Abhishek Kumar
Senior SOC Analyst
Dhanbad,JH
Summary
Information Security Specialist with 4 years of experience in Information Security domain, passionate for aligning security Incident Response plans and processes with security standards and business goals. Extensive experience in developing Use Cases and managing Qradar and testing security framework. Versed in robust Incident Response strategies. Worked in SOC operations as SME for Qradar, currently working as Senior CIRT Analyst and responsible for managing Incident Response in CSOC. Seeking to leverage my technical and professional expertise to grow in the new role.
Overview
9
9
Certifications
4
4
years of post-secondary education
4
4
years of professional experience
Work History
Senior CIRT Analyst
NetApp
BANGALORE, Karnataka
07.2020 - Current
- Working as a Shift Lead and handling the security incident throughout and mitigating them.
- Handling the SIEM tool Qradar (Use case and Integration).
- Delivering high quality Incident response matrices to leadership and helping actively to SMEs for process improvement and important changes.
- Handled day-to-day running of Threat Hunting Project, ensuring high levels of productivity and progression of team.
- Leading some security awareness Programs like CSOC weekly newsletter and brainstorming Sessions.
- Acting as an escalation point and/or SME for all advanced security incident escalations from L1 analysts.
- Assisting with analytic investigative support of large scale and complex security incident.
- Coordinating with Cyber Security Engineers to resolve Security information and event management (SIEM) health issues.
SOC Analyst
NetApp
BANGALORE, Karnataka
07.2019 - 07.2020
- Performing daily operational real-time security monitoring and analysis of security events from different sources including SIEM, IPS, EDR, AV etc
- Working on Phishing/Malicious emails by advanced log analysis to determine the threat pattern and securing employees from bad actors.
- Correlational Rule creation and basic malware analysis, responsible for Rule fine tuning in Qradar with proper understanding of building blocks,threat involved and architecture.
- Threat Hunting for network logs and endpoints to detect anomaly or any malicious activity into network/endpoints.
- Investigating incidents, remediation, tracking and follow ups for incident closure with concerned teams and stakeholders.
- Releasing weekly, monthly and Quarterly CSOC security report to Leadership.
- Creating and maintaining wiki run book for CSOC process functioning.
- Identifying latest vulnerability among different hosts with VM team to improve security scoring of organization.
- Participating in continuous improvement by generating suggestions, engaging in problem-solving activities to support teamwork.
- Insuring quality standards are being met by doing Incident Audits and reviewing shift handover data.
SOC Analyst Cum Admin
Wipro Technologies
BANGALORE, Karnataka
03.2017 - 06.2019
- Managed Qradar as Admin for different log source Integration of devices and maintaining continuous log flow from different security controls.
- In-depth knowledge of security event management, network security monitoring, log collection and correlation on Qradar.
- Analysis and investigation of offenses generated as result of correlation and rules created within SIEM.
- Log interruption report preparation for all devices(log sources) integrated in Qradar.
- Correlational Use case creation and modification into SIEM.
- Provided guidance on process and evidence during internal/external Audits.
- Phishing Email Analysis which get passed by Spam filters of Email security Tool.
- Enhanced existing incident response methods, tools and processes.
Education
Bachelor of Science - Electronics And Communications Engineering
Haldia Institute of Technology
Haldia 08.2012 - 08.2016
Skills
SIEM: Qradar, Splunk, Arcsight
Accomplishments
- Performed comprehensive investigations of security breaches and implemented appropriate solutions.
- Trained end users on proper security protocol to minimize cybersecurity attacks.
- Developed and implemented security procedures to achieve Incident Response goals.
- Have been recognized by Leadership and Users for good work.
Work Availability
monday
tuesday
wednesday
thursday
friday
saturday
sunday
morning
afternoon
evening
swipe to browse
Certification
Certified Ethical Hacker (CEH), ECC5328046971
Quote
There is a powerful driving force inside every human being that, once unleashed, can make any vision, dream, or desire a reality.
Tony Robbins
Timeline
Foundations of Purple Teaming
10-2020
Foundations of operationalizing MITRE ATT&CK
09-2020
Bug-Bounty- Beginner and Intermediate Level, PITBUG249
09-2020
Senior CIRT Analyst
NetApp
07.2020 - Current
Oracle Cloud Infrastructure Certified Associate
07-2020
Network Security Associate NSE1, RXnrh3wMR0
05-2020
Network Security Associate NSE2, dCQQmJvGlq
05-2020
PCI_DSS, ENR-00804041
05-2020
Certified Network Security Specialist
05-2020
Certified Ethical Hacker (CEH), ECC5328046971
10-2019
SOC Analyst
NetApp
07.2019 - 07.2020
SOC Analyst Cum Admin
Wipro Technologies
03.2017 - 06.2019
Bachelor of Science - Electronics And Communications Engineering
Haldia Institute of Technology
08.2012 - 08.2016
Similar Profiles
Manisha GaliManisha Gali
Storage Technical Support Engineer at NetAppStorage Technical Support Engineer at NetApp
Joe ScottJoe Scott
Professional Services Consultant at NetAppProfessional Services Consultant at NetApp
ANKUSH MEHROTRAANKUSH MEHROTRA
SAP Cloud Platform Integration Support lead at NetAppSAP Cloud Platform Integration Support lead at NetApp
Matt MeskimenMatt Meskimen
Business Architect, Renewals and Customer Success at NetAppBusiness Architect, Renewals and Customer Success at NetApp
SHASHWAT KUMAR SINGHSHASHWAT KUMAR SINGH
Resident Doctor at SHAHID NIRMAL MAHATO MEDICAL COLLEGE AND HOSPITALResident Doctor at SHAHID NIRMAL MAHATO MEDICAL COLLEGE AND HOSPITAL