SOC Analyst Resume Example

“SOC analyst with 3+ years in 24/7 security operations environments monitoring enterprise networks and endpoints. Skilled in real-time threat detection using Splunk and CrowdStrike, with experience in alert triage, incident escalation, and developing detection use cases for emerging threats.”

• Triaged 300+ daily security alerts across SIEM and EDR platforms. Kept response time under 15 minutes for high-severity incidents
• Wrote 25+ threat hunting queries based on MITRE ATT&CK. Proactively found 8 compromise indicators nobody had caught before
• Built automated playbooks in Cortex XSOAR for phishing and malware alerts. Response time went from 30 minutes to 5
• Investigated and contained a business email compromise attempt. Prevented $250K in fraudulent wire transfers
• Mentored 3 Tier-1 analysts on triage and escalation. Team's first-call resolution rate improved 35%
• Worked the overnight shift rotation in a 24/7 SOC environment. Handled alerts independently and escalated appropriately
• Analyzed network traffic and endpoint logs to investigate potential data exfiltration and lateral movement
• Maintained daily shift notes and handed off open investigations to the next shift with clear context and next steps
• Tuned SIEM correlation rules to reduce alert noise. Cut false positive alerts from about 200 to 60 per day

Include these keywords in your resume to pass Applicant Tracking Systems.

• CompTIA Security+
• CompTIA CySA+
• Splunk Core Certified User