Indrajit Ghosh

a )Engineered and managed SIEM platforms ( Microsoft Sentinel, Securonix) integrating data sources from cloud and on-prem environments using AMA and Log Analytics.

b) Configured detection rules, alerts, and correlation logic to enhance threat visibility and reduce false positives.

c) Developed KQL dashboards for real-time threat monitoring across Microsoft Defender, O365, Azure AD, and core network infrastructure.

• Monitored data connectors and device health to ensure uninterrupted log ingestion into Sentinel and Securonix.
• Resolved reporting issues through root cause analysis to maintain consistent data flow.
• Led investigations with cross-functional teams, documenting security protocols and ensuring compliance with standards.
• Created automated response playbooks using Logic Apps and Power Automate to optimize workflows and reduce manual tasks.
• Conducted proactive threat hunts with advanced KQL to identify insider threats and malicious behaviors.