HimalayasHimalayas logo
Khayam KhanKK
Open to opportunities

Khayam Khan

@khayamkhan

Cyber Security Analyst specializing in SOC operations, incident response, and cloud security hardening.

Philippines
Message

What I'm looking for

I’m looking for a security team where I can own SOC investigations, improve detections with KQL, and strengthen incident response and cloud security. I value clear documentation, measurable outcomes, and continuous improvement across tools and processes.

I’m a results-driven cybersecurity professional with 5+ years of combined experience across Security Operations, Incident Response, Vulnerability Management, and Cloud Security. I’ve worked in both MSSP and enterprise SOC environments, where I focused on fast triage, clear investigation, and measurable risk reduction.

In my current role as a Cyber Security Analyst at Sourcepass, I monitor and triage alerts using ConnectWise SIEM (formerly Perch) and perform log analysis with Lucene/KQL for threat correlation and investigation. I initiate incident response for malware infections, scareware, data leakage, and account misuse—driving containment, eradication, and recovery.

I also strengthen endpoint and cloud visibility by leveraging SentinelOne EDR for threat detection, investigation, and hunting, along with Microsoft Sentinel and Microsoft Defender for Cloud for Azure-connected monitoring. I tune detection logic using KQL and validate client adherence to security standards through Microsoft Purview and related compliance/loss-prevention reviews.

Earlier, I supported DICT-NSOC Security Operations Center operations across 30+ government agencies, analyzing incidents using firewall, IDS/IPS, and endpoint telemetry, and contributing to baseline and policy improvements. Prior to SOC work, I served as a Junior Systems Engineer (Middleware), performing Linux administration (RHEL), automation with Bash/Shell scripting, and incident response support for middleware platforms—experiences that sharpen my operational discipline and troubleshooting mindset.

Experience

Work history, roles, and key accomplishments

SO
Current

Cyber Security Analyst

Sourcepass

Aug 2024 - Present (1 year 8 months)

Monitored and triaged security alerts across client environments using ConnectWise SIEM, investigating incidents with KQL/Lucene log analysis and threat correlation. Conducted endpoint and cloud security investigations using SentinelOne EDR, Microsoft Sentinel, and Microsoft Defender for Cloud, and supported containment, eradication, recovery, and reporting.

ConnectWise SIEMSentinelOneMicrosoft DefenderIncident ResponseThreat HuntingMicrosoft Purview
PI

SOC Analyst

Philcox (Phils.) Inc.

Jan 2024 - Aug 2024 (7 months)

Supported a DICT-NSOC Security Operations Center within an MSSP by monitoring security events across 30+ government agencies. Analyzed incidents and vulnerabilities via log review, strengthened security baselines for endpoints and network devices, and contributed to incident containment and eradication.

Trend Micro Vision OneLog AnalysisIncident ResponseSecurity Baselines
IP

Junior Systems Engineer (Middleware)

Indra Philippines

Feb 2022 - Jan 2024 (1 year 11 months)

Monitored and supported MERALCO middleware integration solutions to maintain stability and continuity in production. Performed RHEL administration and automated operational workflows with Bash/Shell scripting, and provided incident response support for IBM AppConnect Enterprise, IBM Integration Bus, and IBM Cast Iron.

Bash ScriptingIBM App ConnectIBM Integration BusIBM Cast IronIBM DataPower Operations DashboardIncident ResponseServiceNowJira

Education

Degrees, certifications, and relevant coursework

Mapúa University logoMU

Mapúa University

Bachelor of Science in Computer Engineering, Computer Engineering

Completed a BS in Computer Engineering at Mapúa University, specializing in Linux administration.

Tech stack

Software and tools used professionally

Microsoft Azure logo

Microsoft Azure

Gmail logo

Gmail

Jira logo

Jira

Kibana logo

Kibana

Linux logo

Linux

Lucene logo

Lucene

ServiceNow logo

ServiceNow

Solana logo

Solana

Bash

Middleware logo

Middleware

SentinelOne logo

SentinelOne

Microsoft Purview

Availability

Open to opportunities

Location

Philippines

Authorized to work in

Philippines

Job categories

Cybersecurity AnalystSOC AnalystIncident Response AnalystCloud Security AnalystVulnerability AnalystPenetration TesterCyber AnalystSecurity AnalystInformation Security AnalystSenior Cybersecurity AnalystIT Security AnalystCyber Intelligence AnalystEntry Level Cyber Security AnalystNetwork Security Analyst

Skills

Security OperationsIncident ResponseVulnerability ManagementCloud SecuritySIEMSentinelOneAzure SentinelConnectWise SIEMMicrosoft DefenderAzure Security ControlsEDRLuceneThreat HuntingThreatLockerDarkWebIDMicrosoft PurviewData Loss PreventionScreenConnectDarkWebID Credential MonitoringXDRSOARLinux AdministrationBash ScriptingShell ScriptingSecurity BaselinesJiraServiceNowIBM DataPower Operations DashboardIBM App ConnectIBM Integration BusIBM Cast IronAlemba VFireBASHGmailKibanaLinuxMicrosoft AzureMiddlewareSolanaTrend Micro Vision One

Interested in hiring Khayam?

You can contact Khayam and 90k+ other talented remote workers on Himalayas.

Message Khayam

People also viewed

View all talent

Find your dream job

Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan