Ajinkya Avinash Pawar

• Managed a team of 25 vendor SOC analysts, including the Vendor SOC Manager, ensuring smooth day-to-day operations.
• Developed and enhanced SIEM use cases to improve threat detection, and provided input for SOAR playbooks to support Tier 1 and Tier 2 incident response.
• Oversaw daily SOC activities, ensuring that threat monitoring and incident response met defined SLAs and SOPs.
• Conducted regular reviews of detection tools and processes, recommending improvements to strengthen threat response capabilities.
• Integrated data from endpoints, networks, cloud platforms, and identity systems into SIEM to improve visibility and correlation.
• Defined and tracked SOC performance metrics (SLAs/KPIs) to maintain high service standards, and drive continuous improvement.
• Delivered training to SOC team members on emerging cybersecurity tools and techniques to enhance team capabilities.
• Applied threat intelligence to enrich alert analysis and improve response accuracy.
• Hands-on experience with tools, including Securonix SIEM, Palo Alto XDR, XSOAR, ServiceNow, and JIRA.
• Utilized frameworks such as MITRE ATT&CK and the Cyber Kill Chain to guide detection rule creation.
• Created dashboards and reports for senior leadership to present SOC performance, and threat trends.
• Fostered collaboration across cybersecurity, IT, and business teams to support integrated security operations.
• Encouraged innovation by suggesting automation improvements to the SOAR team.
• Established governance models and operational standards to ensure consistent and efficient SOC service delivery.
• Managed SOC staffing activities, including recruitment, mentoring, performance reviews, and team motivation.
• Led incident response efforts, ensuring timely identification, assessment, and resolution of security threats.
• Integrated updated threat intelligence (IOCs, detection rules) into SOC workflows to enhance detection and response.
• Conducted weekly cadence calls with SOC analysts and the Incident Response team to review and resolve pending tickets.
• Ensure compliance with internal and external auditors.

• Working with vendors and skill groups to ensure the successful delivery of security operations center capabilities.
• Documentation, customer support, and collaboration with other team members.
• Educate and train other skill groups about SIEM integration.
• Provides support on all issues related to engineering activities for SOC capabilities.
• Coordinate with multiple stakeholders to ensure a timely and satisfactory resolution to technical issues and the completion of projects.
• Integration of security toolsets that enable automated discovery, remediation, and alerting, and reduce manpower requirements.
• Design, configure, integrate, and deploy open-source and commercial tools to monitor systems and enrich the overall SOC environment.
• Engagements in an IDBRT drill exercise for banking clients.
• Provide technical information to co-workers and subordinates by telephone, in written form, e-mail, or in person.
• Work closely with colleagues to meet team goals, and improve processes and practices.
• Perform analysis and diagnosis of highly complex firewall problems in the data center environment.
• Create and maintain standard operating procedures and guides for new and/or existing perimeter firewalls.
• Attend weekly teleconferences, meetings, and participate in working groups, as related to the constantly changing security environment.
• Manage the team of seven and prepare the shift schedule for each month.
• Coordinations with the vendor for further escalated matters.
• Finding out the RCA for the incident and sending it to the customer after properly documenting it.
• Creating the CR (Change Request) and getting it approved by the CRB (Change Request Board) for the activity, and implementing it accordingly.
• Closely monitor the aging tickets, ensuring that the tickets are closed within SLA.

• Configuration and management of the Juniper SRX 1500 firewall.
• URL filtering and domain whitelisting.
• Firewall policies administration.
• Firewall upgrades should be performed on a timely basis.
• Coordination with the vendor for further escalated matters.
• Static and dynamic routing.
• Configuration and management of Cisco 2960 and 3750 switches.
• VLAN configuration.
• Port channel configuration.
• Troubleshooting of the wireless UBNT controller and Ubiquiti wireless access point (Mesh, Lite):
• Creating SSIDs in the controller.
• Installation and configuring of the AP.
• Configuration and management of MikroTik routers.
• VLAN configuration.
• DHCP configuration.
• Static and dynamic route configuration.
• Configuration and management of TP-Link and Netgear switches.
• VLAN configuration.
• Basic knowledge and hands-on Ubuntu 16.04 server and laptops.

• Handling and managing more than 1000 firewalls (Cisco ASA+Fortigate+Sophos +Palo alto firewall PA3050,PA500) across India.
• Configuration and troubleshooting of Site to Site and SSL VPN.
• Firewall Policies administration.
• Firewall upgrade on time-to-time basis.
• Static and dynamic Natting with port forwarding configuration.
• Configuration of static route and policy route in firewalls.
• Managing and troubleshooting of load balancers(Citrix+Radware):
• Hands on in Creating Content Switching to load balance the URL's.
• Hands on in Creating Virtual IP's to load balance between IP's.

Creating VLANs and assigning particular ports to specific VLANs according to customer requirements.

Configuring static routes in switches.

Static and dynamic NATting with port forwarding configuration.

Configuration of static routes and policy routes in firewalls.

• Configuration and troubleshooting of extreme summit X460-24t and X440-48p switches:
• Creating VLAN and assigning particular ports specific VLANs according to customer requirements.
• Configuring inter-vlan routing between switches. Stack configuration and IOS up gradation.
• Assigning DHCP through switches.
• Creation and configuration of QOS policy in switches.
• Configuration of ELRP and MLAG configuration in switches.
• Hands on experience in troubleshooting CUCM server MCS7800 series:
• Installation and configuration of Cisco IP phone CP3905,CP6921,CP7925G,CP9971 and CP9951 IP phones.
• Configuring permanent extension numbers and STD, ISD, local or internal facility on Cisco IP phones.
• Configuring call routing pattern on server.
• Configuring pick up group faculty on server.
• IOS up gradation in IP phones.
• Hands on experience in configuration of cisco router and switch.
• Troubleshooting of wireless controller WM3600 & extreme wireless access point AP4511:
• Creating SSID's in controller according to department/user requirement.
• Checking the range of wireless access point locally.
• Configuration of WLAN controller.
• Site survey and troubleshooting of AP with consideration with RSSI value and channel planning for wireless IP phone to work efficiently.
• Hands on experience in installation and troubleshooting of watchguard XTM, sonicwall and fortinet firewall:
• Defining traffic management for specific VLAN's.
• Assigning policies for specific users.
• Assigning Web filter and application control.
• Assigning QOS to policies.

• Network Monitoring:
• Scada SDH technology is used to carry the data of different Scada receiving stations and Sub stations to the Main Control Station for manipulating, monitoring and troubleshooting the Scada SDH network as well as IP network.
• In IP network we monitor and troubleshoot by trace routing and pinging the L3 uplinks terminated on L3 Cisco switches 3750 and 3550 from RCOM, MTNL and TULIP by coordinating with them for E1 Convertor issues as well as L2 Cisco switches and network provided through it.
• Identifying the fiber cut information and alarm identification in SDH through Foxmon UCST R7A, UCST R8B and UCST R8C.
• Hands on experience in installation of SYNIF, NEBRO, SYNAC and COBUX cards in ABB panels.
• Troubleshooting of alarms generated on communication cards.
• We do Cross-connections if required to provide an alternate paths in the Network connectivity using UCST Software and maintain proper Communication in the Network.
• Working on the Solar winds 'Network Monitoring Tool' and checking the status of the Network devices which consists of Routers, Switches, Hirschman's, Zonal Servers and Zonal Links.
• Hands on experience in Testing of CDMA 82 QAM modems.
• Preparing incident, fiber cuts and SDH alarms reports at end of month.
• Raising the trouble tickets and taking the follow for the same.
• Configuration of Moxa and Hirschman switches.

• RFS testing: Testing of Wireless Access Points and Radio link.
• Maintaining Network uptime and Performance Management.
• Hands on experience with the Installation, Configuration and Maintenance of Access points and radio links.
• Good experience in implementing RTS 5-port, 8-port switches.
• Hands on experience in handling of TT(Trouble Tickets) in Seibel.