class SOCAnalyst:
def __init__(self):
self.name = "Sovan Das"
self.location = "Raigarh, Chhattisgarh, India"
self.role = "Aspiring SOC Analyst"
self.education = "B.Tech CSE @ O.P. Jindal University (2026)"
self.htb_rank = "#979 Globally"
self.achievement = "WorldSkills India β Gold Medalist (Cyber Security)"
def focus_areas(self):
return [
"Threat Detection & Alert Triage",
"SIEM Engineering (Splunk)",
"Log Analysis & Incident Response",
"Network & Memory Forensics",
"Blue Team Operations",
]
def current_mission(self):
return "Building SOC-grade tools while hunting for my first SOC role π―"
me = SOCAnalyst()| π₯ | Achievement |
|---|---|
| π | WorldSkills India β Gold Medalist, Cyber Security (State Level) |
| π― | Hack The Box β Global Rank #979 |
| π | CompTIA Network+ Certified (N10-008) β Packt, Nov 2025 |
| π₯οΈ | Operating Systems β IBM, Aug 2025 |
| π | Python for Cyber Security β INFOSEC, Jun 2025 |
| π‘ | CompTIA Security+ (SY0-701) β In Progress (Expected May 2026) |
β
SIEM Engineering β Splunk log ingestion, dashboards, detection rules, alert triage
β
Active Directory β AD administration, event log monitoring, privilege escalation detection
β
Incident Response β Alert triage, threat hunting, log correlation
β
Network Forensics β Wireshark, TCPdump, PCAP analysis (Scapy)
β
Memory Forensics β Artifact extraction, process analysis
β
Web Security β OWASP Top 10, WAF implementation, SQLi/XSS detection
β
Threat Frameworks β MITRE ATT&CK mapping
β
Server Hardening β Linux & Windows hardening, SSH security, firewall rules
β
Cryptography β SSL/TLS, encryption fundamentals
Real-world SOC simulation in a virtualized environment
- Built a Windows Active Directory environment integrated with Splunk SIEM for centralized log collection
- Ingested and analyzed Windows Security Event Logs to track logins, account changes, and policy violations
- Created custom detection rules and dashboards to identify unauthorized access and privilege escalation in real time
Python-powered threat detection for Linux environments
- Built a Linux-based log monitoring system using Python & Shell scripting for fully automated analysis
- Parsed authentication and system logs to surface anomalies and unauthorized access attempts
- Implemented rule-based alerting for brute-force attacks, root SSH access, and privilege escalation events
Production-grade WAF with real-time SOC dashboard
- Built a Python-based reverse proxy WAF (FastAPI) to inspect HTTP traffic and block attacks via a threat scoring engine
- Implemented detection for SQLi, XSS, and brute-force with automated alerting, logging, and IP blocking (with timed unblocking)
- Enabled PCAP-based forensic analysis using Scapy and a live SOC dashboard for real-time threat visibility
- π Preparing for CompTIA Security+ (SY0-701) β Expected May 2026
- π― Climbing the ranks on Hack The Box (currently #979 globally)
- π Expanding my SOC home lab with new detection use cases
- πΌ Actively seeking an entry-level SOC Analyst role