Pooja Gunjal User

I’m a Security Operations Analyst with 3 years of experience across Security Operations, Threat Detection & Response, SIEM Engineering, Detection Engineering, Threat Intelligence, Incident Response, and Vulnerability Management. I’ve monitored enterprise environments using Microsoft Sentinel, IBM QRadar, Splunk, Microsoft Defender XDR, CrowdStrike Falcon, Cortex XSOAR, and Qualys.

In my roles, I performed alert triage and full incident workflows—investigation, containment, eradication, recovery, and post-incident documentation—using SOC playbooks. I also drove log analysis across Windows, Active Directory, Microsoft Defender XDR, Azure, and cloud environments to identify anomalous activity and support investigations.

My work is grounded in strong frameworks and standards, including MITRE ATT&CK and the NIST Cybersecurity Framework, and I map attacker techniques to MITRE ATT&CK during complex incident investigations. I’ve built and tuned detections using daily threat intelligence feeds to reduce noise and improve coverage.

I focus on measurable outcomes and continuous SOC improvement, including improving incident resolution time by 25% and reducing SIEM false positives by ~20% through detection optimization. I bring hands-on security automation experience with SOAR and value cross-functional collaboration with IT and engineering teams.