Kavitha Sivam
Information Technology
Sydney,Australia
Summary
Dynamic SOC Analyst with extensive experience in threat detection and incident response, proficient in identifying brute-force attacks utilizing Splunk SIEM.
Overview
1
1
year of professional experience
1
1
Certification
Work History
SOC Analyst
SOC Analyst – Hands‑On Project & Lab Experience
01.2025 - Current
- Built a small SOC lab using Splunk SIEM to detect brute‑force login attacks against a Windows 10 endpoint
- Ingested Windows Security Event Logs (Event ID 4625) using Splunk Universal Forwarder
- Created correlation searches and alerts to identify excessive failed login attempts
- Mapped detections to MITRE ATT&CK technique T1110 – Brute Force
- Investigated alerts using log correlation, timeline analysis, and event review
- Documented findings in a structured incident report following SOC workflows
- Monitored Azure AD sign‑in activity for MFA failures and unusual login patterns in lab scenarios
- Performed vulnerability identification using Neap and behavioral indicators
Digital Forensics Analyst
Digital Forensics Exposure
01.2025 - Current
- Analyses Windows artifacts including Prefects, LNK files, Registry keys, and Event Logs
- Investigated USB activity, browser artifacts, and file execution history
- Produced structured forensic summaries aligned with Australian handling standards
Education
High School Diploma -
TAFE NSW
Meadowbank Tafe12-2025
Certificate IV in Cyber Security - Cyber Security
TAFE NSW
Blacktown, NSW12-2024
Skills
- Alert triage and incident handling
- Escalation management
- SIEM monitoring and log correlation
- Brute-force and suspicious login detection
- MITRE ATT&CK framework awareness
- Azure AD sign-in and MFA failure monitoring
- Risky sign-in identification
- Endpoint and identity security
- Networking fundamentals
- DNS and TCP/IP concepts
- Firewall principles
- Documentation proficiency
- Customer communication skills
Digital Forensics Exposure - Details
- Analysed Windows artifacts including Prefetch, LNK files, Registry keys, and Event Logs
- Investigated USB activity, browser artifacts, and file execution history
- Produced structured forensic summaries aligned with Australian handling standards
Certification
- CompTIA A+, 2025
- Microsoft Azure Fundamentals (AZ-900), 2025
- Cisco Network Essentials, and Cyber Security Essentials, 2025
- Google IT Support Professional Certificate, 2024
Technical Tools
- Splunk
- Microsoft Sentinel
- Microsoft Defender
- Sysmon
- Azure AD
- Windows Server
- Windows 10/11
- Nmap
- Wireshark
- PowerShell (basic)
- FTK Imager
- Autopsy
- MITRE ATT&CK Framework
Security Clearance
Eligible for Government Security Clearance
Soc Project Experience
SOC Analyst – Hands‑On Project & Lab Experience (Academic & Simulation Based), 2025, Built a small SOC lab using Splunk SIEM to detect brute‑force login attacks against a Windows 10 endpoint, Ingested Windows Security Event Logs (Event ID 4625) using Splunk Universal Forwarder, Created correlation searches and alerts to identify excessive failed login attempts, Mapped detections to MITRE ATT&CK technique T1110 – Brute Force, Investigated alerts using log correlation, timeline analysis, and event review, Documented findings in a structured incident report following SOC workflows, Monitored Azure AD sign‑in activity for MFA failures and unusual login patterns in lab scenarios, Performed vulnerability identification using Nmap and behavioral indicators
Personal Information
Citizenship: Australian Citizen
Timeline
SOC Analyst
SOC Analyst – Hands‑On Project & Lab Experience
01.2025 - Current
Digital Forensics Analyst
Digital Forensics Exposure
01.2025 - Current
High School Diploma -
TAFE NSW
Certificate IV in Cyber Security - Cyber Security
TAFE NSW