Summary
Overview
Work History
Education
Skills
Certification
Tools And Technology
Personal Information
Timeline
Generic

LAKSHAY RANA

Palampur

Summary

  • Highly motivated and proactive security professional with 7+ years of experience in the field.
  • Perform Security SIEM Operational task - Analysis, Investigation, Rules fine-tuning, Log Sources Integration, Troubleshooting Error Log sources.
  • Proficient in incident handling, including containment, eradication, and recovery.
  • Experienced in utilizing a range of security tools including SIEM, IDS/IPS, EDR, sandboxing, email security, DLP, and SOAR for effective threat detection and analysis.
  • Implementing SIEM solution and data connectors integration with the SIEM Solution.
  • Configuring playbooks to automate the incident response and handling.
  • Strong understanding of security frameworks such as NIST, ISO 27001.
  • Familiarity with cloud security principles and practices, including AWS and Azure.
  • Excellent written and verbal communication skills for conveying complex security concepts to technical and non-technical audiences.
  • Familiarity with threat intelligence platforms and sources to stay informed about emerging threats and adversary tactics, techniques, and procedures (TTPs).
  • Good understanding of different types of cyber-attacks and security concepts.

Overview

8
8
years of professional experience
1
1
Certification

Work History

Senior Security Analyst

Citrix (CSG)
Bengaluru
05.2022 - Current
  • Detecting and Investigation of notables triggered by Splunk extended to alert on the Palo Alto XSOAR solution by following the playbook using technical experience in resolution of Incidents
  • Responsible for monitoring the Cloud Environment (Azure, AWS) and ensure security best practices are followed and compliant as per policy
  • Taking charge of containing ongoing incidents, collecting and scrutinizing additional data, identifying possible lateral movement, persistence, determining the root cause of the attack, and taking steps to restore normal business operations
  • Conducting security alert triage, which involves tasks such as analyzing malware, performing endpoint forensics, sandboxing files, tracking phishing campaigns, and analyzing user behavior
  • Collaborate with the IR team on daily sync calls with investigations and speak about noteworthy findings
  • Review abuse reports where Citrix products are used for malicious intent such as impersonating clients, hosting of phishing sites and liaise with product security team to take down content
  • Notifying HR and Legal teams regarding DLP policy violators with a summarized description of user-activity
  • Managing incidents and alerts across all our endpoints, emails, and identities using MS XDR and Google Security Centre
  • Develop and refine incident response playbooks in XSOAR for different scenarios
  • Creating Incident types/Layouts and performing classification & mapping in the Palo Alto XSOAR platform
  • Configuring and troubleshooting log sources with SIEM and preparing integration document
  • Detection engineering, work along with red team/purple team operations to improve current detection rules on security appliances
  • FedRAMP experience and knowledge.

Senior Cybersecurity Analyst

TCS
Hyderabad
01.2020 - 04.2022
  • Responsible for incident response and remediation based on access provided to the TCS team
  • Critical incident handling and escalation response
  • Implement and manage Microsoft Sentinel and IBM QRoc solutions for clients
  • Configure and customize Microsoft Sentinel playbooks and analytics rules
  • Troubleshoot and resolve the SIEM integration issues
  • Identify and handling advanced threats with User and Entity Behaviour Analytics (UEBA)
  • Collaborate with clients to understand their security requirements and provide tailored solutions
  • Preparing Security advisories on the latest cyber threat and performing hunting of the IoCs in the Clients environment using SIEM and EDR
  • Cross-verify incident details that are recorded by the Tier1 team whenever needed
  • Serve as technical lead on SOC shifts, as well as SOC technical tasks that are outside the scope of normal shift responsibilities
  • Conducting training sessions and tabletop exercises
  • Create and maintain comprehensive documentation for Integration of log sources, security configurations and processes
  • Review and present weekly reports to a customer
  • Assist and mentor L1 Analysts on triage.

Security Analyst

Prolifics
Hyderabad
07.2016 - 12.2019
  • Continuously monitor Qradar Console (Dashboards, Alerts and so on) for security incidents
  • Perform Initial Triage of the Alerts/Incidents as per SOP
  • Escalate security incidents according to the incident response escalation procedure
  • Assist, coordinate with the Security Incident Handling Team (onsite projects team) and provide assistance during the investigation
  • Determine, document, and report true positive events/alerts
  • Verify logging and reporting of integrated devices
  • Generate scheduled SOC reports
  • Follow up with remediation groups for closure of open incidents and issues
  • Provide feedback on new alerts/correlation rules and reports
  • Provide shift handover and updates to next shift personnel.

Education

BE (Electronics and Communications) -

Chitkara University

Skills

  • Security Operations Center (SOC) Operations
  • Incident Response
  • Threat Intelligence
  • Network Security
  • SIEM
  • Threat Hunting
  • Malware Analysis
  • Endpoint Security
  • Cloud Security
  • Data Loss Prevention (DLP)
  • Cybersecurity Frameworks (NIST, ISO, etc)
  • SOAR
  • EDR

Certification

  • MS-500: Microsoft 365 Certified Security Administrator Associate
  • SC-200: Microsoft Security Operations Analyst

Tools And Technology

  • SIEM: Microsoft Sentinel, IBM QRoC, Splunk, Google Chronicle
  • Security Tools: Palo Alto Cortex XSOAR, Microsoft Defender XDR, Google Security Center
  • Sandboxing Tools: Hatching Triage, Cisco Threat Grid
  • Cloud: Azure, AWS
  • Operating Systems: Windows, Linux, MAC
  • Language: KQL, Python

Personal Information

  • Father's Name: Jodh Singh Rana
  • Date of Birth: 05/12/95
  • Gender: Male
  • Nationality: Indian

Timeline

Senior Security Analyst

Citrix (CSG)
05.2022 - Current

Senior Cybersecurity Analyst

TCS
01.2020 - 04.2022

Security Analyst

Prolifics
07.2016 - 12.2019

BE (Electronics and Communications) -

Chitkara University
  • MS-500: Microsoft 365 Certified Security Administrator Associate
  • SC-200: Microsoft Security Operations Analyst

Similar Profiles

  • BHAGYARAJ ISAIAH

    BHAGYARAJ ISAIAHBHAGYARAJ ISAIAH

    Senior Manager- Global Support at CSG ( Previously - Citrix R & D India Pvt. Ltd)Senior Manager- Global Support at CSG ( Previously - Citrix R & D India Pvt. Ltd)

    View Profile
  • Junaid Abdullah

    Junaid AbdullahJunaid Abdullah

    Senior Technical Support Engineer at CSG (Citrix Systems)Senior Technical Support Engineer at CSG (Citrix Systems)

    View Profile
  • Doreen Daley

    Doreen DaleyDoreen Daley

    Senior Consultant at CSGSenior Consultant at CSG

    View Profile
LAKSHAY RANA