Summary
Overview
Work History
Education
Skills
Certification
Disclaimer
Credlyprofile
Timeline
BusinessAnalyst
Sunil Kumar Prajapati

Sunil Kumar Prajapati

Bangalore

Summary

Dynamic SIEM Engineer with a proven track record at LTIMINDTREE and Securonix Pvt Ltd, specializing in SIEM implementation and cybersecurity threat identification. Excelled in platform engineering and content development, enhancing SOC efficiency by leveraging skills in Qradar and Securonix. Adept at leading SOC teams towards innovative security solutions with a keen focus on risk remediation and use case development.

Overview

7
7
years of professional experience
1
1
Certification

Work History

SIEM Engineer

LTIMINDTREE
12.2022 - Current
  • Experience in SIEM, SIEM Architecture, SIEM health check
  • Deployment of SIEM in customer environment and with hand on with SIEM version upgrades
  • Audit the SIEM in the customer environment
  • Building parser for the SIEM using regex and DSM validation; create custom profiles when require
  • Create/build use case and fine-tune any existing use cases
  • Troubleshoot issues regarding SIEM and other SOC tools
  • Onboarding of log sources to SIEM monitoring
  • Troubleshooting non-reporting devices to fix and maintain good device reporting status
  • Good in log search traditionally and by KQL; capable of hunt for threat by log monitoring from different log source logs
  • Hands on experience in SIEM administration and Event flow architecture and different types of logs generated by devices like Windows, Proxy, Network Devices, Database, applications…etc
  • Make sure the health of the SOC tools are always in green
  • Make sure internal incident tickets and vendor tickets for SOC tools are resolved
  • Data archiving and backup and data purging configuration as per need and compliance
  • Raising change management tickets for SOC Administration activities like Patch upgrade for SIEM, onboarding log sources etc
  • Helping L2 and L1 with required knowledge base details and basic documentations
  • Co-ordination with L2 and SOC Monitoring team for troubleshooting issues and highlighting them to clients for further resolution and escalation
  • Troubleshooting at device and connector/agent end to fix the anomaly reported by other team and observed on day to day basis
  • Update and maintain SOC knowledge base for new security incidents and docs
  • Creation of daily and weekly status report sheet and submit to SOC manager for review
  • Review advisories and make necessary detection measures
  • Provide analysis and trending of security log data from a large number of security devices
  • Good Understanding of Firewall, IDP/IPS, SIEM functioning
  • Deep understanding on Windows, and Linux commands
  • Knowledge on MITRE Tactics and Techniques

Sr. Analyst

Sacumen
09.2022 - 12.2022
  • ArcSight Smart Connector Installation and Integration Part
  • ArcSight ESM Installation
  • Creating a new Parser and updating old Parser as well
  • Worked on Microsoft Windows Server 2019(Installation and configuration)
  • Worked on SQL Management Studio 2019 (Audit Log generate and analysis and preparing parser)

Cyber Threat & Content Analyst

Securonix Pvt Ltd
09.2017 - 08.2022
  • Experience in Event Correlation and Analysis (Implementation)
  • Experience in Hadoop components and Solr (Troubleshooting)
  • Experience in Parser Development and categorization
  • Receiving raw logs and prepare configresourceparser (CRP) and configfuntionalityparser (CFP)
  • Hands-on performing threats and malware analysis
  • Threat Monitoring for alerts on different device types and escalating with customer
  • Threat analysis, behavior analysis, risk assessment, risk audit, on Securonix
  • Creating use cases
  • Finding user/entity specific violation using user correlation rules and attributions
  • Managing Remote network for assign policy, threat analysis, and network management based on event monitoring
  • Worked on various types of data sources like Palo Alto, bluecoat proxy, Symantec, many others
  • Experience in different type logs analysis
  • Experience in mapping part (user attributes and Snypr tool Attribute)
  • Worked on Real time data on Snypr tool
  • Experience on Incident management, SIEM Administration/Installation/Configuration, Use case management, Threat model, Correlation rules, Data source onboarding, Log analysis and events monitoring, Dashboard, Reports

Cloud Security Engineer in Operation Team

Securonix Pvt Ltd
  • Understanding of patch management with the ability to deploy patches in a timely manner while understanding business impact
  • Experience in Installation Product with Configuration and Upgrading the Environment
  • Excellent Experience in troubleshooting Part
  • Experience in JIRA and ServiceNow
  • Reporting of violations/incidents under threats and violations dashboard in client’s Environment
  • Creating security rules, dashboards, threat Models and Monitoring violations
  • Threat hunting and threat reviewing in the client’s environment to reduce false positive violations

Education

B.Tech IT - Information Technology

B.U.M.V Jaunpur Uttar Pradesh
Jaunpur Uttar Pradesh
06-2015

Skills

  • SOC Team Management
  • Implementation of SIEM
  • Platform Engineering
  • Content Development
  • Qradar
  • Securonix Implementation
  • Securonix Content Development
  • Splunk
  • SOAR
  • IDAM
  • Azure Portal
  • Cybersecurity Threat Identification
  • JIRA
  • Service Now Tool
  • Data Integration
  • MITRE ATT&CK
  • Control Risk Remediation
  • Big data
  • Hadoop
  • Solr
  • UEBA
  • Qualys Cloud Platform
  • Parser
  • Use Case Development

Certification

  • Certified Ethical Hacker (CEH v10), ECC4328910576
  • CDAC Certified In IT Infrastructure AND Security System

Disclaimer

I declare that the above information provided is correct to the best of my knowledge.

Credlyprofile

https://www.credly.com/users/sunil-prajapati.b90846fb

Timeline

SIEM Engineer

LTIMINDTREE
12.2022 - Current

Sr. Analyst

Sacumen
09.2022 - 12.2022

Cyber Threat & Content Analyst

Securonix Pvt Ltd
09.2017 - 08.2022

Cloud Security Engineer in Operation Team

Securonix Pvt Ltd

B.Tech IT - Information Technology

B.U.M.V Jaunpur Uttar Pradesh

Similar Profiles

CREATE PROFILE
Sunil Kumar Prajapati