Summary
Overview
Work History
Education
Skills
Languages
Certification
Timeline
Generic

Avi Sawant

Mumbai

Summary

Adept Cybersecurity Consultant with a proven track record at Capgemini, I excel in security monitoring and incident response, leading teams to mitigate threats effectively. My strategic approach and effective communication have significantly enhanced system security, showcasing my ability to address complex challenges and drive results.

Overview

5
5
years of professional experience
1
1
Certification

Work History

Cybersecurity Consultant

Ltimindtree
Mumbai
07.2022 - Current
  • As an L2 Lead managing a team of 10 members. Mentored junior employees in departmental activities and procedures. Provided support and guidance to colleagues to maintain a collaborative work environment.
  • Working on the Security incidents reported by SOC L3 team and reported by infra teams and users. product knowledge of Securonix, Qradar, Palo Alto SOAR, Cyware TI, Fireeye HX, Recorded Future, ServiceNow. Provided ongoing support for existing cybersecurity tools and systems by troubleshooting issues as they arise.
  • Performing Monitoring and analysis of cyber security events with the use of Securonix / QRadar (SIEM), Cyware TI, Palo Alto SOAR and other tools. Investigated advanced persistent threats in order to understand their behavior patterns.
  • Providing analysis of trending security logs and data from a large number of heterogeneous IT security devices. By analyzing trending security logs, suppressing the count of false positive incidents, and working toward the fine-tuning of rules and policies.
  • Providing Initial analysis of incident to Incident Response (IR) Team and co ordinating with team to obtain RCA of the incident. following-up for ticket closure with the User\ Infra Teams for closure of ticket within SLA. Ensuring Incident acknowledge and responded within SLA by L1 team. Working on Quality checks of Investigation steps and RCA provided by L1 Team.
  • Writing rules to implement detection and creating new IRC for it. Worked with platform team for SOAR automation Task. Working with Non-logging team to ensure data source working correctly and sending logs to tool.
  • Leading daily standup call and highlighting/ discussing observations and gaps with team. Also providing Guidance to on Important task and High severity incidents. Attending Meeting with L3 for support in Daily, weekly, fortnightly and monthly report presentation with Team Leads and Stakeholder\Client. Joining call with infra teams for incident response activities such as Initial analysis of compromised systems and investigation of malicious activity in major incident response support.
  • Learning about latest security threats and vulnerabilities with potential to impact the monitored environment. Working on Threat intel report and processing the IOC for blocking in the monitored environment with Initial analysis. Providing threat and vulnerability analysis as well as security advisory services.
  • Investigated malicious phishing emails, domains and IPs using Open-Source tools and recommend proper blocking based on analysis.Educated individuals on complex computer terms using easy-to-understand wording. Promoted security awareness among employees and clients to minimize risks and breaches.
  • Create/review/modify documentation as needed, to include any process or procedure and thus ensure it’s up to date and standard. Update the Whiteboard or any relevant POC information. Managed inventory and tracker to ensure materials were available when needed. Created detailed reports outlining findings from security audits and presented them to management for review.
  • Creating daily Shift Handoff notes and summary and sending to all shifts. Updating SOC White Board daily/weekly updates Other duties as assigned by Team Leads and/or Operations Manager. Creating Daily, weekly, fortnightly and monthly reports. Having sufficient knowledge in Excel, word and PowerPoint.

SOC Analyst

Capgemini
Mumbai
01.2020 - 07.2022
  • Working on the Security incidents reported by SOC L3 team and raise by infra teams and users. Ensuring the proper closure of security incidents within resolution SLA. Also ensuring Incident acknowledge and responded within SLA.
  • Monitoring, research, assessment and analysis on SIEMs, Intrusion Detection and Prevention tools as well as Anomaly Detection systems, Firewalls, Antivirus systems such as (Qradar, Symantec ATP, Fireeye investigation, Splunk, Infoblox, ISE, Crowdstrike, Qualys, Alsid etc.)
  • Analyze security event data from the network (IDS, SIEM). Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
  • Conduct proactive monitoring, investigation, and mitigation of security incidents. Provide real-time guidance to Endpoint users on security settings and policies, and attack mitigation procedure.
  • Managing onboarding and off boarding of log sources on SIEM tools. Troubleshooting, coordinating with multiple Group IT, project teams for devices integration with SIEM tool. Working with Non-logging team to ensure data source working correctly and sending logs to tool.
  • Ensure the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices. Experienced in Vulnerability management tools to pinpoint vulnerabilities and reporting (Qualys). Working on vulnerability assessments reports weekly and Monthly basis.
  • Research new and evolving threats and vulnerabilities with potential to impact the monitored environment.
  • Investigate malicious phishing emails, domains and IPs using Open Source tools and recommend proper blocking based on analysis.
  • Creating weekly and monthly SOC reports. Having sufficient knowledge in Excel, word and PowerPoint.

Education

Bachelor of Engineering - Electronics Engineering

Terna Engineering College
Mumbai
05-2019

HSC - Science

G N Khalsa College
Mumbai
02-2015

Ssc -

Balmohan Vidyamandir
Mumbai
03-2013

Skills

  • Security monitoring
  • Incident response
  • Threat analysis
  • Team leadership
  • Problem solving
  • Effective communication
  • Technical documentation
  • Compliance auditing

Languages

Marathi
First Language
English
Proficient (C2)
C2
Hindi
Proficient (C2)
C2

Certification

1. Network Security Basic (Training)

2. Incident Detection and Investigation with Qradar Training

3. Securonix Platform Training

3. Vulnerability Management, Detection, and Response (Qualys).

4. Malware analysis (Training)

Timeline

Cybersecurity Consultant

Ltimindtree
07.2022 - Current

SOC Analyst

Capgemini
01.2020 - 07.2022

Bachelor of Engineering - Electronics Engineering

Terna Engineering College

HSC - Science

G N Khalsa College

Ssc -

Balmohan Vidyamandir

Similar Profiles

  • Srestha Bose

    Srestha BoseSrestha Bose

    Specialist Senior Software Engineer at LTIMINDTREESpecialist Senior Software Engineer at LTIMINDTREE

    View Profile
  • Arivu Periyasamy

    Arivu PeriyasamyArivu Periyasamy

    Network Specialist at LTIMindtreeNetwork Specialist at LTIMindtree

    View Profile
  • Vuppala Veeran Pranav Gupta

    Vuppala Veeran Pranav GuptaVuppala Veeran Pranav Gupta

    Leadership Recruiter at LTIMindtreeLeadership Recruiter at LTIMindtree

    View Profile
Avi Sawant