Charansai Boya

Cyber security professional with 7.10 years of experience and have a proven track record of safeguarding organizations from cyber threats. Known for implementing advanced security measures and enhancing system integrity. Valued team player with focus on collaboration and adaptability, leveraging analytical skills and proactive approach to ensure optimal security outcomes. Experience on working in 24x7 operations of SOC team, offering log monitoring, security information management with tools like Microsoft Azure sentinel, Arcsight, Splunk.

• Working on the Microsoft Azure sentinel providing operations support at the Security Operations Canter for different member firms.
• Good experience in SIEM tools.
• Handling the complete incident management framework cycle right from incident identification, incident containment, performing root cause analysis, suggestion and implementation of preventive and corrective controls and perform network analysis as needed on a case to case basis.
• Participate in weekly and monthly review calls with Customer.
• Performed remediation of security assessment reviews to support risk management.
• Monitoring and identify positive security events from Microsoft Azure sentinel dashboard, Orion during the shift hours and take necessary action for the critical events that is seen during each shift’s hours with deviations for all the environments that we support.
• Blocking/Unblocking mails in O365 and Email Gateway for allowing and blocking the mail flow traffic followed by phishing email analysis.
• Identify custom reporting requirements, translate requirements into SIEM technical specifications and implement SIM changes i.e., creating filters, active channel and dashboards.
• Security Incident Response and closure of Incidents within SLA
• Analysing Phishing and Spam related activities and notifying to the users.
• Preparing daily and weekly dashboard on the security threats.
• Use the escalation process for multiple users impacting incidents all the time and keep update the management about the progress of incident.
• Will document the tickets fully with all the action taken for the incident and update it on frequent basis and maintain ticket quality by documenting it with all the required comments
• Served as Analyst in SOC operations for real-time monitoring, analysing logs from various security/Industrial appliances.
• Deployed policies and delivered security education awareness & training according to security program standards.
• Administrating various incidents/security alerts triggered in SIEM tool.
• Performing Real-Time Monitoring, Investigation, Analysis, Reporting and Escalations of Security Events from multiple log sources.
• Contacting the customers directly in case of high priority incidents and helping the customer in the process of mitigating the attacks.
• Understanding the incident based on to determine whether it’s false or true positive.
• Troubleshooting SIEM dashboard issues when there are no reports getting generated or no data available.
• Determine the scope of security incident and its potential impact to Client network recommend steps to handle the security incident with all information and supporting evidence of security events.
• Creation of reports and dashboards and rules fine tuning.
• Handling multiple customers globally analyzing the customer networks for potential security attacks.
• Support security incident response processes in the event of a security breach by providing incident reporting

• Good analytical and drafting skills.
• Keen interest in learning new things.
• Ability to meet out deadlines.
• Cool headed and tactful in times of crisis.
• Good communication skill.

• Supervised team of 15 staff members.
• Documented and automated incident responses which led to reduce responses by 10%.