Open to Work — UK SOC Analyst Roles

Poorna
Sujampathi

SOC Analyst · 2.5+ Years Security Operations

  • 24×7 SOC monitoring & threat detection
  • SIEM alert triage & incident response
  • L1/L2 Security Operations expertise
  • Available for immediate start — UK Right to Work ✓
⬇ Download CV View Projects → Get In Touch
Poorna Sujampathi Rathnayaka

Poorna Sujampathi Rathnayaka

SOC Analyst · MSc Cyber Security

2.5+ Yrs. SOC Ops
1K+ Daily Events
MSc Cyber Sec.
3 Sectors
CrowdStrike IBM QRadar Incident Response SIEM DDoS Mitigation
About

A security professional
with a passion for defence.

SOC Analyst with 2.5+ years of experience in Security Operations Centers across banking, aviation, and telecommunications environments.

Experienced in SIEM monitoring, incident investigation, threat detection, and network traffic analysis using tools such as IBM QRadar, McAfee SIEM, Azure Sentinel, and CrowdStrike.

Skilled in log analysis, DDoS detection, and security incident response to support effective threat mitigation. Currently completing MSc in Cyber Security at University of Hertfordshire — seeking SOC Analyst roles in the UK.

🛡️
Total Experience
2.5+ Years SOC Operations
📊
Daily Events Monitored
1,000+ Security Events
🎓
Education
MSc Cyber Security (2025)
🌍
Location & Eligibility
Hemel Hempstead, UK · Right to Work ✓
Skills

Technical expertise across
the security stack.

📡SIEM Platforms

  • IBM QRadar
  • McAfee SIEM
  • Azure Logs & Monitor

🎯EDR / XDR

  • CrowdStrike Falcon
  • Cortex XDR
  • Microsoft Defender

🔬Advanced Tools

  • Darktrace AI
  • NetScout Arbor
  • FortiAnalyzer

📈Monitoring & Logging

  • Zabbix Monitoring
  • Grafana Dashboards
  • Site24×7

🔒Data Protection & DLP

  • Forcepoint DLP
  • SOCRadar
  • NetScout Arbor
  • Darktrace

☁️Cloud & Infrastructure

  • Microsoft Azure
  • Cloud Security
  • Infrastructure Hardening

SOC Operations

  • Alert Triage & Escalation
  • Incident Response
  • Log Analysis & MITRE ATT&CK

💻Programming

  • Python
  • Bash / Shell Scripting
  • Automation Scripts
Experience

Where I've worked
and what I've achieved.

Jun 2023 – Sep 2024 (24h Shift) Air Arabia (ISA)

Associate Infrastructure Analyst

★ Best Performance Award 2023
  • Monitored and triaged 1000+ daily security alerts across servers, network devices, firewalls, and endpoints.
  • Investigated suspicious activities through SIEM log analysis, event correlation, and alert validation.
  • Analyzed network and firewall logs to detect abnormal traffic patterns and potential DDoS activity.
  • Conducted incident investigation and escalation following SOC procedures.
  • Prepared monthly security reports and presented incident findings.
Jan 2023 – May 2023 (12h Shift) Nations Trust Bank

Information Security Analyst

  • Performed SIEM monitoring and threat detection using McAfee SIEM, CrowdStrike, and SOCRadar.
  • Investigated security alerts and supported incident response activities following SOC procedures.
  • Mitigated a 5-hour DDoS attack by identifying malicious IP ranges and updating firewall rules.
  • Prepared monthly security reports and presented incident findings.
Jan 2022 – Dec 2022 (6h Shift) SLT-Mobitel

Information Security Analyst (Intern)

  • Performed log correlation and anomaly detection using IBM QRadar and Cortex XDR.
  • Analyzed network traffic and DDoS activity using NetScout Arbor to detect abnormal traffic patterns.
  • Monitored WAF logs and privileged access activity using CyberArk to support SOC monitoring.
  • Assisted in developing and optimizing SOC playbooks for new security tools.
  • Supported L2 analysts with incident reporting, documentation, and security report presentations.
Projects

Notable projects
with real-world impact.

SOC Intelligence Platform

2024

Scenario: Security analysts spend excessive time manually parsing threat intelligence from varied sources.

Goal: Centralize 100+ RSS feeds to provide real-time, triaged threat intelligence.

Actions: Engineered a React/TypeScript dashboard with a SQLite backend. Built automated threat severity classification using keyword-based analysis and automated critical-alert email reporting.

Outcome: Delivered a centralized intelligence platform with interactive visualizations, reducing manual monitoring efforts.

React TypeScript SQLite
View Project

Advanced BYOD Security Framework

2024–25

Scenario: Unmanaged personal devices in corporate environments introduce severe access risks.

Goal: Design an access control system to securely authenticate and isolate BYOD endpoints.

Actions: Developed a framework using AES-128 encryption and UUID-based authentication. Integrated ML and CNN-based facial recognition to detect anomalies.

Outcome: Created a zero-trust model prototype that prevents unauthorized network access from compromised personal devices.

BYOD Security Machine Learning
View Project

Advanced Threat Intelligence & Dark Web IP Scanner

2023

Scenario: Threat hunting requires checking numerous external IP reputation lists, consuming valuable triage time.

Goal: Automate IP enrichment to quickly determine the severity of a suspicious IP.

Actions: Developed a Python script integrating APIs (VirusTotal, AbuseIPDB, AlienVault OTX) and dark-web OSINT.

Outcome: Automatically generated hashes, geolocation, and severity scoring into an analyst-ready threat summary.

Python Dark Web OSINT Threat Intel
View Project

SIEM Log Processing Automation

2023

Scenario: Manual triage of noisy, unparsed SIEM alerts leads to alert fatigue and high MTTR.

Goal: Automate log parsing to extract actionable indicators from raw logs.

Actions: Wrote Python scripts to parse log formats and highlight critical fields.

Outcome: Integrated the pipeline with the SIEM, reducing manual triage time and improving SOC efficiency.

Python Log Analysis SIEM Automation

AI-Augmented Phishing Detection & CTI Engine

2022

Scenario: Standard email security filters often miss sophisticated, targeted phishing attacks and zero-day malicious URLs, leaving inboxes vulnerable.

Goal: Develop an automated email analysis engine to proactively detect, score, and quarantine complex phishing attempts.

Actions: Built a Python application that fetches real-time emails via IMAP and performs deep header forensics (SPF/DKIM/DMARC checks). It cross-references extracted URLs and IPs against 100+ global Cyber Threat Intelligence (CTI) feeds and leverages the Gemini AI API for deep, contextual analysis of borderline suspicious emails.

Outcome: Created a robust pipeline that automatically scores incoming emails, accurately flags advanced tactics like display name spoofing and lookalike domains, and automatically quarantines malicious messages with high accuracy.

Python Email Security Threat Intel AI Analysis

Kali Linux CLI Pentesting Scanner

2024

Scenario: Routine vulnerability assessments involve running fragmented tools manually, causing reporting delays.

Goal: Create a lightweight, unified scanning tool to streamline basic reconnaissance.

Actions: Built a Bash CLI tool on Kali Linux orchestrating Nmap, Nikto, and Metasploit auxiliary modules.

Outcome: Consolidated scan outputs into structured HTML reports, improving assessment speed and repeatability.

Kali Linux Bash Automation
Credentials

Certifications & Awards

Introduction to Microsoft Azure Cloud Services

Microsoft · Aug 2021

CompTIA Security+ (SY0-601)

Cybrary · Sep 2021

IBM Cybersecurity Analyst

IBM · Aug 2021

Red Hat Enterprise Linux Fundamentals

Red Hat · Aug 2021

Best Performance Award

Air Arabia (ISA) · 2023

President Scouts Award

Sri Lanka Scout Association · 2019

Goals

What I'm working on
right now.

In Progress

SOC 200 Certification

Preparing for SOC 200 certification with a focus on advanced SOC operations, security monitoring, incident handling, threat detection, and real-world SIEM workflows.

Timeline: Q2 2026 Priority: High
In Progress

TryHackMe – SOC Learning Path

Actively following the TryHackMe SOC Learning Path with daily hands-on practical labs, focusing on SIEM alert analysis, log investigation, threat detection, and incident response in real-world SOC scenarios.

Timeline: Ongoing Priority: High
Upcoming

Wazuh Policy Implementation

Implementing and testing Wazuh security policies using Kali Linux, including log analysis, rule tuning, agent configuration, and threat detection use cases.

Timeline: Q1 2026 Priority: Medium
Upcoming

Custom SOC Lab Environment

Designing and building a custom SOC lab environment on Kali Linux, integrating SIEM, endpoint monitoring, threat simulation, and incident response workflows for hands-on SOC practice.

Timeline: Q3 2026 Priority: Medium
Education

Academic
Background.

🎓

MSc Cyber Security

University of Hertfordshire — School of Physics, Engineering & Computer Science, UK

Completed

📅 2024 – 2025  ·  Accredited by BCS, The Chartered Institute for IT

  • Covered distributed systems security, information security management & compliance, digital forensics, penetration testing, and cyber operations
  • Critically evaluated vulnerabilities and threats — conducting comprehensive risk assessments in complex enterprise environments
  • Applied research in SOC workflows, SIEM platforms, and incident response frameworks aligned with UK industry standards
  • Industry exposure sessions with Microsoft, Hewlett Packard, and Ocado Technologies
📘

BSc (Hons) in Information Technology

Sri Lanka Institute of Information Technology (SLIIT) — Faculty of Computing

Completed

📅 2020 – 2024  ·  Specializing in Cyber Security

  • Core studies in networking, information security, software engineering, and database systems
  • Specialization in Cyber Security — covering threat detection, network defence, and security operations
  • Final year project focused on BYOD Security using machine learning (Enhanced Security In a BYOD Environment)
  • Active member of the SLIIT IT Society and Cybersecurity Club
  • Vice President of the SLIIT Media Unit
Contact

Let's build something
secure together.

I'm actively looking for SOC Analyst opportunities in the UK. Whether you're a recruiter, a hiring manager, or a fellow security professional — feel free to reach out!

✉️
🔗
📱
Phone / WhatsApp +44 7362 304258
💻
📍
Location

Hemel Hempstead, HP2 4JL, UK