Summary
Overview
Work History
Education
Skills
Certification
Timeline
Additional Information
Generic
Stanly Mathew

Stanly Mathew

Cyber Threat Analyst
Bengaluru

Summary

Seasoned professional with three years of experience in , Security Operations Center roles, adept at managing security incidents, analyzing threats, and implementing effective counter measures. Demonstrated expertise in time management, reporting, and communication, coupled with proficiency in data analysis using SIEM, database tools, and Excel. Seeking to leverage comprehensive skills in troubleshooting security devices, SIEM platforms, and familiarity with a wide range of cyber threats to contribute effectively to an enterprise network environment.

Overview

4
4
years of professional experience
2
2
Certificates

Work History

Cyber Threat Analyst

Optiv
05.2021 - Current
  • · Perform real-time monitoring, analysis, investigation, reporting, and escalation of security events/incidents from various log sources, while crafting detailed reports.
  • · Address ad-hoc requests in alignment with both internal and client requirements.
  • · Provide recommendations for refining use cases to tackle false positive alerts effectively.
  • · Develop standard operating procedures (SOPs) for incidents, summary reports, and SOC-related documentation.
  • · Manage end-to-end incident lifecycle, including identification, assessment, quantification, reporting, communication, mitigation, and ongoing monitoring.
  • · Ensure adherence to SLAs, promote process compliance, and spearhead process enhancements to achieve operational objectives.
  • · Strengthen the Security Operations Framework through process revisions, policy reviews, and enhancement proposals.
  • · Supervise team and vendor management, optimize resource allocation, and implement corrective measures as needed for the Security Operations Center's effectiveness.
  • · Create comprehensive reports, dashboards, and metrics for SOC operations, and deliver engaging presentations to leadership.
  • · Conduct thorough investigations into security events, initiate incident management procedures, and provide support during 24/7 shift rotations.
  • · Address system alerts promptly, analyze logs and traffic patterns, and refine SIEM correlation rules and Endpoint Protection detections.
  • · Improve and streamline Playbooks and processes and ensure thorough shift handovers.
  • · Adhere strictly to defined SLAs and procedures while executing daily tasks and activities.
  • · Demonstrate a profound understanding of systems, networking, databases, cloud computing, storage, and relevant technologies.
  • · Exhibit expertise in Open-Source Intelligence tools, including IP/domain reputation and associated skill sets.
  • · Actively participate in weekly SOC meetings to discuss and address raised incidents.
  • · Effectively manage false positives, raise tickets for validated incidents, and provide remediation support to the Incident Response Team.
  • Core Strengths:
  • · Proficient understanding of SIEM architecture.
  • · Strong grasp of networking and security principles.
  • · Knowledgeable in advanced capabilities such as Threat Hunting and Malware Analysis.
  • · Familiarity with web-based attacks and the OWASP Top 10.
  • · Good understanding of the MITRE Attack framework.
  • · Expertise in Cyber Security Incident Response processes and procedures.
  • · Experience in developing use cases, creating dashboards, and Playbooks for security incidents.
  • · Demonstrated ownership of issues, resolving or escalating them within SLA-bound environments.
  • · Proficient in monitoring and analyzing logs from various sources such as Firewalls, WAF, Proxy, Windows servers, Antivirus, and EDR systems.
  • Tools :
  • · IBM QRadar, Azure Sentinel and Splunk SIEM.
  • · Microsoft Defender EDR And ATP.
  • · Splunk SOAR, Phantom and Swimlane automation tools.
  • · Palo Alto
  • · Cisco IronPort and Defender Email gateway.
  • · Service now and Jira ticketing tools.
  • · Wireshark, Cyberchef and OSINT tools.

Technical Support Engineer

Mphasis
08.2020 - 05.2021
  • Worked For Apria Incident management
  • Primary Proofpoint analysis of the Email
  • L1 Security Support for Apria as a part of service desk
  • Used Infragenie to handle chats and Document tickets
  • Used Bright patterns to Handle calls
  • Used Service Now to create Reports and Document the Daily Stats
  • Specialized in Active directory Account Handling and Internal Enterprise Applications
  • Provided regular updates to team leadership on quality metrics, communicating consistency problems or production deficiencies with quality and production leadership
  • Educated employees on specific QA standards and confirmed maintenance of standards
  • Developed monthly and daily production output plans to deliver on customer service and SLA metrics.

Engineer 1

Microsoft ( Contractor )
12.2019 - 08.2020
  • Core Services Engineering and Ops Team
  • Worked as Microsoft GHD Engineer for 8-Months at DXC Technologies, understanding the needs of stakeholders and vendors of Microsoft and provide Required Software and Hardware support and services
  • Followed up with clients to verify optimal customer satisfaction following support engagement and problem resolution
  • Explained technical information in clear terms to non-technical individuals to promote better understanding
  • Created support documentation that empowered and enabled user community to extend skills, leverage system features and find resolutions to questions without intervention from support team
  • In Depth understanding of Microsoft office Suite and applications
  • Specialized in all the versions of Windows 10
  • Documentation tools used Support 360 and ServiceNow [SNOW]
  • Chat tool used Connect Me and Service-now
  • Was trained on ITIL V4 Basis to Understand Incident Management and Incident Quality Metrics.
  • Key Feature: Service Now | Sharepoint Admin | O365 Admin | Azure Active Directory Admin

Education

B.E - Mechanical Engineering

SJCIT
Chickkballapur
04.2014 - 2018.08

Skills

    Incident Management

undefined

Certification

Microsoft Certified Security Operations Analyst (SC-200)

Timeline

CompTIA Certified Security+ (SY0-701)

03-2024

Microsoft Certified Security Operations Analyst (SC-200)

04-2023

Cyber Threat Analyst

Optiv
05.2021 - Current

Technical Support Engineer

Mphasis
08.2020 - 05.2021

Engineer 1

Microsoft ( Contractor )
12.2019 - 08.2020

B.E - Mechanical Engineering

SJCIT
04.2014 - 2018.08

Additional Information

On December 2nd 2022, I underwent a Legal Name change, Transitioning from Sachin Mathew R to Stanly Mathew.

Similar Profiles

  • Dilip Kumar JM

    Dilip Kumar JMDilip Kumar JM

    Endpoint Security Engineer at OptivEndpoint Security Engineer at Optiv

    View Profile
  • Matt Forslund

    Matt ForslundMatt Forslund

    Sr. Client Manager at OptivSr. Client Manager at Optiv

    View Profile
  • Joshua Deakins

    Joshua DeakinsJoshua Deakins

    Senior Manager, Global Data and Digital Technology at OptivSenior Manager, Global Data and Digital Technology at Optiv

    View Profile
Stanly MathewCyber Threat Analyst