About
An experienced Information Security professional with strong expertise in cybersecurity operations, threat monitoring, and incident response. Skilled in using SIEM tools such as IBM QRadar and Splunk to analyze security events, investigate threats, and respond to incidents effectively. Passionate about staying updated with emerging security trends and technologies through continuous learning, research, and experimentation. Committed to improving security processes, implementing innovative solutions, and collaborating with teams to strengthen organizational security posture while enhancing operational efficiency and productivity.
Skills & Expertise (18)
Work Experience
Information Security Analyst L1
Tata Consultancy Services (TCS)
Sep 2023 - Present
Monitor real-time security events using SIEM tools such as IBM QRadar and Splunk to detect suspicious activities and potential security incidents. Perform SIEM operational tasks including log analysis and correlation, filter creation, active channel monitoring, security event monitoring, incident handling, email analysis, and domain analysis. Analyze and respond to security alerts related to infrastructure threats, vulnerabilities, and targeted phishing attempts using SIEM platforms. Investigate security events generated from multiple security tools such as SIEM, EDR/XDR, IDS/IPS, WAF, firewalls, proxy servers, and database monitoring systems. Handle and investigate security incidents by performing detailed analysis, collaborating with internal teams, and conducting Root Cause Analysis (RCA) for malware and security incidents. Work with various security solutions including Endpoint Detection and Response (EDR), Cyber Incident Response tools, IDS/IPS, Email Security solutions, Vulnerability Assessment tools, and Malware Analysis platforms. Develop and implement SIEM rules and use cases to improve threat detection and monitoring capabilities. Review and fine-tune existing and newly implemented use cases to reduce false positives and improve detection efficiency. Improve SOC processes by implementing new ideas, enhancing monitoring workflows, and contributing to the development of operational procedures. Create and document security incident cases and escalate them to the onsite SOC team or relevant stakeholders for further investigation and remediation. Follow incident response best practices and support correlation activities to maintain SLA compliance. Generate and manage incident tickets using ServiceNow and ensure proper tracking, follow-up, and resolution of security incidents. Demonstrate leadership and coordination skills by guiding SOC analyst teams and effectively managing situations during high-pressure security incidents.
Education
BSc Computer Science - Karnataka University, Dharwad
- · Afghanistan
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Citizen
Relocation
Open to Relocation
