B.Tech in IT professional with 10 years of experience in SOC security solutions in fast-paced environments. Skilled in Microsoft Security tools, Network Security, Email Security, Cyber security, SIEM, Incident Response, Threat Analysis with proven history of delivering exceptional risk management support.
Seasoned Lead Engineer with a resourceful, hardworking and quality-driven mindset. Proactive in tackling equipment and system issues to maintain operational status. Top-notch leader and project manager with an organized and methodical approach.
Overview
9
9
years of professional experience
6
6
years of post-secondary education
2
2
Certifications
Work History
Lead Engineer
Wipro||European Project
Gurgaon
2022.07 - Current
Hands-on experience with Administrator role on Azure security and Microsoft XDR solutions like: (Microsoft Defender for Endpoint, Office, Identity, Cloud apps, DLP, AAD Identity Protection)
Enhancing investigation process by enabling predefined XDR features such as Advance hunting, live response session, Run Antivirus scan, Restrict App Execution, Initiate Automated Investigation, Isolate Device, Collect Investigation Package, Enable/Disable user in AD, Force password reset
Working on Microsoft Defender for Endpoint according to the alert severity to apply remediation steps to prevent the cyber threats deep analysis using Advanced hunting in defender and custom detection rule creation which will be triggered in different suspicious activity scenarios
Working on Microsoft Defender for Office to investigating Phishing, Quarantine emails and taking appropriate actions like Delete, Blocking sender and domain in O365
Manage the Vulnerabilities Part according to inventories, weakness, Event Timeline, recommendation, and remediation as per the Baseline assessment that found by XDR
Proactively curating industry specific Threat intelligence with Recorded Future as well as open-source tools and sweeping out accordingly
Performing hypothesis using threat intelligence and Advance Hunting TTP's mapping them with the MITRE ATT&CK framework
Working on Service Now tool as incident handler and response for customer
Have good knowledge about the IR process also present the report to ensure meet SLA as defined and Audit Purposes.
Worked as SOC Lead to handle Microsoft Sentinel, Microsoft Defender for Endpoint, Azure ATP, Microsoft Office 365 ATP, Proof point Email Security, Service-NOW
Working on Microsoft defender for Endpoint to analysis and monitoring alerts triggered on different Endpoints in the network
Based on alert severity apply remediation steps to prevent the cyber threats (Ransomware, virus etc.) attacks (malicious PowerShell alerts, log4j vulnerability, IOC related alerts) deep analysis using Advanced hunting in defender ATP and custom detection rule creation which will be triggered in different suspicious activity scenarios
Microsoft Sentinel as SIEM tool to investigation the Incidents and alerts from integrated sources for suspicious activity according defined rules
Integration of Log sources in Sentinel, creation and fine tune of use cases and create report and dashboard as per requirement
Proof Point Email security gateway for Email authentication related issues (SPF, DMARC, DKIM), non-delivery, Spam detection, IOC Block, Email Delete, Header Analyzer, create custom rules as requirement
Working on Microsoft Azure ATP for monitoring and analysis user login-based activity, brute force attempts, honey token activity, monitoring account lockout related alerts and finding out the reason behind it.
Sr. Security Analyst
Inspira || PSB Bank Project
Gurgaon
2021.01 - 2021.06
Work as SOC Lead and Implementation Team to implement some solutions like as SIEM, NBAD, Decoy Honeypot, Algosec NSPM
Monitoring of RSA SIEM components and Integration of various Log sources in SIEM
Create, modify and fine tune Use case and SIEM reports, dashboards according alerts as per requirement.
Cyber Security Analyst
Sify Technologies Limited || PNB Bank
New Delhi
2018.08 - 2021.01
Worked on the different security tools as RSA Net witness, Checkpoint Firewall, Fortigate, ASA, ITGRC, Cisco NBA, Proxy, DLP in centralized SOC
Experience in SIEM for Incident and alert for real time events and Creating alerts, rules, reports, Dash-lets and dashboards as per requirements
Event Source integration with SIEM with syslog, odbc, file, SNMP, windows methods, parser & event source template development
Worked on incident and problem ticket reported by end users/customers
Analyze for attacks, intrusions and unusual, unauthorized, or illegal activity.
Network Security Engineer
Badve Engineering Limited
Pune
2015.10 - 2018.08
Worked on Checkpoint Firewall for monitoring and filtering traffic
Installation & Configuration of Checkpoint Gaia R77.30
Possess sound knowledge of Network Address Translation, Access Control List, License and VPN Technology
Knowledge of SAM Database, IP Spoofing, Smart View Monitor, Smart View Tracker, SIC
Strong, hands-on technical knowledge of Network and PC operating systems.
IT Engineer
MRKIET Education Society
Rewari
2013.07 - 2015.10
Handle IT Department to provide IT security framework that ensure the protection of University Information from unauthorized access, loss or damage while supporting the open, information-sharing needs of our academic culture
Installation and maintain Servers, Printers and Windows Platform systems
Handle Internet and Intranet security through Proxy emails, Network file sharing
Maintain all assets documents and Monitoring health and checklist Reports
Education
Bachelor of Technology - Computer Science Engineering
MRKIET College (Under MDU University)
Rewari
2010.06 - 2013.06
Diploma - Computer Science Engineering
Govt. Polytechnic, HSBTE Panchkula
Jhajjar
2006.06 - 2009.06
Skills
Vulnerability Assessment using Microsoft Defender tools to evaluate attack vectors, identify system vulnerabilities and develop remediation plans and security procedures.
Location support engineer at Wipro Arabia ( Saudia Airline project & SAL project )Location support engineer at Wipro Arabia ( Saudia Airline project & SAL project )