Learning new technologies
Having experience in IT industry security operation center , across the following: Security Analysis, Security Monitoring, Security Incident Management, and Incident Response.
enhance my experience seeking a challenging position in cyber security field that promotes
learning, utilizing my skills and knowledge to the best of my abilities and contribute positively to my personal growth as well as the organization
Have hands-on experience in analyzing Microsoft Azure cloud Alerts on SIEM (Security Information and Event Management) tools like QRadar, Splunk, Azure , Logrythm Strong knowledge of Event Life Cycle and its Phases.
• Monitor security applications for potential threats, identify possible solutions, and work with different teams for remediation.
• Deep Level of Phishing mails investigation
• Deep drive working alerts on Threat Intelligence alerts.
• Monitoring data movement through DLP solution and take actions wherever required.
• Strong knowledge of Incident management life cycle.
• Familiar with Networking concepts.
• Monitoring Threat intelligence tool and publishing daily threat bulletins along with the Threat advisories and blocking IOCs of latest threats and malware
• Good communication, problem-solving skills, and the ability to acquire new skills promptly.
• Strong in team coordination and managing tasks.
§ Reviewing, analyzing, and responding to security events triggered through the security
§ Monitoring systems according to internal security procedures for cyber events.
§ Performing Incident Management Level and find out alerts end-end life cycle
§ Working on cloud app security alerts
§ Working on 0365 alerts
§ Working on security exception requests.
§ Monitoring azure alerts.
§ Working on service Desk tool for creating tickets &generating reports.
● Reviewing, analyzing, and responding to security events triggered through the security
● Monitoring systems according to internal security procedures for cyber events.
● Investigating phishing Mails.
● Understanding of TCP/IP networking fundamentals: ports, protocols, and infrastructure
● Details along with knowledge of the cyber threats, exploits, and vulnerabilities.
● Providing proactive feedback to senior personnel and management as required.
● Handling of Security Incidents to ensure they are resolved on time.
● Events/Logs Analysis, Monitoring, Investigation (SIEM - Log rhythm).
● Threat Hunting on the basis of Events/Logs received at SIEM.
● Analyzing malicious Phishing emails.
● Critical Incident Handling.
● Suggestions for Fine tuning of existing use-cases for SIEM alerts detecting and preventing cyber- attacks.
● Informing of log sources/devices that are in error state and not receiving logs Log rhythm end.
● Monitoring of SOC Mailbox for all the issues related to SIEM and Incident Handling.
● Coaching, guiding the newly joined resources.
● 24x7 on-call support during incidents where required.
● A strong understanding of cybersecurity concepts.
● security monitoring tools (intrusion detection prevention systems IDS/IPS
● Firewalls & Log Analysis, SIEM, Network Behavior Analysis tools, Antivirus, and Network
● Working on supporting teams with (cyber-Ark, EDR, SEP)
● Monitoring threats using various threat intelligence tools integrated with Log Rhythm.
● Strong analytical and troubleshooting skills.
● Incident Handling, follow-ups & Closure for escalated incidents. Track New Threats and Vulnerabilities
● Creating SOPs, processes documentation, support, and efficiency
● Intrusion Analysis, Incident Analysis & Validation, Incident recommendation.
● Preparing Monthly Schedule –L reports and weekly Reports for IPS /WAF weekly basis.
● Proactively perform monitoring, investigation and analysis of SIEM alerts received from multiple devices which includes Servers, IDPS, WAF and Laptops/Workstations.
● Monitor SOC/SIEM security alerts on SIEM tool –Log rhythm and raise incidents related to Security alerts triggered.
● Update and closure of SOC - Security incidents/tickets under Service Level Agreement.
● Raising proactive tickets for those issues doing L1 analysis and taking following up with the concerned teams for resolution.
● Management, creation & maintenances of SIEM dashboard.
● Updating and maintaining SOC monitoring processes.
● Experience in log monitoring, filtering and report generation as per client’s requirement.
● Managing customer SLAs for real time alerting and response.
● Troubleshooting of various issues with McAfee and logging ticket with OEM for major issues.
● Performing health check for all security devices handle be sharing Report to the client
Performing Real-Time Monitoring, security incident handling, Investigation, Analysis, Reporting and Escalations and triaging Events from Multiple log sources
Raising proactive tickets for those issues doing L1 analysis and taking following up with the concerned teams for resolution.
● Management, creation & maintenances of SIEM dashboard.
● Updating and maintaining SOC monitoring processes.
● Experience in log monitoring, filtering and report generation as per client’s requirement.
● Managing customer SLAs for real time alerting and response.
● Troubleshooting of various issues with McAfee and logging ticket with OEM for major issues.
● Performing health check for all security devices handle be sharing Report to the client
● Performing Real-Time Monitoring, security incident handling, Investigation, Analysis, Reporting and Escalations of Security Events from Multiple log sources
SIEM - Qradar, Splunk, MacAfee ESM, Azure sentinel,Logrythm Firewall - Checkpoint, F5, EDR – Crowd strike, Symantec IDS – Tipping point WAF – Cloudflare Email security – O365, Proofpoint Recorded future -Threat Intelligence DLP – Symantec AlienVault – open threat exchange
Learning new technologies
Cyber defense center , SOC
Reading books is a wonderful hobby that opens up new worlds, ideas, and perspectives.
cricket is a fascinating sport and i love to play and i like to watch no words to say loved it
CEH V10