitoring services to help organizations detect, analyze, and respond to security threats in real-time. With a foundation in incident detection, investigation, and response, I specialize in monitoring environments for suspicious activities and ensuring logs and alerts are properly analyzed.
What I can deliver:
Continuous SIEM monitoring (Splunk, ELK, or other platforms)
Log analysis across Windows, Linux, network devices, and applications
Alert triage – filtering false positives and identifying real threats
Investigation of security events (failed logins, privilege escalation, suspicious processes, network anomalies, malware indicators)
Documenting incidents in clear, structured SOC reports
Escalation procedures aligned with Incident Response playbooks
Support in building detection rules for common attack techniques (MITRE ATT&CK mapping)