>// SANJAY
DIAGNOSTICS: TIME_LOG.DAT

CAREER MILESTONES

SOC Analyst L2 - Primary Escalation Point

PwC | Bengaluru, Karnataka
May 2025 – Present

Primary L2 escalation handler for complex, high-severity alerts across SIEM, SOAR, IR, and Advanced Threat Hunting teams. Trusted first call for US-based enterprise client incident response.

  • Single-handedly designed, built, and deployed a multi-workflow SOC automation platform, eliminating repetitive manual tasks across the entire analyst team without any vendor dependency.
  • Co-architected, fine-tuned, and productionized an in-house LLM trained on historical SOC alert data and runbooks, delivering a 30-40% reduction in time-to-handle across qualifying alert categories.
  • Fine-tuned a jailbroken LLaMA 2 (7B) model as a red-team companion for adversarial prompt generation and AI threat modeling, directly improving detection hypothesis quality.
  • Led proactive threat hunting campaigns in collaboration with ATH teams to uncover adversary TTPs missed by automated detection.
  • Managed critical incident lifecycle end-to-end: zero SLA breaches, maintaining full client satisfaction across engagements.
Microsoft Sentinel IBM QRadar Splunk SentinelOne Python LLaMA 2 Threat Hunting

SOC Analyst - L1 Escalation

Deloitte USI | Bengaluru, Karnataka
Feb 2023 – Apr 2025

Delivered 24x7 SOC coverage for multiple high-profile US enterprise clients as the trusted bridge between front-line L1 analysts and L2/IR teams.

  • Built custom Python automation scripts for phishing triage, cutting per-alert investigation time from 20+ minutes to under 3 minutes.
  • Monitored and correlated security events simultaneously across firewalls, IDS/IPS, EDR, SIEM, email security, and cloud platforms.
  • Developed detection hypotheses for Okta abuse, Azure account takeover, and cloud misuse scenarios, with several adopted as permanent monitoring rules across client environments.
  • Received Spot Award for exceptional SLA adherence, accuracy, and dedication across all client SOC tickets, along with multiple direct client commendations for incident handling quality.
Python EDR Okta IAM Azure AD SIEM correlation IDS/IPS

Cloud Security L1

Orbit Technologies | Bengaluru, Karnataka
Jun 2022 – Dec 2022

Reviewed dashboards for unusual activity and audited cloud alerts generated across corporate infrastructure.

  • Monitored indices and dashboards for anomalous system events.
  • Investigated alert triggers from Microsoft Defender for Cloud to resolve misconfigurations.
Defender for Cloud Cloud Audits Azure AD Dashboard Review