Ankit Trivedi

• Act as Shift Lead, overseeing 24/7 security operations, managing shift schedules, and ensuring optimal resource allocation for incident response.
• Mentor and support security analysts, enhancing investigative skills and decision-making; lead knowledge-sharing sessions on emerging threats and technologies.
• Conduct quality assessments of security investigations, ensuring accuracy, completeness, and compliance with standards.
• Manage ticket queues, optimize workload distribution, and monitor the incident lifecycle to maintain SLA adherence.
• Lead incident management during major security events, coordinating cross-team responses, and refining incident response playbooks.
• Prepare and present detailed reports on incidents, trends, and team performance to senior management.
• Proactively perform advanced threat hunting using KQL and Microsoft Defender Suite, identifying and mitigating risks across 70+ customer environments.
• Develop SOPs and playbooks, streamline SOC processes, and drive process improvement initiatives.
• Deliver security presentations to customers, supporting customer acquisition, and awareness efforts.
• Conduct tabletop exercises simulating cyberattacks, leading to better preparedness for real-world incidents.

Key Projects and Initiatives:

• Tier 0 Automation: Developed and implemented suppression rules using PowerFC logic to automatically suppress recurring alerts related to known or benign behaviors, significantly reducing alert fatigue, and improving SOC efficiency.
• AI-Based Case Grading: Contributed to an AI-driven project leveraging vectorization techniques to grade and suppress recurring cases. This initiative enables the automated resolution of cases for IOCs/users historically classified as benign, informational, false positive, or line-of-business activity, enhancing accuracy and operational throughput.

• Investigated and responded to escalated security alerts and incidents using diverse tools.
• Monitored suspicious emails, performed endpoint triage, and contributed to security rule creation.
• Led incident response drills and knowledge sharing for team development.

• Provided 24/7 infrastructure and cloud security monitoring.
• Investigated and responded to security events in SAP's cloud environments.
• Coordinated cross-functional meetings to address security risks.

• Conducted real-time investigation and analysis using SIEM tools (ArcSight).
• Generated reports, customized dashboards, and ensured SLA adherence.