Rohit Kumar
Noida
Summary
Experienced Shift Manager and Cyber Security Analyst with over 10 years of expertise in security operations and incident response. Skilled in managing the entire incident lifecycle utilizing NIST, MITRE ATT&CK, and Cyber Kill Chain frameworks. Proficient in coordinating shifts, analyzing logs and emails, and conducting advanced threat hunting with EDR and SIEM platforms. Adaptable to new technologies with a strong IT background in network, cloud, and endpoint environments. Recognized for exceptional interpersonal skills, effective communication, and promoting teamwork.
Overview
11
11
years of professional experience
1
1
Certification
Work History
Shift Manager
Microsoft India (R and D) Pvt Ltd
05.2023 - Current
- Conducted quality assessments of security incident investigations to ensure accuracy, completeness, and compliance with organizational standards; implemented feedback mechanisms to enhance investigation techniques.
- Managed ticket assignment queues, optimizing distribution based on analyst expertise and workload; monitored ticket lifecycle to maintain SLA adherence and optimal service levels.
- Monitored and improved metrics like Mean Time to Acknowledge (MTTA) and Mean Time to Resolve (MTTR) to enhance response times.
- Identified and escalated tool-related issues and operational challenges to product and support teams; coordinated with cross-functional teams for swift issue resolution.
- Provided mentorship and support to security analysts, improving investigative capabilities and decision-making during incidents; facilitated knowledge-sharing sessions on emerging security trends and technologies.
- Acted as the primary incident manager during significant security events, coordinating response efforts across teams; developed and refined incident response playbooks for streamlined crisis operations.
- Prepared and presented detailed reports on security incidents, trends, and team performance to senior management.
- Managed shift schedules/roster to ensure 24/7 operational coverage.
- Allocated resources efficiently, including tools, software, and personnel, to address incidents of varying severity.
Security Analyst II
Microsoft India (R and D) Pvt Ltd
05.2022 - 05.2023
- Member of Microsoft DEX(Defender-Experts) XDR team which deals in managing IR and providing security as a service to customers.
- Managed security for MMD (Microsoft Managed desktop) devices across 70+ customers, leveraging the M365D suite for robust protection of endpoints.
- Proactively performed advanced threat hunting using KQL, identifying potential threats and vulnerabilities to strengthen overall security posture.
- Developed SOP's and playbooks for various incident categories, streamlining SOC processes and facilitating efficient incident management.
- Contributed to process improvement initiatives through active participation in multiple KRAs and projects, driving enhancements in security operations and team efficiency.
- Conducted incident rehearsal/tabletop exercises, promoting a proactive incident response approach and ensuring preparedness to address and mitigate security incidents.
- Delivered security presentations on multiple occasions to customers on behalf of our customer acquisition team, raising awareness about our offerings and scope.
Security Operations Analyst L2
McKinsey & Company
12.2020 - 04.2022
- Investigated and responded to escalated alerts/incidents by L1 team using diverse security tools to address potential threats and security issues.
- Monitored and investigated suspicious emails utilizing Proofpoint, eDiscovery, and email analysis techniques to swiftly contain and mitigate risks.
- Conducted triage analysis of endpoint devices, utilizing FireEye and M365 defender security suite to promptly detect and respond to suspicious activities.
- Assisted in creating and refining security monitoring rules and TTP's to safeguard company infrastructure.
- Organized and actively participated in incident response drills to share knowledge and contribute to self and team development.
Associate Consultant
NaviSite
02.2018 - 02.2019
- Running scans on Qualys Guard and generating reports based on customer requirements.
- Creating asset view dashboard in Qualysguard for operational view.
- Automated manual effort in excel sheet using Python and thus reducing cost and man hours.
- Mitigating real time threats through threat manager (intrusion detection system) on Cloud
Defender (Alert Logic). - Mitigating Web Application attacks through Web Application Firewall (WAF).
- Threat investigation of multiple types of attacks (SQL injection, Recon, etc.).
- Looking for new vulnerabilities on external websites and analyzing it for any impact on our
environment using Qualysguard. - Creating narrative for various weekly testing (missing AV, etc.) as a part of compliance process.
- Scheduling weekly vulnerability scans through Cloud Defender (Alert Logic).
SOC Analyst
Infosys Ltd.
10.2014 - 10.2017
- Conducted base level analysis to determine the legitimacy of files, domains, and emails using
online resources such as Virus Total, URL Void, IPVoid, and Robtex. - Monitored a worldwide network for cyber security events and anomalies using an Arcsight.
- Performing daily health check-up using Splunk.
- Continuously monitored and analyzed and identified security alerts information from all
approved security devices, collection techniques and designated system logs. - Utilized Security Information and Event Management (SIEM), Intrusion Detection & Prevention(IDS / IPS).
- Read Symantec logs and make sure ISSO is aware of any anomalies and add behavior on the
network. - Continuously monitoring alerts on FireEye HX, doing analysis of hosts infected with malware.
- Containment of hosts from network if found infected.
- Doing Vulnerability scanning for servers using tool Nexpose and sending mail to team for
remediation.
Education
B.Tech/B.E. - Computer Science
NSIT
Patna11-2013
Skills
- ArcSight
- Splunk
- SIEM
- Logs Analysis
- Information Security
- Certified Ethical Hacker
- Security Operations
- ECSA
- Threat Intelligence
- Malware Analysis
- Threat Hunting
- EDR
- SOC
- Ceh
- Incident Response
- Microsoft Technologies
- MS Defender
- Windows Defender ATP
- Shift Management
- Shift Planning
- Rostering
- Risk Assessment
Certification
- HP ArcSight ESM Security Administrator and Analyst
- Certified Ethical Hacker
- Splunk Certified power User
- Microsoft 365 Certified: Security Administrator Associate
- Microsoft 365 Certified: Fundamental
- Microsoft Certified Azure Fundamentals
- Microsoft Certified: Security, Compliance, and Identity Fundamentals
Languages
Hindi
English
Hobbies and Interests
Playing cricket, exploring new places.
Social links
https://www.linkedin.com/in/rohit-kumar-a5914165/
Timeline
Shift Manager
Microsoft India (R and D) Pvt Ltd
05.2023 - Current
Security Analyst II
Microsoft India (R and D) Pvt Ltd
05.2022 - 05.2023
Security Operations Analyst L2
McKinsey & Company
12.2020 - 04.2022
Associate Consultant
NaviSite
02.2018 - 02.2019
SOC Analyst
Infosys Ltd.
10.2014 - 10.2017
B.Tech/B.E. - Computer Science
NSIT
Similar Profiles
Santosh Kumar GoliSantosh Kumar Goli
Senior Software Engineer at Microsoft India R&D Pvt LtdSenior Software Engineer at Microsoft India R&D Pvt Ltd
ANKITA LODHAANKITA LODHA
Executive at Pvt LtdExecutive at Pvt Ltd
PRANOTI SANKPALPRANOTI SANKPAL
Practus Advisor at Pvt ltdPractus Advisor at Pvt ltd
Richa SharmaRicha Sharma
Deputy Manager at Optum Global SolutionsDeputy Manager at Optum Global Solutions
Mohak SaxenaMohak Saxena
Customer Service Associate at Niftel Communications Pvt. Ltd.Customer Service Associate at Niftel Communications Pvt. Ltd.