Hari M

 Serving as a Security Analyst/Consultant in SOC Operations.

 Monitoring and analyzing the logs for threats from various security/ Industrial appliances using Splunk Alert manager and Qradar.

 Real Time Log analysis from different network devices such as Firewalls, IDS, IPS, Operating Systems like Windows, UNIX, Proxy Servers, Windows Servers, System Application and Networking Devices.

 Good experience on analyzing alerts and events generated by Network Security, Web and Email Gate Way Security, Endpoint Security Tools, IDS/IPS, firewall, Vulnerability management and identifying the true positives and false positives.

 Regular Health Check for Splunk.

 Analyzing and creating the documenting root cause for critical security incidents. Communicating with the client through emails, calls and meeting their requirements.

 Log monitoring and Incident analysis for various devices such as Firewalls, IDS, IPS, Windows Servers, web servers etc.

 Monitoring the events through Dashboards.

 Raising Incidents with Concern Teams, respond to the incidents and service requests and bring together additional information to either resolve or escalate the issue to the appropriate teams.

 Incident reporting and management for various incident/security alerts triggered by SIEM tool.

 Involved in creation of queries in Splunk for monitoring purpose.

 Preparing daily, weekly and monthly and ad-hoc reports along with their complete analysis.

 Reporting device/interface down events to maintain maximum uptime and thus helping in preventing any log loss or minimizing any delay.

 Follow up & Closing of the tickets based on the response from Client and resolver groups

 Hands on analyzing the phishing emails.

 Indexing and Invoices Verify of invoices

 Processing of PO & Non-PO Invoices.

 Reporting and reconciliation.