Nitika Rai

• Worked in 24x7 shift as SOC Analyst in which the responsibilities were incident response, Email-Security, Splunk, QualysGuard FIM, EDR, VMDR, PC and other modules. Monitoring and Investigation of Security incidents. Review of Network Devices Security Rules including Firewall, VPN, Switch, Routers and working on IDS/IPS threat alerts, Vulnerability Management (Analysis and Reporting).
• Monitored security access logs and analyzed system events for suspicious activity.
• Identified potential security risks, vulnerabilities and threats to the organization's systems and networks.
• Conducted vulnerability scans of corporate networks to identify weaknesses in the system.
• Provided technical support on security related issues and assisted users in resolving them.
• Investigated reported information security incidents by analyzing log files, conducting interviews with involved personnel.
• Participated in regular meetings with internal stakeholders to discuss current security trends, identified risk areas and proposed solutions.
• Monitored alerts generated by intrusion detection systems to identify potential attacks against corporate networks.
• Reviewed network traffic logs to identify signs of unauthorized access and underlying network vulnerabilities, explaining breaches and surrounding conditions to client.

Responsible Projects

1..MISP TI Platform: Worked on Deployment of TI Platform for Production Environment for investigating the security incident more accurately.

2.Creating Dashboards on Splunk: Dashboard creation of various log sources through which we get useful data in visualization mode and creating use cases for alerting of security incidents.

3. External Scanning: Scheduled Daily scans and automated the daily scan reports to the server and created the dashboard on Elastic SEIM for continuously monitoring. Scanning the internet exposed hosts and analyze the report and check for the critical vulnerabilities which can harm the environment.

4. Web Application Scanning: Scanning all the Web applications and API , analyzing and reporting the vulnerability and also mark exceptions after gathering proper evidences.

5. File Integrity Monitoring: Creating correlation rules for the FIM to monitor the integrity of the files in the systems of employees as well as the production systems so that no malicious or malware related files should present in the environment and harm the environment.

• Worked as SOC Analyst in which responsibilities was of the following tools: Splunk, Armis, Demisto XSOAR, Area1 Security, Bitsight etc.

Major Responsibilities:

1. ARMIS : Worked on reducing various Vulerabilities on various devices such as Network Devices - Routers, Switched , SCADA server and many more . Checking for port-wise Vulnerabilities and mitigate those to reduce the count of Vulnerabilities in the Infrastructure.

2. BitSight : Worked on the various Vulnerabilities shown by tool and mitigate them to increase the Organization's Score on the BitSight. Various Vulenrabilities related to SSL Certificate , Network Ports , Bugged Software versions and many more.