Arunkumar M.

To hold a challenging and responsible position in Information Security Area were my work experience and abilities will value add in a progressive organization Seeking for a professional position that provides me an opportunity to take up challenging Roles and responsibilities and make best use of my skills and acquire more knowledge. Possessing a broader vision and achieve personal and professional goal

Having overall 6+ years of experience in SIEM and InfoSec Domain Expertise on SIEM products like Qradar and basis knowledge on Rapid7 Real time monitoring and analysing the security alerts triggered in SIEM and escalating the incidents to respective teams Part of Global SOC Team Handling clients across globe Responsible for specialized investigation, threat analysis and remediation in response to notifications from operators Identifying machines infected with malware and issue remediation based on the investigation results Sharing the analysed reports to client on daily, weekly, monthly basis for giving a better insight on network activities Raising of incidents and closure as per the SLA Adverse knowledge in Documentations – High Level and Low level. Initiated SOC Manual (Complete Inventory and Process Details) and SIEM Newsletter Coordinating and managing review calls periodically [quarterly / monthly / weekly] with clients/onsite resources to enhance the process in place for proactive service Provide expert analysis to customer of events discovered by Analysts and track it until necessary Root cause is fixed Develop operational process and procedures to appropriately analysis, escalate and assist in remediation of critical information security incidents Perform SIEM product support and implementation Act as a point of escalation for other Engineers (Associate SIEM Engineer & SIEM Engineer) and provide guidance and mentoring Coordinating and conducting event collection, log management, event management, compliance automation, and identity monitoring activities using the SIEM Platform Support day to day event parsing and repairing of events that have missing or incorrect information, create log source extensions

• Certified Splunk Analyst
• Certified in Qradar Foundation
• Certified in Digital Forensics Essentials (DFE)
• CompTIA Security+

• Expertise on SIEM product Qradar
• Real time monitoring and analysing the security alerts triggered in SIEM and escalating the incidents to respective teams
• Part of Global SOC Team Handling clients across globe
• Responsible for specialized investigation, threat analysis and remediation in response to notifications from operators
• Identifying machines infected with malware and issue remediation based on the investigation results
• Sharing the analysed reports to client on daily, weekly, monthly basis for giving a better insight on network activities
• Raising of incidents and closure as per the SLA
• Adverse knowledge in Documentations – High Level and Low level
• Initiated SOC Manual (Complete Inventory and Process Details) and SIEM Newsletter
• Coordinating and managing review calls periodically [quarterly / monthly / weekly] with clients/onsite resources to enhance the process in place for proactive service
• Provide expert analysis to customer of events discovered by Analysts and track it until necessary Root cause is fixed
• Develop operational process and procedures to appropriately analysis, escalate and assist in remediation of critical information security incidents
• Perform SIEM product support and implementation
• Act as a point of escalation for other Engineers (Associate SIEM Engineer & SIEM Engineer) and provide guidance and mentoring
• Coordinating and conducting event collection, log management, event management, compliance automation, and identity monitoring activities using the SIEM Platform
• Support day to day event parsing and repairing of events that have missing or incorrect information, create log source extensions

• Date of Birth: 07/08/94
• Gender: Male
• Nationality: Indian
• Marital Status: UnMarried

Qradar, Rapid7, High, Palo alto and Fortinet, Median, MacAfee, Symantec, XDR, Median, Symantec, Fire eye, O365, Median