Skills & Expertise (4)
Work Experience
Manager – Security Ops
Vodafone Idea Limited
08-2024 - 10-2025
Monitored DDoS alerts and mitigated attacks within SLA, fine tuning parameters to reduce false positives. Ensured compliance and governance through timely upgrades, patch management and capacity assessments. Coordinated with vendors and customers on health checks, configuration reviews and escalation matrices. Managed security tools for SIEM, DDoS, IDS/IPS, Firewall and WAF with expertise in TCP/IP Analysis. Applied ITIL practices for incident management, ensuring seamless operations. Prepared and delivered detailed reports with customers and stakeholders, ensuring high service quality.
Security Operations Analyst L1
TCS
06-2022 - 08-2024
Security Operation, Event detection & Investigation (L1): Qradar and Splunk- day to day operations & perform real-time proactive security monitoring detection & response to security events & offence for Enterprise infrastructure. Recognize attacks based on their signatures/trends/patterns. Conduct thorough investigation of security events generated by our detection mechanisms such as SIEM, EDR, IDS/IPS, WAF, Firewall, Proxy, and Database. Incident Handling, Investigate, collaborate and report on root-cause-analysis of malware attacks. Knowledge of Implementation of new rules and use cases. Review & Fine tuning of existing & recently implemented use cases. Implementation of various ideas in current project and developed the processes. Investigate a threat and correlate it with multiple implemented security platforms and analyze the historical to current research-based scenario to take appropriate actions. Developed many incident management’s processes and response processes to improve respond time and configured latest IOCs to detect/prevent attack on time. Implemented best practices for incident response and investigation, correlation trainings for team to maintain the SLA. Implemented Play-books for investigation steps & response. Conducted sessions & trainings on Use-Case, Playbooks & Cybersecurity related topics. Collating and blocking of the IOC’s which are received from different Threat Intel Feeds. Security SIEM Operational task – Log Analysis and Correlation, Filters, Active channels, Security event monitoring and Incident handling, Email Analysis, Domain analysis. Good leadership skills and ability to coordinate and direct teams of SOC analysts calmly and effectively in high-pressure situations. Worked in 24x7 operational support, Knowledge of Networking and Information security concepts processes, in depth idea about SIEM architecture (Arc Sight), good understanding on different types of Cyber-Attacks. Real Time Monitoring on Arc Sight SIEM Tool and In-depth log analysis, correlation and investigation of different devices which includes Check Point, Fortinet, Palo Alto, Force point, Zscalar, IDS, IPS, WAF etc. Advise and implement necessary changes required to counter the attack or improvise security standards. Keep the security systems up to date and contributing to security strategies. Takes an active part in the resolution of incidents, even after they are escalated. Block IOCs on Security solutions.
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
No Visa
Relocation
Open to Relocation
