Shivani Dangi
Gurugram
Summary
Experienced Cyber Security Analyst with expertise in Cloud Security, incident response, threat hunting, malware analysis, domain squatting, threat intelligence, data leak protection, SIEM use case creation, and phishing email analysis. Skilled in utilizing advanced security tools and methodologies to protect organizational assets and enhance security posture. Proven ability to effectively mitigate security incidents and develop resilient response strategies to counter evolving cyber threats.
Overview
6
6
years of professional experience
1
1
Certification
Work History
Solution Delivery Advisor : Senior SOC Analyst
Deloitte USI
04.2022 - Current
- Incident Response: Actively monitor, investigate, and mitigate security incidents within Cloud environment in 24/7 Security Operations Center (SOC)
- Security Use Case Development: Create and fine-tune security use cases in SIEM (Cloud Environment) for optimized threat detection
- Threat Detection: Correlate security events using MITRE ATT&CK techniques to improve alert visibility and expedite incident response through SIEM and EDR tools
- Process Improvement and Training: Define new processes, oversee escalated incidents from L1 SOC members, and facilitate knowledge transfer for junior SOC personnel
- Vulnerability Scanning: Execute regular vulnerability scanning activities using Qualys to identify and mitigate risks
- Phishing Campaign Management: Oversee monthly phishing campaigns to enhance client security awareness and resilience
- Incident Response Protocols: Develop comprehensive incident response procedures and runbooks to standardize security operations
- Malware Analysis: Managed malware incidents using EDR tools, achieving a 95% response rate and successful remediation within 24 hours
- Domain Squatting Investigations: Investigate and take necessary actions on domain squatting alerts to protect client assets
- Security Device Health Checks: Perform daily, weekly, and monthly assessments to maintain the operational integrity of security devices
- Threat Intelligence: Conduct threat intelligence assessments tailored to client environments
Senior Cyber Security Analyst
Tata Consultancy Services Limited
06.2021 - 03.2022
- International Bank Project: SOC Lead: November 2021 – March 2022
- SOC Lead Responsibilities: Managed queries from L1 team and communicated with management to address concerns
- Security Device Maintenance: Carried out daily, weekly, and monthly checklists to ensure the proper functioning of all security devices
- MFA Queries: Handled Multi-Factor Authentication (MFA) queries, taken needed action with a 95% on-time completion rate
- Phishing Campaign Management: Oversaw monthly phishing campaigns for clients to enhance security awareness
- Log Analysis: Performed log analysis, alert creation, and maintenance to ensure effective monitoring and response
- Incident Response: Modified false positive alerts and created dashboards/reports tailored to management and customer needs
- Process Improvement and Training: Defined new processes and reviewed incidents escalated from L1 SOC members
- Vendor Communication: Acted as a liaison between TCS and vendors for new feature requirements
- SIEM Utilization: Monitored incidents using SIEM tools and conducted thorough investigations
- 24/7 SOC Operations: Actively monitored, investigated, and mitigated security incidents
SOC Analyst (L2)
Tata Consultancy Services Limited: Canada Based Fertilizer Company
06.2021 - 11.2021
- Security Incident Response: Proactively monitored, examined, and mitigated security incidents
- Email Issue Resolution: Diagnosed and resolved email delivery issues by identifying root causes
- Suspicious Activity Identification: Identified and responded to suspicious or malicious activities and code
- Log Management: Analyzed Splunk logs, created alerts, and maintained log management systems for effective monitoring
- Content Development: Established new security rules and modified/validated existing ones within Proofpoint
- Dark Web Monitoring: Monitored dark web activity and took preventive measures to address potential data leaks
- Email Alert Analysis: Analyzed email alerts, including phishing emails, spam, malicious attachments, and blocked IOCs based on findings
- Incident Response Improvement: Developed triage templates and established new processes to enhance incident response
- User Login Monitoring: Detected and implemented preventive measures for suspicious user logins
- Malware Analysis: Executed in-depth malware analysis in a controlled lab environment
SOC Analyst
Wipro Limited
08.2018 - 05.2021
- EDR Alert Reporting: Monitored, analyzed, and reported suspicious incidents/alerts from EDR (FireEye & CrowdStrike) to L2
- Incident Response: Operated as a Security Analyst in a 24/7 SOC, proactively monitoring, investigating, and mitigating security incidents generated via SIEM
- Security Device Health Checks: Performed daily, weekly, and monthly checklists to ensure proper health checks of all security devices
- DLP Policy Management: Generated new policy and modified/validated existing policy in Forcepoint and CASB
- Email Issue Mitigation: Resolved email delivery issues by identifying and addressing root causes
- Process Improvement: Produced triage templates and defined new processes as required
- Procedure Documentation: Documented updated procedures and SOPs
Education
Bachelor of Engineering - IT
SGSITS
Indore01.2018
XII -
SSM
Bina01.2014
X -
SSM
Bina01.2012
Skills
- Experience with Endpoint Detection and Response
- Identity Protection
- Security Information and Event Management (SIEM) Tools
- Phishing Defense Expertise
- Email Security Tools
- Data Loss Prevention (DLP)
- Network Device Security
- Dark Web Monitoring
- Ticketing Tools
- OSINT Analysis Expertise
- Expertise in MITRE ATT&CK Framework
- NIST
- DARKWEB
- Cloud Security: Aws, Azure
- Malware Detection
- Yara L Scripting Language
- Training and mentoring
Certification
- Microsoft Certified: Azure Fundamentals (AZ-900)
- Zscaler Certified: ZTCA (Zscaler Technical Certification Associate)
Languages
Hindi
English
Personal Information
Date of Birth: 05/28/96
Timeline
Solution Delivery Advisor : Senior SOC Analyst
Deloitte USI
04.2022 - Current
Senior Cyber Security Analyst
Tata Consultancy Services Limited
06.2021 - 03.2022
SOC Analyst (L2)
Tata Consultancy Services Limited: Canada Based Fertilizer Company
06.2021 - 11.2021
SOC Analyst
Wipro Limited
08.2018 - 05.2021
Bachelor of Engineering - IT
SGSITS
XII -
SSM
X -
SSM
Similar Profiles
GURUPRASATH KRGURUPRASATH KR
Senior Consultant at Deloitte USI Consulting - Deloitte DigitalSenior Consultant at Deloitte USI Consulting - Deloitte Digital
Akhtar KhanAkhtar Khan
DC Senior Consultant at Deloitte Consulting India Private Limited (Deloitte USI)DC Senior Consultant at Deloitte Consulting India Private Limited (Deloitte USI)
SHRESTH ISHSHRESTH ISH
Advisory Intern at Deloitte USIAdvisory Intern at Deloitte USI
Rolwin D'CunhaRolwin D'Cunha
Senior Auditor at Deloitte USISenior Auditor at Deloitte USI
Amanjot Kaur LambaAmanjot Kaur Lamba
Workday Integration Consultant at AccentureWorkday Integration Consultant at Accenture