Pradeep Hurkadle
Information Security Analyst (SOC)
Bengaluru,Karanataka
Summary
Having 4. Years of hands-on Experience in securing the network environment using SIEM tools like, QRadar, Splunk, Azure Sentinel. Experience in Information Security with emphasis on security operations, Log monitoring, Log management, incident management, and security event analysis through Sentinel & Splunk SIEMs.
Overview
4
4
years of professional experience
2022
2022
years of post-secondary education
6
6
Certifications
3
3
Languages
Work History
Information Security Analyst (SOC)
TCS
08.2021 - Current
- Provide Global Security Operations Center (GSOC) support.
- Experience working with global teams across multiple time zones, cultures, and languages and mostly supported MNC clients.
- Analyzing the phishing Emails which are reported by the employees and performing phishing campaign.
- Analyzing the DLP related incidents and identifying any possible data leakage, taking the quick actions to mitigate data leakage.
- I have actively participated in the POC of FortiSOAR solution
- Monitoring and responding to Cloud infrastructure logs AWS Cloud trail, Cloudwatch, Defender for Cloud etc
- Having experience in analyzing the raw logs, PCAPS and writing the regular expressions to extract fields out of it
- Track and respond to all incoming alerts from the SOC, the MSSPs, and the systems monitored directly by the Security Operations team
- Perform tier 2 triage of all escalations from the SOC & MSSPs, tier 1 triage of all alerts that are directly monitored, and work with Security Engineering for all escalations beyond the Security Operations team
- Monitor multiple security alert sources, eliminate false positives from Splunk, Sentinel SIEM, based on the impact and nature of the Security incident triage significant security events, and escalate according to the established procedures.
- Review automated daily security events, identify anomalies and escalate critical security events to the appropriate IT Team and follow up as required.
- Investigate the root cause of the incident from different logs.
- Monitor security devices log delay alarm to keep the device in a healthy state using SIEM
- I have good experience managing the incidents from Crowdstrike, MS defender EDR
- Good understanding of MITRE ATT&CK framework -Threat Hunting, Incident Detection and Response, use case engineering, Designing and implementing IR Playbooks, Curating Threat Intelligence.
- Security incident response spam email analysis education Analyze event/alert patterns to properly interpret and prioritize threats with available DLP tools and other devices
- Identify trends and derive requirements aimed at improving and enhancing existing data loss prevention and detection policies
- Creating the incident report and send across to the management.
- Conduct thorough investigative actions based on security events (Real-time incidents: SQL injection, cross-site scripting, Trojan, server attacks, etc.) and remediate as dictated by standard operating procedure
- Dashboards, reporting, & KPIs Perform routine (daily, weekly, monthly, quarterly, & yearly) reporting on our security events, trends, and system hygiene & posture, such as on our IaaS environments & critical SaaS environments
- Build the system & configuration components needed to capture the metrics by which security hygiene, monitoring & alerting health, and security program effectiveness are measured
- Presenting daily status report to the customers and completing the action items requested by the customers
- Track our KPI elements over time such that KPI trends can be determined & used as feedback to the security program design
- Having good experience in analyzing the traffic in Panorama and Wildfire for file analysis
Education
Bachelor of Computer Applications -
DR APJ Abdul Kalam University
Indore, India06-2021
Skills
SIEM : Splunk, AZURE Sentinel, Qradar
Certification
Splunk Core User Certified
Additional Information
- in Monitoring & Investigating the incoming Events in the QRadar and Splunk. Analysing the detections and incidents from EDR solutions like Crowdstrike, MS defender and containing the machines and providing real time response Experience of working in 24x7 operations of SOC team, offering log monitoring, security information management, global threat monitoring. Having experience in handing incident response in Linux OS and troubleshooting accordingly Good understanding of log formats of various devices such as Web sense, Vulnerability Management Products, IDS/IPS, EDR, Firewalls, Routers, Switches, OS, DB Servers, and Antivirus Experience in generating Daily, Weekly & Monthly Reports from QRadar and Splunk. Exposure to Ticketing tool like Service Now. Agile in investigating security threats such as Malware Outbreaks, DDOS, OWASP T-10 and Phishing Analysis on the network. Hands-on Experience on various vendors of Security devices like IDS/IPS, Proxy, Endpoint, DLP etc. Monitor and analyze Intrusion Detection Systems (IDS) to identify security issues for remediation. Recognize potential, successful, and unsuccessful intrusion attempts and compromise thorough reviews and analyses of relevant event detail and summary information. Identifying and investigate/resolve data exfiltration and phishing events. Identifying emerging threat tactics, techniques and procedures used by malicious cyber actors and publish actionable threat intelligence for business and technology management.
Timeline
Information Security Analyst (SOC)
TCS
08.2021 - Current
Bachelor of Computer Applications -
DR APJ Abdul Kalam University
Similar Profiles
Prashant MishraPrashant Mishra
Senior Process Associate at TCSSenior Process Associate at TCS
Senthil Kumar ChinnathambiSenthil Kumar Chinnathambi
IT Analyst at TCSIT Analyst at TCS
Sowmya BandiSowmya Bandi
Application Proxy Manager at TCSApplication Proxy Manager at TCS
Deblina Nag ChoudhuryDeblina Nag Choudhury
QUALITY ASSURANCE LEAD at TCSQUALITY ASSURANCE LEAD at TCS
Umesh UUmesh U
Senior Data Engineer at Nike IndiaSenior Data Engineer at Nike India