Ankit Srivastava
Bengaluru
Summary
Experienced Security Engineer specializing in Security Information & Event Management (SIEM) and Big Data technologies with over 7 years of experience in the cybersecurity domain. Expertise in Securonix SIEM, Hadoop technology, and end-to-end deployment and management of SIEM solutions in both cloud and on-premises environments. Proven ability to handle complex data ingestion, event parsing, and indexing issues, with strong skills in incident management and technical support.
Overview
8
8
years of professional experience
1
1
Certification
Work History
Senior Expert Engineer
Eviden
Bangalore
02.2023 - Current
- Responsible for end-to-end deployment of Securonix SIEM Product in On-Prem environments
- Experienced in Securonix SNYPR architecture, with a proven ability to review and optimize the structure to meet business needs
- Led a team of 12 administrative professionals, providing troubleshooting assistance, sharing knowledge, and offering ongoing training on current trends and issue resolution techniques
- Worked on various datasources such as next-generation Firewalls, VPN, Proxy, and DLP, resolving issues related to the SNYPR Console
- Configured and integrated both out-of-the-box and custom data sources into Securonix SIEM
- Created and managed the SIEM Admin dashboard, preparing reports on a daily basis
- Identified and resolved log stoppage issues for data sources, maintaining continuous data flow and system reliability
- Demonstrated expertise in troubleshooting application issues on SNYPR console, RIN, and NxLog, ensuring optimal performance and issue resolution
- Applied strong troubleshooting skills in Hadoop and its components (Cloudera, HDFS, Solr, HBase, Impala, YARN) to resolve issues like log collection delays, stoppage, and violation delays
- Knowledgeable in methodologies such as Cyber Kill Chain Analysis and the MITRE ATT&CK framework
- Administered user accounts and provisioned roles based on RBAC policies to enforce access control and security best practices
- Developed multiple Spark jobs and data pipelines to address delays in data sources and troubleshoot processing issues, enhancing data flow and performance
- Provided regular Weekly Status Reports (WSRs), monthly reports, and SLA coverage, utilizing JIRA/SNOW ticketing systems to track and measure key performance indicators (KPIs) for the Admin Team
- Prepared data insights and ad-hoc reports as per customer requests, created comprehensive Knowledge Base (KB) articles, and conducted Knowledge Transfer (KT) sessions for engineers
- Conducted Root Cause Analysis (RCA) for incidents and prepared detailed documentation for management review
- Managed patching, server upgrades, and the implementation of new releases for SNYPR and RIN, ensuring system stability and the introduction of critical updates
- Oversaw the migration activity from the Arcsight platform to Securonix SIEM, ensuring data availability and searchability in the SNYPR application
- Delivered critical escalation support for high-priority issues, including during weekends
SIEM Engineer
Henkel
Bengaluru
09.2022 - 01.2023
- Experienced with Elasticsearch, Logstash, and Kibana for developing and managing applications
- Created comprehensive documentation for various data sources within the environment
- Developed and maintained index and component templates to optimize data handling and performance
- Developed and customized dashboards in Kibana based on specific log source requirements
- Responsible for managing the Syslog-NG for effective log management and data collection
- Managed Kafka services to ensure seamless data streaming and integration
Cloud Security Engineer
Securonix
Bengaluru
01.2017 - 08.2022
- Worked on Securonix SIEM product to enhance security monitoring and incident response capabilities
- Deployed Securonix SNYPR and multiple Remote Ingesters for various clients in both SaaS and on-premises environments
- Integrated numerous out-of-the-box (OOTB) and custom data sources into the Securonix SNYPR application
- Addressed and resolved data ingestion, event parsing, and indexing issues in Securonix SNYPR
- Managed the resolution of end-to-end Spark job processes and Spotter search issues
- Worked on the use case creation by using the different analytics techniques in Securonix SIEM platform
- Created user accounts and assigned access rights in accordance with Role-Based Access Control (RBAC) policies
- Troubleshot event parsing and indexing issues, ensuring accurate data availability and effective SIEM platform performance
- Developed reports and configured dashboards within the Securonix SIEM platform
- Led Root Cause Analysis (RCA) for incidents and produced comprehensive documentation for executive review
- Developed and published multiple knowledge base articles (KB Articles) and SOP guidelines
- Executed software upgrades, updates, and patches in the production environment to maintain peak performance
- Co-ordinated with Stakeholder to troubleshoot any product related issues
- Ability to participate in on-call support demonstrated experience and success in Managed service client environment
- Strong communication skills with the ability to ask questions, escalate roadblocks early, and interact effectively at multiple levels in the organization
Education
Post Graduate Diploma - Advanced Computing
Center For Development of Advanced Computing
Bengaluru01-2016
Bachelor of Technology - Information Technology
Dr. A.P.J Abdul Kalam Technical University
Lucknow01-2014
Bachelor of Science - Mathematics
Dr. Ram Manohar Lohia Avadh University
Ayodhya01-2010
Skills
- Securonix
- Elasticsearch
- Big Data Analytics
- HDFS
- Apache Kafka
- Apache Solr
- Apache Spark
- Redis
- Cloudera Manager
- MYSQL
- Linux
- Syslog-ng
- Ingestion Pipeline
- ServiceNow
- JIRA
- Incident Management
- Change Management
- Team management
Accomplishments
Bravo:
Appreciated with Bravo for excellence in handling Incidents and supporting L2 Team in creating rules and configuration for 2 times in Securonix
Excellence Award:
Received best employee of the Quarter in Eviden for Handling critical Application issues, upgrading issues and quality of the work and KT sessions towards Entire Team
Certification
- Certified Ethical Hacker (CEH) v11
- Certified Securonix SNYPR Administrator
- Certified Securonix Data Integrator
Timeline
Senior Expert Engineer
Eviden
02.2023 - Current
SIEM Engineer
Henkel
09.2022 - 01.2023
Cloud Security Engineer
Securonix
01.2017 - 08.2022
Post Graduate Diploma - Advanced Computing
Center For Development of Advanced Computing
Bachelor of Technology - Information Technology
Dr. A.P.J Abdul Kalam Technical University
Bachelor of Science - Mathematics
Dr. Ram Manohar Lohia Avadh University
Similar Profiles
Manish GurungManish Gurung
Project Manager/Business Analyst at EvidenProject Manager/Business Analyst at Eviden
SURIYA NADARADJANESURIYA NADARADJANE
Software Engineer at EvidenSoftware Engineer at Eviden
Tanya TenevaTanya Teneva
APPLICATION SUPPORT SPECIALIST INTERNSHIP at EvidenAPPLICATION SUPPORT SPECIALIST INTERNSHIP at Eviden
Ramya RavichandranRamya Ravichandran
Project Manager at EvidenProject Manager at Eviden
Mohammed Zaid BangiMohammed Zaid Bangi
Middleware Administrator at AccentureMiddleware Administrator at Accenture