Senior SOC Analyst | Threat Hunter | Detection Engineer

I am a Tier 2 SOC Analyst with over 8 years of experience in cybersecurity, specializing in incident response, advanced threat hunting, and detection engineering within 24/7 managed SOC environments. I have a proven track record of leading complex incident investigations across endpoint, identity, and cloud environments using Microsoft Defender XDR (MDE, MDI, MDO) and Splunk. I am adept at writing custom KQL hunting queries, conducting malware analysis, and validating detections using Atomic Red Team techniques. I am ranked in the Top 1% on TryHackMe and am actively pursuing the Blue Team Labs Level 2 (BTL2) certification.

Currently, I work as an L2 Security Operations Center Analyst at Arvato Systems Romania, where I lead major incident investigations from initial triage through containment and root cause analysis across enterprise client environments. I perform advanced threat hunting using OSINT-derived IOCs and custom KQL queries across Microsoft Defender XDR environments. I analyze endpoint, identity, and cloud telemetry to identify lateral movement, privilege escalation, and malicious behavior. Additionally, I conduct malware analysis using behavioral and static techniques to determine impact and drive remediation.

I validate and tune detections using Atomic Red Team adversary simulation and support detection engineering efforts across the SOC. I also provide rotational shift leadership, overseeing escalation workflows and mentoring junior analysts. Collaboration with enterprise clients during active incidents is a key part of my role, where I deliver remediation guidance and security recommendations.

Previously, I worked as a Cyber Security Analyst at Veoneer, performing alert triage, investigation, and incident response using SIEM and EDR tools. I conducted vulnerability assessments and management activities, developed automation workflows with Microsoft Logic Apps, and created PowerShell scripts to automate repetitive security tasks. Before that, I was a Vulnerability Management Analyst at Atos IT, managing vulnerability scanning programs with Qualys and Nessus, analyzing scan results, prioritizing findings, and coordinating remediation with IT teams.

I hold certifications including Microsoft SC-200 Security Operations Analyst, CompTIA Security+, Blue Team Labs Level 1, and Ethical Hacking from Bertelsmann Academy. I am fluent in English at a business level and a native Romanian speaker. My technical skills include Microsoft Defender XDR, Splunk, KQL, Microsoft Sentinel, Atomic Red Team, incident response, threat hunting, malware analysis, OSINT, detection engineering, MITRE ATT&CK framework, PowerShell, Qualys, Nessus, Logic Apps, endpoint forensics, SIEM operations, IOC development, root cause analysis, and shift leadership.