Rashi Sharma

SIEM Qradar

• Worked in a 24x7 Security Operations Center.
• Conduct log analysis using Qradar.
• Continuous monitoring and interpretation of threats using the SIEM.
• Investigate malicious/ suspicious activities or codes, phishing emails, domains and IPs using Open source tools and recommend proper blocking based on analysis.
• Investigate the incidents and report the False positives to the L2 and L3 engineers.
• Monitoring and analysis of security events to determine intrusion and malicious events.
• Suggest the SOC L2 and L3 engineers to drop the event ID's for informational events to stop the unnecessary buffer on the client log collector or shipper.
• Conducted proactive monitoring and investigation of security incidents at L2 level.

Resolution Intelligence and Google Chronicle.

• Worked on the productization of the Resolution Intelligence Platform.
• Provided recommendations to senior engineers and development team for improving the Resolution Intelligence platform.
• Investigated the detection/incidents on the RI and chronicle and provided the detailed analysis of the incident to L2 and L3 engineers.
• Created a customized dashboard for the log sources .
• Provided suggestions for fine tuning of Correlation rules on Chronicle based on daily monitoring of logs.
• Integrated the log sources like windows, Linux, Firewalls in Chronicle as per the business requirements.
• Excellent communication skills, both verbal and written.
• Strengthened communication skills through regular interactions with others.
• Resolved problems, improved operations and provided exceptional service.
• Passionate about learning and committed to continual improvement.
• Worked effectively in fast-paced environments.

• Resolving any technology complain and improving the
  experience of Wi-Fi and network services

• Learnt about Networking and tools like CISCO packet
  tracer, MetaSploit and Nessus