SOC Analyst with over 2.10 years of experience in threat detection and incident response. Expertise in utilizing security tools such as SIEM, IDS/IPS, and EDR for effective monitoring and management. Proven ability to operate in 24x7 SOC environments, ensuring swift incident resolution and protection of organizational assets. Experienced in analyzing threats using open-source intelligence while maintaining confidentiality and investigating both internal and external security incidents.
Work History
Information Security Analyst
BNP Paribas India Solutions Pvt. Ltd.
Working as security Analyst for SOC 24*7 environment.
Serving as a Cybersecurity Analyst in SOC operations for real-time monitoring, analyzing logs from various security/Industrial appliances.
Utilizing SOAR platforms, specifically TheHive, to automate and orchestrate incident response workflows, enhancing efficiency and reducing response times for Production CSIRT.
Handling the security alerts generated by SIEM/SOAR, ArcSight, LogRhythm, MATD and EDR tools.
Real time Monitor network traffic and security events using Elastic SIEM tool, such as IPS, Firewall, End point Security, Operating system, and Email security including Elasticsearch, Logstash, Kibana, to detect and analyses potential security incidents.
Perform Analysis on malwares and viruses detected by EDR and AV agent and Isolation on ransomware/malware issues.
Expertise and knowledge in hunting, as well as automated event detection of services, to identify any suspicious or malicious activity across the enterprise.
Collect the suspicious files/script and perform malware analysis using sandboxing.
Using Tanium, we quickly respond to security incidents by remotely investigating and containing threats on endpoints. It provides the ability to isolate compromised endpoints, collect forensics data, and perform remediation actions.
Escalating the security incidents based on the client's SLA and providing meaningful information related to security incidents by doing in-depth analysis of event payload, providing recommendations regarding security incidents mitigation which in turn makes the customer business safe and secure.
Monitoring proxy logs & cases on high bandwidth for unwanted external sites, suspicious downloads/uploads
Investigate malicious phishing emails, domains, and IPs using Open-Source tools and recommend proper blocking based on analysis.
Recognizing attacks based on their signatures.
Finding false positive, fine tuning and escalating Security events.
Daily SIEM Health check and troubleshooting the issues.
Collaborate with cross-functional teams to investigate and remediate security incidents by raising SNOW tickets.
Provide recommendations for improving security controls, incident response processes, and mitigation strategies.
Documented incident reports, including detailed findings, actions taken, and recommendations for future improvements.
Education
Post Graduate -
Osmania University
Hyderabad
01.2021
Bachelors - computers
Mahatma Gandhi University
01-2019
Skills
SIEM: ArcSight, LogRhythm, SOAR TheHive
EDR: CrowdStrike, Tanium
ELK: Elasticsearch, Logstash, Kibana
Email Analysis: Microsoft Defender
Antivirus: Trellix Endpoint security, defender AV
Malware Analysis: Payload Security
Threat intel: Recorded Future, TIE
Ticketing Tool: Service NOW
Disclaimer
I here by declare that the above information is true to the best of my knowledge and belief.
Manager – Controls -EMEA/North America Region at BNP Paribas INDIA Solutions Pvt LtdManager – Controls -EMEA/North America Region at BNP Paribas INDIA Solutions Pvt Ltd
Information Systems Analyst /Information Security Analyst at Ministry of Interior (MOI)Information Systems Analyst /Information Security Analyst at Ministry of Interior (MOI)