RAVI BHARATHI R

SOC Analyst – Cognizant Technology Services

• As an SOC analyst my day to day activities includes monitoring security alerts from SIEM and EDR to detect and respond to potential threats in real-time.
• Using Splunk as the SIEM tool for log analysis, correlation, and incident investigation.
• Utilizing Microsoft Defender for Endpoint (MDE) as the EDR tool to monitor and investigate endpoint-related security threats.
• Handling phishing tickets, analyzing suspicious emails, identifying malicious indicators, and taking necessary actions to mitigate phishing attacks.
• Working on reputation management tools like BitSight and SecurityScorecard, where I am the only point of contact for managing and improving the organization's cybersecurity ratings.
• Taking the initiative to create the entire reputation management process for BitSight and SecurityScorecard, streamlining the workflow and ensuring effective monitoring.
• Creating Standard Operating Procedures (SOPs) for BitSight and SecurityScorecard, documenting processes to ensure consistency, clarity, and ease of execution.
• Providing support to the Data Loss Prevention (DLP) team whenever needed, assisting with policy enforcement, incident investigation, and remediation activities.

• In my role as a security analyst, I am responsible for monitoring, analyzing, responding to, and mitigating security threats and issues on a daily basis
• This involves actively monitoring the Siem tool (Splunk) and conducting endpoint monitoring within the Mde environment
• A significant aspect of my work involves handling phishing email incidents
• This includes thorough analysis of email headers through techniques such as Email Header Analysis, where I dissect email headers to identify potential phishing indicators, track email routes, and assess message legitimacy
• I have also been involved in responding to and managing major security incidents as they arise
• Additionally, I perform regular health checks for all security consoles to ensure optimal functionality and effectiveness
• As part of my duties, I am also responsible for exporting vulnerability management (VM) reports when needed
• Through these activities, I contribute to the proactive identification and resolution of security threats, ensuring the ongoing security and integrity of the organization's systems and data