Open to SOC Analyst opportunities

SOC Analyst / Blue Team / Threat Detection

Detecting threats. Defending systems.

I am Amrit Panthi, a SOC Analyst focused on detecting threats, investigating security events, and turning log data into clear, actionable incident insights.

Download Resume View security projects
Blue Team Level 1 certificate awarded to Amrit Panthi
BTL1 Certified
SPL Custom alert rules
SIEM Alert triage
MITRE ATT&CK mapping
BTL1 Certified analyst

Home Lab Experience

Simulated security operations investigations using endpoint, SIEM, and network telemetry.

01

Splunk SIEM

SIEM Monitoring & Alert Triage

Monitored simulated SIEM alerts and investigated suspicious authentication events in a SOC-style workflow.

  • Identified brute-force login attempts and unauthorized access patterns.
  • Reviewed alert context to determine severity and next steps.
  • Practiced SOC-style investigation and escalation workflows.
Splunk Alert Triage Authentication Logs
02

Sysmon / Event Viewer

Windows Endpoint Investigation

Investigated Windows endpoint activity using Event Viewer and Sysmon logs to identify suspicious behavior.

  • Traced user activity and reviewed security events.
  • Investigated suspicious PowerShell execution and malware-related activity.
  • Reconstructed attack timelines from endpoint telemetry.
Sysmon Event Viewer IOCs
03

Splunk SPL / MITRE ATT&CK

Detection Rules & Threat Mapping

Built and tested detection logic for common attack behaviors and mapped activity to MITRE ATT&CK.

  • Created custom searches and alert rules in Splunk lab environments.
  • Detected failed logins, privilege escalation attempts, and anomalous activity.
  • Mapped investigation findings to MITRE ATT&CK techniques.
Splunk SPL Detection Rules False Positives
04

Wireshark

Network Traffic Analysis

Analyzed network traffic to identify suspicious communications, insecure protocols, and potential credential exposure.

  • Reviewed DNS activity and suspicious communications.
  • Identified insecure protocols and possible credential exposure.
  • Analyzed packet captures for network indicators.
Wireshark DNS Packet Analysis
05

Nmap

Network Reconnaissance

Performed network reconnaissance and vulnerability assessments to identify exposed services and potential weaknesses.

  • Scanned environments to identify open ports.
  • Reviewed exposed services for potential security weaknesses.
  • Documented findings for follow-up investigation.
Nmap Open Ports Vulnerability Assessment
06

Email Security

Phishing Investigation

Investigated suspicious emails to determine malicious intent and support incident response decisions.

  • Examined email headers, sender information, and embedded links.
  • Reviewed attachments and indicators for suspicious activity.
  • Documented findings and escalation actions.
Phishing Email Headers Escalation

Work Experience

I bring a strong foundation in security operations workflows, escalation procedures, and threat detection, with experience communicating technical findings clearly and accurately.

May 2022 - Oct 2022 Pre-sales Associate, Genese Solution
June 2021 - May 2022 Information Security Associate, F1Soft International Pvt. Ltd
Jan 2020 - May 2021 Security Operations Assistant, Softwarica College of IT and E-commerce

Technical Skills

01

Security Operations

SIEM monitoring, alert triage, incident investigation, escalation, and log correlation.

02

Tools & Telemetry

Splunk, Wireshark, Sysmon, TCPDump, ELK Stack, Nmap, Windows Event Logs, and Linux logs.

03

Network & Systems

TCP/IP, DNS, HTTP/S, VPN, Active Directory basics, Windows, and Linux environments.

04

Analysis & Querying

Splunk SPL, MITRE ATT&CK mapping, IOC analysis, and basic Python for log parsing and automation.

Certifications

Blue Team Level 1 (BTL1)

Practical blue-team and incident-response certification.

TryHackMe SOC Level 1

Security operations center investigation practice.

Google Cybersecurity

Hands-on Linux, MySQL, and Python labs.

AWS Cloud Practitioner Essentials

Foundational AWS cloud training.

Education

January 2023 - August 2024

Post-Graduate in Project Management - IT

Cestar College of Business, Health, and Technology (Lambton College),
Toronto, Canada

July 2018 - February 2022

Bachelor of Science with Honors in Computing

Softwarica College of IT and E-commerce (Coventry University),
Kathmandu, Nepal

Contact

Looking for a dedicated SOC analyst? Let's connect.

Your email app will open with this message addressed to me.

Reach me by phone +1 647-200-2785
Toronto, ON LinkedIn GitHub Download Resume
Expanded Blue Team Level 1 certificate awarded to Amrit Panthi