Results-driven SOC Engineer with OREGONO Technologies, specializing in phishing analysis and threat detection. Enhanced email security protocols, significantly improving incident response efficiency. Proven communication skills fostered user education and awareness, while automating processes to streamline phishing incident management. Expertise in malware identification and vulnerability assessment ensures robust security measures. Managed user-reported phishing emails through Microsoft Defender, analyzing and classifying them as legitimate or malicious.
• Automated the process of marking legitimate emails as safe, and sending confirmation responses to users.
• Identified and flagged malicious emails, including credential theft attempts, for security response.
• Generated Security Incident and Request (SAR) numbers for phishing cases to ensure proper tracking and escalation.
• Collaborated with security teams to investigate phishing threats, and support rapid incident resolution.
• Contributed to enhancements in email security protocols to improve threat detection and response efficiency. Expertise in working on Proofpoint (Email Security Gateway) alerts for analyzing and blocking phishing, malware, imposter, and spam emails at the user and enterprise level.
• Analyzing email security events generated by Microsoft Office 365 ATP.
• Understanding of the core principles of web application security, such as authentication, access control, encryption, and input validation.
• Improved user experience and awareness by providing timely communication on the status of reported emails. Checked proxy logs in Splunk to determine if users clicked on malicious URLs or downloaded harmful files from phishing emails.
• Triggered automatic Security Incident Reports (SIRs) in ServiceNow for confirmed phishing emails. Blocked malicious URLs and deleted associated emails using Microsoft Defender to contain threats. Blocked illegitimate sender IDs using Proofpoint to prevent recurring phishing attacks. Handling ERT bridge calls effectively, and coordinating multiple Infra teams as per BU requirements to identify, isolate, and resolve production-impacting critical issues. Troubleshooting non-reporting devices to report in SIEM (Splunk) and the FireEye console by getting in touch with the appropriate teams, and fine-tuning the use of PROFESSIONAL SUMMARY cases.
• Analyzing and approving or rejecting software requests by end users generated through the ServiceNow platform. Participate in weekly and monthly review calls with clients.
Date of birth: 11/07/97
I hereby declare that the above-mentioned information is correct to my knowledge, and I bear responsibility for the correctness of the above-mentioned particulars
Naveen Neelam