MD SOHEL AKTAR

Concentrix

01.2024 - 09.2024

Daily monitoring of Dashboards and alerts in Splunk & analyzing the Triggered Alerts.
Analyze the log activities from the Splunk and respond on the incidents •Manage 24x7 operations at SOC including event monitoring which includes incident detection, tracking and analyzing on real time basis, report generation.
Analyze suspicious IPs, file hashes and URLs using Threat Intelligence to detect types of malwares using Virustotal.com, MxToolBox.com, hybrid-analysis.com, IBM XForce, CISCO Talos, IP Void, and IP Abuse.
Good command on Splunk components.
Knowledge on OSI-model and cyber kill chain.
Knowledge & good understanding on Network Ports and Protocols, DNS, DHCP, Proxy, VPN etc.
Strong knowledge on security concepts like CIA, RISK, Vulnerability, Threat, Defense in Depth.
Having a good knowledge on Network Devices & Network security devices.
Prepare Weekly and monthly incident reports.
Review incident creation, validate closed Incidents and take follow-up of pending incidents.
Assist senior analysts in Fine-tuning – filtering SIEM alerts to ensure only relevant security data is gathered and moving default rules to production after rule analysis.
Assist in development and knowledge sharing with the team.
Resolve problems independently and understand escalation procedures.
Encrypted data and erected firewalls to protect confidential information.
Assisted with day-to-day operations, working efficiently and productively with all team members.

Summary