Md IMRAN ALAM

[email protected] + 91 - 9808141961
LinkedIn: linkedin.com/in/imranalam-alig/

PROFESSIONAL SUMMARY

To apply my expertise in managing enterprise- scale SOC operations and SIEM modernization toward specialized Splunk administration. I aim to optimize log ingestion, indexing, and search performance, while ensuring reliable integration, automation, and compliance reporting that strengthen organizational security posture

WORK EXPERIENCE

Splunk Architect & SOC Lead - Cyber Security Operations
06/2024 - Present
Star Health & Allied Insurance Co Ltd
Oversee SOC operations, ensuring timely detection, triage, and response to security incidents
Manage SIEM administration (Splunk) including ingestion, parsing, dashboards, and alert optimization
Lead forensic investigations using SIEM and Splunk data to trace attack vectors and reconstruct timelines
Lead governance meetings with MSSP partners, enforcing SLA compliance, accountability, and escalation management
Align SOC processes with compliance frameworks (ISO, IRDAI), ensuring audit readiness
Spearhead SIEM and EDR migration projects (Cortex XSIAM, XDR), ensuring seamless transition and improved visibility
Integrate threat intelligence feeds (e.g., Cyble) for proactive brand and executive monitoring
Track rollout progress of new tools (such as XDR, Cortex XSIAM, CSPM, Cyble, etc.) ensuring milestones are met and communicated to stakeholders
Mentor and develop SOC analysts, simplifying complex concepts for team growth
Collaborate with stakeholders to align cybersecurity initiatives with organizational objectives
Represent SOC in governance calls, ensuring strategic alignment with MSSP and leadership priorities
SOC Lead / Splunk Admin – Splunk cloud, Security Operation Centre
11/2022 - 06/2024
Star Health & Allied Insurance Co Ltd
Administered and maintained Splunk Cloud, managing forwarders, deployment servers and ensuring high availability
Designed, deployed, and optimized Splunk Cloud dashboards, correlation searches, and alerts to support incident detection and response
Managed large- scale data ingestion pipelines, ensuring accurate parsing, indexing, and normalization for diverse log sources
Tuned and optimized SPL queries to improve search performance, reduce latency, and enhance reporting accuracy
Integrated multiple security data sources (firewalls, endpoints, threat intel feeds) into Splunk Cloud for unified visibility
Implemented role- based access controls and ensured secure administration of Splunk Cloud environments
Conducted forensic investigations leveraging Splunk Cloud data to trace attack vectors and reconstruct incident timelines
Ensured compliance alignment (ISO, IRDAI) by building audit- ready reports and dashboards in Splunk Cloud
Collaborated with MSSP partners to validate Splunk Cloud monitoring, enforce SLA compliance, and drive accountability
Mentored SOC analysts on Splunk Cloud usage, query building, and dashboard creation to enhance team capabilities
Delivered executive- ready reports and visualizations from Splunk Cloud, translating technical findings into business impact
Sr. SOC Analyst / Splunk Admin – Splunk cloud, Security Operation Centre
10/2021 - 11/2022
Inspira Enterprises Ltd
Monitored, analyzed, and responded to security incidents, ensuring timely triage and escalation as a Senior SOC Analyst
Conducted threat hunting and forensic investigations using SIEM and Splunk Cloud data to identify attack vectors and strengthen defenses
Assisted Splunk implementation team in onboarding diverse data sources to Splunk Cloud, ensuring seamless integration and enhanced visibility
Administered Splunk Cloud, managing ingestion pipelines, parsing, indexing, and optimizing SPL queries for performance and accuracy
Developed and implemented correlation rules in Splunk Cloud to enhance alert accuracy and improve incident detection
Performed regular Splunk Cloud health checks to ensure platform stability, optimal performance, and uninterrupted security monitoring
Designed and developed Splunk Cloud dashboards to deliver real-time visibility, actionable insights, and compliance reporting
Developed and optimized SOC playbooks and operational processes to standardize and streamline incident response activities
Security Analyst
01/2019 - 03/2021
Q Vision, State of Qatar , State of Qatar
Monitor and respond to all alerts generated by SIEM and analyze them
Raising Incidents using BMC Remedy and assigning to the teams concerned
Follow up with the team concerned for incident closure and assist them in identifying root cause
Monitoring inbound and outbound traffic for the Firewall and investigating events
Correlate data by researching logs, analyzing graphs & packet inspection
Ensure to identify potential true positive
Research new evolving threats & vulnerabilities
Documentation of alerts, weekly & Monthly reports
Network & Security Admin
08/2015 - 01/2019
Q Vision, State of Qatar , State of Qatar
Administered and troubleshot LAN/WAN connectivity across client sites to ensure reliable network performance
Configured Cisco routers, switches, access points, WLCs, firewalls, and IPS/IDS systems
Assigned and managed IP address allocations across network infrastructure
Configured port security to provide controlled LAN access
Managed user Wi-Fi access in compliance with company policy
Prepared network analysis and performance reports to support monitoring and optimization
Service Desk Analyst
01/2014 - 08/2015
Progressive Infovision Pvt. Ltd. (Wipro Infotech)
Served as central contact for technical support teams, providing real-time updates on incidents, service requests & change requests
Routed user generated tickets through BMC Remedy to ensure timely issue resolution
Identified root causes through targeted customer queries, troubleshot the issues and escalated as per escalation matrix

EDUCATION

Bachelor of Technology
01/2013
ZHCET, AMU, India

SKILLS

Technical Skills: Cybersecurity Strategies, Incident Response, Threat Intelligence, Machine Learning, Data Analysis, Data Visualization
Soft Skills: Team Leadership, Communication, Problem Solving, Adaptability
Tools: Splunk, Cortex XSIAM, Tableau, Advanced Analytics Tools
Other: Cybersecurity Certifications, Agile Methodology, Public Speaking

CERTIFICATIONS

Splunk Enterprise Certified Admin
Splunk
Splunk Core Certified Power User
Splunk
ISO 22301:2019 Lead Implementor
Continuity and Resilience
ISO 27001:2022 Lead Implementor
Continuity and Resilience

Similar Resumes You May Like

Marcos Romero

Analista Sênior com atuação em gestão operacional

RUBY LANGLOIS

Team Lead

Bhusparekha M

Ariel Krzeminski

Care Navigator/Patient Access Representative

Kilian Niß

Praktikum Elektrotechnik