Neha Sherkhane

• Dedicated and efficient IT engineer with over 8+ years of experience in Cyber Security, specializing in Security Information and Event Management (SIEM) and Endpoint Detection and Response (EDR) operations.
• Currently a Security Analyst III at Walmart Global Tech, Bangalore, with extensive experience in threat hunting, incident response, and security operations.
• Configuring SIEM tools to collect logs from Security devices, Network devices, Windows Servers.
• Investigating security threats on network (log Monitoring).
• Proven ability to perform Security SIEM Operational task such as creation, fine tuning of alert logics by writing use cases, create dashboards and playbook using Arcsight, Sentinel, Defender ATP, Chronicle, XSOAR.
• Having good experience on ArcSight in creating Real Time Alerts, Rules, Queries, Dashboards and Reports.
• Having experience in installation and configuration of smart connectors. Knowledge on basic Unix/Linux commands, Java script, HTML code.
• Proven ability to investigate anomalies, threat hunting and provide actionable insights to respective team.
• Good understanding on running atomic test in lab environment and generate attacks/alerts to build new use case logic in production. Published author on cybersecurity topics and passionate about continuous learning and improvement.

• Perform Security SIEM Operational task such as creation, modification, fine tuning of alert logics by writing/updating use cases using Sentinel, Defender ATP, Chronicle, XSOAR, Good working experience on SIEM Sentinel and XSOAR.
• Good understanding on creating dashboard, playbook in XSOAR.
• Analyzing log files for anomalies, identifying potential intrusions or malicious activity before significant damage occurred.
• Investigation on the anomalies and report them to the client, eliminate false positives and provide a detailed view to the client with the impact and recommended actions.
• Hands on experience on running atomic test in lab environment and generate attacks/alerts to build new use case logic based telemetries.
• Continuous log monitoring, threat hunting and analysis.
• Hands on experience on working with various ticketing/tracking tool such as Service Now, Resilient, Jira.
• Closely worked with Incident response Team during critical case analysis for triaging, analysis, containment, eradication, lesson learned.
• Good understanding on IR role and responsibilities.
• Good experience in DLP in terms user behavior analysis and review.
• Good understanding on various Attack analysis, Malware analysis, Phishing, etc.
• Experience in configuring SIEM tools to collect logs from various network and Security devices.
• Been part of QA team to review closed alerts analysis and to provide feedback.
• Have published a blog “Empowering Women in Cybersecurity” on Global Medium Platform.
• Educating employees on cybersecurity awareness through training sessions, significantly reducing instances of human error-related breaches.
• Developing and maintaining detailed documentation on security processes, facilitating knowledge transfer and ensuring consistency in procedures.

SANS - GCIA