Tharun Kumar U

• As lead, initiated DLP, DAM, Seclore improvement program and carried out,
• Policy fine tuning: Fine tuned more than 45 critical politics tailor made to fit client requirements.
• Identification of tool limitations
• Workaround development for limitations identified
• Automation
• Multi device use case creation by correlating DLP logs with UEBA ,AV, DCT logs to detect both data leak and data exfiltration.
• Introduced concept of information SOC in client environment where data protection technology was grouped together to streamline SOC operations.
• DB event blocking introduced in DAM, where DML,DDL and DCL commands executed on sensitive tables are not only monitored, but also blocked.

Note: Have received client CISO appreciation for improving security posture of data security.

• Contributed to SOC operations by actively monitoring incidents on
• SIEM administration. Have worked on 3 different SIEM technologies.
• Conducted phishing drills and spam email analysis.
• Contributed in Cyber Drills in identifying attacks.
• Conducted table top exercise involving senior leadership team.
• Contributed in Identifying false positives in WAF, DAM and DLP and worked to increase the true positives.
• Contributed in Playbook review and rewrite.
• Contributed in providing requirements for multi device use case to effectively identify data leak.

• Completed integration of various log sources to Arcsight SIEM (parser creation) to ensure compliance with relevant regulations -Event monitoring in SOC and create incident tickets appropriately to relevant team members including IT
• Created integration plans and worked with SOC team to ensure integration results are as per SOC analyst and SOC teams need. Managed over 10 to 15 use case reviews to improve true positive detection.
• Participated in continuous improvement by generating suggestions, engaging in problem- solving activities to ensure and meet SOC's core monitoring objectives
• Identified issues pertaining to log sources, analyzed information and provided solutions to problems
• Carried out day-day-day duties accurately and efficiently
• Completed minor preventative maintenance of SIEM.