About
An experienced information security professional with strong Cyber Security, management skills & soaring interest in cutting edge security trends that require profound reading and experimentation. Fully committed to understand and re-invent processes to develop innovative approach towards problem solving. Always eager to learn more tricks from all team members adding to holistic knowledge gain in a way that is beneficial to the company while enhancing productivity and reputation.
Skills & Expertise (29)
Work Experience
Security Operations Analyst L1
Accenture
Nov 2023 - Present
Security Operation, Event detection & Investigation (L1): 2.3 years Experience. Qradar and Splunk- day-to-day operations & perform real-time proactive security monitoring, detection & response to security events & offences for Enterprise infrastructure. Threat Hunting, Recorded Future, CrowdStrike, DLP, IPS/IDS, Incident Handling, Log analysis &Deep investigation, Presentations, Dashboards & Reports. Conduct a thorough investigation of security events generated by our detection mechanisms, such as SIEM, EDR, IDS/IPS, WAF, Firewall, and Proxy. Incident Handling, Investigate, collaborate and report on root-cause analysis of malware attacks. Investigate a threat and correlate it with multiple implemented security platforms and analyse the historical to current research-based scenario to take appropriate actions. Security SIEM Operational task – Log Analysis and Correlation, Filters, Active channels, Security event monitoring and Incident handling, Email Analysis, Domain analysis, Team Lead, Good leadership skills and ability to coordinate and direct teams of SOC analysts calmly and effectively in high-pressure situations. Worked in 24x7 operational support, Knowledge of Networking and Information security concepts and processes, In-depth knowledge about SIEM architecture (Qradar), Good understanding of different types of Cyber-Attacks. Real-time Time Monitoring on SIEM Tool Splunk and Qradar. Based on network devices, operating systems and the platform of the client’s environment, creating customer-specific security reports and a monthly dashboard, as well as fine-tuning on client requirements. Report Automation on the Qradar SIEM platform. Actively involved in configuring IOCs of the latest security threats on Qradar ESM. Block IOCs on Security solutions. Investigate of Incidents raised by SOC Team, share incident with stakeholder & provide mitigation. Maintain record of reporting & non-reporting devices on daily basis & present these reports in weekly meeting with CISO & respective stakeholders. Co-ordinate with SOC Team regarding client queries & provide solution within SLA time. Prepare reports & share report observations with respected stake holders. Perform use-case review activity on quarterly basis.
Education
B.Sc - Shivaji University Kolhapur
- 2022 · Afghanistan
