Deepak Rayanade

WWW: Bold Profile PROFESSIONAL SUMMARY Experienced Security Analyst with 3.9 years of working in Incident Response and SIEM, IDS/IPS, Firewall Log Analysis, Monitor System and Network Inspection tools, Administering and monitoring security profiles, and Threat analysis. Skilled in investigating Security Incidents and coordinating with teams to contain a compromise situation, finding the root cause for incidents, and making/suggesting changes to improve Security measures in an organization. Good understanding of log formats of various devices such as Web sense, Vulnerability Management Products, IDS/IPS, EDR, Firewalls, WAF, Proxy, Routers, Switches, OS, DB Servers, and Antivirus. Experience in Information Security with emphasis on security operations, Log monitoring, Log management, incident management, and security event analysis through QRadar & Splunk SIEMS Agile in investigating security threats such as Malware Outbreaks, DDOS, OWASP T-10 and Phishing Analysis on the network. Creating reports, dashboards, use-cases in the SIEM and scheduling the reports.

• Splunk Certified Core User
• Qualysgaurd Fortinet NSE
• AZ-900
• Checking the daily health status of SIEM
• Performing Threat hunting of logs and identify any possible
• Compromise by evaluating anomaly, behavior, IOC's
• Experience in generating Daily, Weekly & Monthly Reports from QRadar and Splunk and communicating to stakeholders
• Analyzing the detections and incidents from EDR solutions like
• Crowdstrike, MS defender and containing the machines and providing real time response
• Identifying emerging threat tactics, techniques and procedures used by malicious cyber actors and publish actionable threat intelligence for business and technology management
• Having good experience of writing KQL, SPL queries and hunt for the anomalies
• Having overall understanding of Mitre Att&ck framework, Cyber
• Killchain, and intelligence driven incident response
• Performing the firewall auditing on CIS benchmarks.