Pawan Yadav

• Monitoring and working on alerts generated on IPS (Darktrace, FortiSOC), SIEM (Rapid7 IDR), and EDR (CrowdStrike).
• Analyzing threat events detected by IPS (Darktrace) and SIEM, though taking appropriate action based on nature of alert.
• Analyze network traffic, logs, and security alerts to detect anomalies and potential threats.
• Collaborated with incident response teams to investigate and respond to security incidents.
• Developed and maintained custom queries and scripts to enhance detection.
• Assisted in developing and implementing security policies and procedures to strengthen organization's security Monitored network and system logs for signs of suspicious activity and security breaches.
• Conducted vulnerability assessments and penetration testing to identify weaknesses in organization's incident response activities, including containment, eradication, and recovery.
• Working on tickets, user, onsite, and endpoint protection along with clients for security and current threats,vulnerabilities and their mitigation, and other infrastructure security-related incidents or queries.
• Implemented security measures to reduce threats and damage related to cyber attacks

As a SOC Team Member, where I play a pivotal role in enhancing the security operations of the organization with a strong focus on implementing and managing a diverse range of technologies, I have gained expertise in the following:

• Web Application Firewall: Implementing and managing multiple WAF technologies, such as Akamai WAF, FortiWeb, F5 Silverline, and BIG-IP ASM, to safeguard web applications from potential vulnerabilities and attacks.
• FortiEDR and Cortex XDR: Managing FortiEDR and Cortex XDR for advanced endpoint detection and response, ensuring comprehensive threat detection and mitigation.
• Nessus: Conducting vulnerability assessments using Nessus,powerful vulnerability scanner, to identify and address security weaknesses in systems and networks.
• Conducting proactive threat-hunting activities to identify and mitigate security threats before they could cause damage.
• Analyzing network traffic, logs, and security alerts to detect anomalies and potential threats.
• Collaborating with incident response teams to investigate and respond to security incidents promptly.
• Assisting in developing and implementing security policies and procedures to strengthen organization's security.
• Monitoring network and system logs for signs of suspicious activity and security breaches.
• Conducting vulnerability assessments and penetration testing to identify weaknesses in organization's infrastructure.