Summary
Overview
Work History
Certification
Timeline
Generic

VIVEK AHUJA

Summary

Professional Info:- IT Security Professional offering Enterprise Risk Management & Information Security experience in reviewing new security policies and drafting & implementing organization-wide security procedures; targeting assignments in Security Administration with an organization of repute in IT industry Qualified Professional offering nearly 8 years of experience in networking and security concepts, networking administration & troubleshooting in multiplatform environment Managed Rsa netwitness rsa sa mcafee nitro,Kibana siem tools. Integrating Devices and developed use cases to identify the emerging threats and protected organization’s network infrastructure. Phising email analysis,investigation and remediation FOR DIFFERENT CLIENTS. Monitor and analyze the emails for threats including phishing and malware, and make recommendation for email rules to minimize malicious or undesirable emails. Continuously tune provided Security Information and Event Management (SIEM) System, to reduce false positives and discover previously unknown threats within CBP environments Woked on RSA Netwitness, MacAfee NITRO, Kibana and Blusapphire, Alienvault and SIEM Tools. Monitor and analyze security event data to include investigation of reported incidents using system logs, event correlation between Intrusion Detection Systems (IDS), Data Loss Prevention (DLP), firewalls and other means of detection. Review audit logs and record any inappropriate or illegal activity in order to reconstruct events during a security malfunction. Provide event analysis and evaluation of the reported violation and provide post-analysis categorization, prioritization, and recommendation of event disposition. Security Operations Center Analyst Responsible for operating and maintaining Symantec Endpoint Security Manager and Microsoft defender endpoint security Conducts assessments and reports vulnerabilities; monitors their ongoing management with the operations teams

Overview

8
8
years of professional experience
8
8
Certifications

Work History

Senior Associate Cyber Security

OR GANISATIONAL EX P ERIENCE, Coforge Ltd
10.2020 - 01.2022
  • Client requests in 24
  • 7 SOC environment and Resilient SOAR Incident Response Platform
  • Ncident management for different devices like Firewall, AV, IDS/IPS, proxies, windows servers and applications in security operations centre, Key Result Areas:
  • Orking on various state-of-the-art technologies like:
  • Ibana, blusapphire, Service now, MacAfee Nitro SIEM, Cisco Amp
  • IBM Resilient Incident Response Platform, RSA SA And
  • SA Netwitness SIEM Platforms
  • Onitor and analyze the emails for threats including phishing and malware, and make recommendation for email rules to minimize malicious or undesirable emails
  • Continuously tune provided Security Information and Event Management (SIEM) System, to reduce false positives and discover previously unknown threats within CBP environments
  • SA Archer and OS Ticket, Bugzilla for incident management.; creating reports for generated incidents using RSA archer
  • Anaging the SIEM Infrastructure by using RSA Netwitness and Alienvault SIEM; working on IDS/IPS LOG analysis, extraction and developing new rules, signatures and policies, Infrastructure/SOC Monitoring
  • Onitor and analyze security event data to include investigation of reported incidents using system logs, event correlation between Intrusion Detection Systems (IDS), Data Loss Prevention (DLP), firewalls and other means of detection
  • Review audit logs and record any inappropriate or illegal activity in order to reconstruct events during a security malfunction
  • Provide event analysis and evaluation of the reported violation and provide post-analysis categorization, prioritization, and recommendation of event disposition
  • Document all event investigation activities, incoming requests for information, or suspected incident reports as required to support law enforcement records, case disposition and audit review

Senior SOC Analyst

Microland Ltd
12.2019 - 09.2020
  • Result Areas:
  • Orked on MacAfee Nitro SIEM, Cisco Amp, IBM Resilient Incident Response Platform, RSA SA And RSA Netwitness SIEM Platforms; worked on RSA Archer and OS Ticket, Bugzilla for incident management
  • Reated reports for generated incidents using RSA archer; managed the SIEM Infrastructure by using RSA Netwitness and Alienvault SIEM
  • Orked on IDS/IPS LOG analysis, extracted and developed new rules, signatures and policies, Infrastructure/SOC Monitoring
  • Nsured that the escalated issues from network operations were managed as security engineering team member based on Onpriority and planning and executed any device deployment or upgrade
  • Aintained a high level architectural view of the Network Security Infrastructure and provided technical input in planning, estimating and design of project
  • Orked on:
  • Nfoblox tool for DNS Addition and Blocking
  • Isco Stealthwatch for Network Behaviour analysis and detection
  • Relude Open Source SIEM
  • Ent Stealthwatch Daily Analysis Reports to client and worked on ArcSight SIEM and fireeye apt

Project Engineer

Wipro Ltd
Jaipur
01.2019 - 12.2019
  • Effectively Managed the SIEM Infrastructure by using RSA Netwitness and Alienvault SIEM; worked on IDS/IPS LOG analysis, extraction and developed new rules, signatures and policies, Infrastructure/SOC Monitoring
  • Anaged security policy setting & configuration as per the security requirement in various segments
  • Nsured that the escalated issues from network operations as security engineering team member based on Onpriority and planned and executed any device deployment or upgrade
  • Aintained a high level architectural view of the Network Security infrastructure and provided technical input in planning, estimating and design of project
  • Reated use cases using SIEM
  • Orked on:
  • Nfoblox Tool for DNS Addition and Blocking
  • Isco Stealthwatch for Network Behaviour Analysis and Detection
  • Relude Open Source SIEM
  • Ent Stealthwatch Daily Analysis Reports to client and worked on ArcSight SIEM

Senior Engg

HCL Comnet Pvt. Ltd
Mumbai
07.2016 - 01.2019
  • Monitored and analysed the security of critical systems (e.g., mail servers, databases, web servers) and changed highly sensitive computer security controls to ensure appropriate system administrative actions, investigate and report on noted irregularities to client, meetings with client on issues
  • Onducted the Log Analysis, Extraction using SIEM Tools and generating and sending reports to Client as per requirement
  • Anaged the software and hardware upgrades, implemented and maintained procedures for backup and recovery of network servers and configuration files of other network devices
  • Onducted the SIEM Infrastructure by using RSA SA and Alienvault SIEM
  • Orked on IDS/IPS LOG analysis, extraction and developed new rules, signatures and policies, Infrastructure/SOC Monitoring
  • Nvolving in Security Policy setting & configuration as per the security requirement in various segments
  • Dministered the Security Monitoring, Reporting, analysis to client using RSA SA and RSA Archer
  • Aintained a high level architectural view of the Network Security infrastructure and provided technical input in planning, estimating and design of project; created use cases using SIEM

SIEM/SOC Analyst

PR EVIOUS EX P ERIENCE, Control Case International Pvt. Ltd
Mumbai
09.2014 - 06.2016

Officer

ICICI Bank Pvt. Ltd
03.2013 - 10.2013

Certification

PG Diploma in IT INFRA AND SYSTEM SECURITY FROM CDAC BENGALURU.

Timeline

Senior Associate Cyber Security

OR GANISATIONAL EX P ERIENCE, Coforge Ltd
10.2020 - 01.2022

Senior SOC Analyst

Microland Ltd
12.2019 - 09.2020

Project Engineer

Wipro Ltd
01.2019 - 12.2019

Senior Engg

HCL Comnet Pvt. Ltd
07.2016 - 01.2019

SIEM/SOC Analyst

PR EVIOUS EX P ERIENCE, Control Case International Pvt. Ltd
09.2014 - 06.2016

Officer

ICICI Bank Pvt. Ltd
03.2013 - 10.2013

Similar Profiles

CREATE PROFILE
VIVEK AHUJA