🛡️About Me
👋 Hi, I’m Gokul Soman a Cyber Security Analyst with over 4 years of hands-on experience working in 24/7 Security Operations Centre (SOC) environments, specialising in Microsoft Azure Security, SIEM engineering, incident response, and threat hunting.
Throughout my career, I’ve investigated real-world security incidents across diverse enterprise environments using tools such as Microsoft Sentinel, Defender for Endpoint, and Splunk. I’ve performed deep-dive investigations, root cause analysis, and containment activities while continuously improving detection accuracy through KQL query development and SIEM tuning.
🔍 My Core Focus Areas
🛡️ Incident Response & Threat Detection
Monitoring, triaging, and investigating complex alerts while reducing false positives and strengthening detection logic. I map investigations to MITRE ATT&CK techniques and contribute to structured, standards-aligned response processes.
☁️ Azure & Cloud Security Engineering
Designing and securing Azure environments using VNets, NSGs, Azure Firewall, RBAC, Log Analytics, VPN configurations, and monitoring solutions. I’ve built secure multi-region lab environments aligned with AZ-500 and enterprise cloud security best practices.
🧠 Threat Hunting & Detection Engineering
Developing KQL-based detection rules, improving SOC workflows, and proactively hunting threats using behavioural indicators and intelligence-driven techniques.
🧪 Offensive Security Mindset
Maintaining custom-built lab environments to simulate real-world attacks including Active Directory abuse, privilege escalation, and exploitation techniques — strengthening my defensive and detection capabilities.
🛠️ Technical Stack
-
SIEM: Microsoft Sentinel, Splunk
-
EDR: Microsoft Defender for Endpoint, WithSecure
-
Cloud: Azure (VNets, NSGs, Firewall, Monitor, Entra ID, VPN, Load Balancer, Storage Security)
-
Detection & Querying: KQL, MITRE ATT&CK
-
Investigation Tools: VirusTotal, ANY.RUN, Polarity, AbuseIPDB, DNS/WHOIS analysis
-
Scripting: PowerShell
🎯 Career Direction
I’m currently progressing toward becoming an Azure Cloud Security Architect, combining real-world SOC experience, cloud security engineering, and an attacker-informed mindset to design secure, scalable enterprise environments.
This portfolio highlights my professional journey, hands-on projects, and continuous development in cyber security.
Professional Experience
November 2022 – October 2025
CyberOne Ltd, United Kingdom
Security Operations Centre Analyst
-
Monitor, triage, and investigate security alerts across multiple client environments using Microsoft Sentinel and Defender for Endpoint.
-
Act as escalation point for L1 analysts, performing deep-dive investigations and root cause analysis.
-
Develop and tune KQL detection queries and analytics rules, reducing false positives and improving detection accuracy.
-
Conduct proactive threat hunting mapped to MITRE ATT&CK techniques.
-
Lead incident response activities including evidence collection, containment, and remediation guidance.
-
Mentor junior analysts and contribute to SOC process improvements aligned with NIST and ISO 27001.
April2022 - November 2022
KryptoKloud Ltd, United Kingdom
Cyber Security Analyst
-
Operated in a 24×7 Security Operations Centre, performing real-time monitoring, triage, investigation, escalation, and reporting of security incidents across multiple log sources.
-
Investigated threats using WithSecure EDR, Splunk, IDS, and network traffic analysis (packets, flows, sensors), including phishing emails, malicious domains, and IPs, recommending effective containment and blocking actions.
-
Supported incident response and vulnerability management, assisting with prioritisation, patching activities, remediation documentation, and post-incident prevention measures.
-
Collaborated with clients and CSOC management by tracking SOC metrics, providing incident updates, delivering technical guidance, and supporting security controls, documentation, and response processes using TheHive platform.
Education
2019-2021
University Of Hertfordshire, United Kingdom
Master of Science in Cyber Security with Advance Research
2016-2019
Mahatma Gandhi University, India
Bachelor of Science in Cyber Forensic
