Summary
Overview
Work History
Education
Skills
Websites
Certification
Timeline
Generic
Suraj Kumar

Suraj Kumar

Cybersecurity Analyst
New Delhi

Summary

As a Cybersecurity Analyst at Egon Zehnder, assist in the administration and 24x7 monitoring of various security tools, such as Microsoft Sentinel, Forecourt, Palo Alto, Sophos, EDR, Crowdstrike Falcon, Microsoft 365 Defender and Proofpoint. Also perform real-time monitoring, investigation, analysis, reporting, and escalation of security events and incidents, using SIEM tool Sentinel and threat hunting tool Crowdstrike. With the help of teAm, Have successfully mitigated and resolved several security threats and risks to the organization's information systems, such as DOS, DDOS, ransomware, SQL-injection, phishing, and malware attacks. Have a BA in English Language and Literature/Letters from Kalinga University, where developed communication, writing, and critical thinking skills. Am passionate about cybersecurity and constantly learning new skills and technologies to enhance knowledge and performance. Have completed multiple online courses and certifications related to cybersecurity, such as Internet Connection, Technical Support FundAmentals, The Bits and Bytes of Computer Networking, and Cyber Kill Chain FrAmework. IAm proficient in vulnerability assessment and management, incident response, root cause analysis, and documentation. Am motivated by the challenge and satisfaction of protecting the organization and its clients from cyber threats and breaches. Information Security Specialist with passion for aligning security architecture plans and processes with security standards and business goals. Extensive experience developing and testing security framework for cloud-based software. Versed in robust network defense strategies.

Overview

5
5
years of professional experience
3
3
years of post-secondary education
5
5
Certifications
2
2
Languages

Work History

IT Security Analyst

Egon Zehnder Knowledge Center India
Gurugram
10.2022 - Current
  • Assist in administration and 24x7 monitoring of SIEM tool using Microsoft Sentinel/ Forescout and other security tools such as Palo Alto, Sophos, EDR, Crowdstrike Falcon, Microsoft 365 Defender and Proofpoint
  • Monitored and evaluated security threats and risks to organization's information systems and took appropriate action to mitigate or resolve issues
  • Expertise in Incident Response to quickly identify attack, minimize its effects, contain damage, and remediate cause to prevent or reduce risk of future incidents
  • Real-Time Monitoring, Investigation, Analysis, Reporting, Escalations of Security events and preparing Root cause analysis in house security Infrastructure
  • Interact with Users to resolve queries related to SIEM, EDR tools for Incident Response
  • Analyze Threat Patterns on various security devices and Validation of False/True positive Security Incidents
  • Proficient in analyzing Phishing Emails, Phishing Campaigns, Tap Alerts to prevent from email threats
  • Actively monitoring consoles of Proofpoint TAP, TRAP and PP Admin for investigating any alarms
  • Real time Threat hunting and Malware analysis
  • Diagnose malware events to ensure no interruption of service
  • Identify potential threat, anomalies, and infections and provide report to management
  • Creating SIEM searches, visualizations, dashboards, and reports
  • Creating and maintaining documentation (SOPs & Playbooks) for security events processing
  • Developed detailed documentation regarding each incident including timelines, affected systems.
  • Monitored use of data files and regulated access to protect secure information
  • Conducted security audits to identify vulnerabilities
  • Monitored computer virus reports to determine when to update virus protection systems
  • Administered and monitored firewalls, intrusion detection systems and anti-virus software to detect risks
  • Engineered, maintained and repaired security systems and programmable logic controls
  • Educated and trained users on information security policies and procedures
  • Executed penetration testing to identify security weaknesses and develop disaster recovery plans
  • Worked with other teams to enforce security of applications and systems
  • Investigated and resolved incidents of unauthorized access to sensitive information
  • Researched and developed new computer forensic tools
  • Drafted security reports and metrics to track security performance and strategize improvements
  • Reviewed violations of computer security procedures and developed mitigation plans
  • Analyzed network traffic and system logs to detect malicious activities
  • Implemented security measures to reduce threats and damage related to cyber attacks
  • Developed, tested and implemented security policies, plans and procedures for organizational protection
  • Recommend improvements in security systems and procedures
  • Developed plans to safeguard computer files against modification, destruction, or disclosure
  • Performed risk analyses to identify appropriate security countermeasures
  • Encrypted data and erected firewalls to protect confidential information
  • Managed time efficiently in order to complete all tasks within deadlines

SOC ANALYST

NTT India Private Limited
New Delhi
12.2021 - 10.2022
  • Worked as SOC Analyst for monitoring, analyzing logs using SIEM tool SPLUNK
  • Performs real-time monitoring, security incident handling, investigation, analysis, reporting and escalations of security events from multiple log sources
  • Managing Dashboard, Offenses, Reports, Assets, and various log activities in Splunk
  • Monitoring for different types of attacks such DOS, DDOS, Ransomware, SQLInjection, etc
  • And have potential to bring in notice of client about any such suspicious attack on network
  • Handling reported Security Incidents to ensure are resolved in timely manner
  • Threat hunting using Crowdstrike Endpoint Security against advance malware and zero-day exploits
  • Recognize threat over Endpoint based on signatures triggered on fire eye and differentiate false positives from true intrusion attempts
  • Monitoring and proactively working on Forcepoint DLP (Data Leakage Prevention)
  • Logging & Analyzing of DLP incidents & escalate them in case of data leakage
  • Exporting logs as per requirement, Reporting, and documentation of daily activities.

Desktop Support Engineer

Biba Apparels PVT. LTD.
New Delhi
09.2018 - 09.2021
  • Relocated and configured desktop computer devices and phones to facilitate office moves and new employee workstations.
  • Removed malware, ransomware, and other threats from laptops and desktop systems.
  • Configured hardware, devices, and software to set up work stations for employees.
  • Maintained inventory of installed desktop hardware and software components to keep records accurate and updated.
  • Troubleshot potential problems and eliminated before issues escalated or cascaded.
  • Prioritized, tracked and documented problem resolutions, notifying customers of issue status.
  • Assisted end-users with conference room equipment setup and operation.
  • Installed new or upgraded hardware and software and coordinated installation and follow-up with user to achieve customer satisfaction.
  • Analyzed issues to identify troubleshooting methods needed for quick remediation.
  • Explained technical information in clear terms to promote better understanding for non-technical users.
  • Documented and updated known fixes in knowledge base for future reference.
  • Maintained support policies and methods of support delivery to provide technically accurate solutions to users.
  • Suggested software and hardware modifications to reduce lag time and improve overall speed.
  • Boosted network, system and data availability and integrity through preventive maintenance and upgrades.
  • Broke down and evaluated user problems, using test scripts, personal expertise, and probing questions.
  • Documented support interactions for future reference.
  • Designed tailored engineering solutions for customers based upon key requirements.
  • Maintained servers and systems to keep networks fully operational during peak periods.
  • Identified scope of problem and provided operational and technical assistance to remedy.
  • Rolled out software updates and applied server patches to thwart threats from penetrating networks.
  • Developed and implemented bug fixes and patch sets for existing web applications.
  • Performed encryption, firewalls and patch management to implement and maintain system security.
  • Patched software and installed new versions to eliminate security problems and protect data.
  • Delivered technical sales presentations to prospects and presented benefits and value of products.
  • Configured and installed computer systems for other sub-organizations.
  • Monitored systems in operation and quickly troubleshot errors.
  • Designed Sharepoint master page and page layouts.
  • Monitored network performance and provided network performance statistical reports for both real-time and historical measurements.
  • Provided authorized users with technical support and advice regarding proper use and functionality of equipment.
  • Walked individuals through basic troubleshooting tasks.
  • Collaborated with vendors to locate replacement components and resolve advanced problems.
  • Coordinated with systems partners to finalize designs and confirm requirements.
  • Monitored system performance to maintain system integrity.

Education

BA - English Literature

Kalinga University
Raipur, Chhattisgarh
06.2015 - 06.2018

Skills

SIEM

undefined

Certification

Certified Ethical Hacker

Timeline

IT Security Analyst

Egon Zehnder Knowledge Center India
10.2022 - Current

SOC ANALYST

NTT India Private Limited
12.2021 - 10.2022

Desktop Support Engineer

Biba Apparels PVT. LTD.
09.2018 - 09.2021

BA - English Literature

Kalinga University
06.2015 - 06.2018
Certified Ethical Hacker
Security+
JNCIA (Juniper Networks Certified Internet Associate)
Fortinet: NSE1, NSE2
CCT (Certified Cybersecurity Technician): Preparing
Suraj KumarCybersecurity Analyst