Summary
Overview
Work History
Education
Skills
Timeline
Generic
Atul Gupta

Atul Gupta

Cyber Security Analyst
Mumbai

Summary

To develop career as a successful cyber security specialist in an organization, where I will be a valuable team member and trusted IT Security engineer protecting companies against both internal and external threats. Expertise in threat detection, mitigation and management.

Overview

4
4
years of professional experience

Work History

Incident Responder

Deloitte
Mumbai
12.2022 - Current
  • Managing team members of 4 L1,assisting and working on the security incident raise by L1.
  • Working on the VA (vulnerability assessment ) running the nessus scan and coordinating with relevant stake holder for the closure of vulnerability.
  • Reserving the CVE and publishing the security advisory and notification for client (Internal ) as well as on CVE site.
  • use case fine tuning-analyses all the configured use cases and provide recommendations for fine tuning the correct use cases.
  • Explicitly working on the Snow Ticket Ad Hoc Incident request raised by users.
  • For any new use caes/rule, verifying if all the relevant artifacts are captured in the splunk so that it can be deployed in the production.
  • Working on the mailbox compromise and wire fraud cases.
  • Working and resolving the MDE Incident/alerts end to end.
  • using Azure portal ,if there were any alerts regarding to sign in logs, risky sign in for users etc
  • Analyzing the report given by the threat intel team, to check if any internal user account has been leaked/compromised.
  • Working on the Phishing cases and resolving the Incident through the Phantom (Soar)Creating GDPR and data breach report for lost/stolen device
  • Monitoring the health status of log sources in Splunk Running the query in splunk to find specific logs such as proxy, firewall etc.
  • Redline deploying to do the deep dive analysis for the compromise host.
  • Dedicatedly working the Phishing cases for VIP user , also doing deep dive investigation to check how many user have received the same phishing email same email so that appropriate action can be taken
  • Creating weekly and monthly report for client.
  • Blocking the Hash file on the MD portal.

SECURITY ANALYST

Brennan IT PVT Limited
Mumbai
12.2016 - 12.2016
  • Monitoring, Analyzing and Investigating the suspicious activities using SIEM Tool (USM anywhere) on 24
  • 7 basis
  • Dashboard creation in USM anywhere for new costumer and Health checkup for agents
  • Creating suppression rule for false positive and custom rule for an alert generation as per customer requirements
  • Helping in creating weekly and monthly reports
  • Investigating malicious phishing emails, domains, URL and IP’s using Open-Source tools and Blocking them based on analysis
  • Acknowledging and closing false positives and raising tickets for validated incidents
  • Knowledge on Incident Response Lifecycle process, Cyber Kill Chain, CIA triad, The MITRE attack Framework and AAA
  • Mitigating Sophos alert raised by various costumer through service now ticketing portal
  • Involved creating phishing awareness campaign
  • Analyzing the traffic and blocking the IP, if found malicious
  • Assist L3 team for fine tuning of the use cases if required
  • Checking and mitigating risk sign-in alerts from azure and spy cloud alerts
  • Creating SOP for new incident and maintaining the SOC runbook.

CYBERSECURITY ANALYST

TCS
Mumbai
1 1 - 12.2016
  • Working in Security Operations Center (24x7), monitoring of SOC events, detecting and preventing Intrusion attempts
  • Threating hunting in Microsoft defender to find new threats which may persist in the org and create detection rule based upon it
  • Trend Micro for checking alerts from server
  • Responding to various security alert for client and scanning for vulnerabilities using tools like Rapid7
  • Monitoring real time event and dash-boarding reporting using SEIM tools like HP ArcSight
  • Monitoring, analyzing and responding to infrastructure threat and vulnerabilities
  • Managing Microsoft ATP and EDR alert
  • Collect logs and analyze logs to find suspicious activities
  • Incident management (Ticket assigning, follow up for closure, Age analysis, L1 & L2 investigation, finding RCA)
  • Raise incident by identifying Real time traffic/ logs captured by SIEM
  • Performing investigation to decide whether raised events are actual incident of false positive
  • Preparing weekly/Month investigation Incident report
  • As DLP Analyst activities include Incident Handling, Analysis of report, Creation of DLP rule on O365 DLP
  • Responsible for managing Symantec WSS which include Symantec Site categorization, Symantec File submission and Daily report review
  • Monitoring Cloud App Security Alerts and creation of CAS rule alert.

Education

S.S.C -

Maharashtra State Board

H.S.C - undefined

Maharashtra State Board

Bachelor of Science - Information Technology

Vidyalankar School of Information Technology

CERTIFICATIONS Cyber Crime Investigation (workshop attended) DIAT certified Information Assurances Sophos endpoint and server engineer - undefined

Skills

Phishing Emailing Analysisundefined

Timeline

Incident Responder

Deloitte
12.2022 - Current

SECURITY ANALYST

Brennan IT PVT Limited
12.2016 - 12.2016

S.S.C -

Maharashtra State Board

H.S.C - undefined

Maharashtra State Board

Bachelor of Science - Information Technology

Vidyalankar School of Information Technology

CERTIFICATIONS Cyber Crime Investigation (workshop attended) DIAT certified Information Assurances Sophos endpoint and server engineer - undefined

CYBERSECURITY ANALYST

TCS
1 1 - 12.2016

Similar Profiles

CREATE PROFILE
Atul GuptaCyber Security Analyst