About
I have 4.3 years of experience as a SECURITY ANALYST in the field of Cyber security Operations for 24*7 SOC environment using SIEM and EDR Technology. Expertise in SOC (Security Operations Centre) Operations methodology such as Incident Handling, Incident Investigation, Logs monitoring, Network traffic monitoring, real time security event handling, log analysis, identifying and classifying attempted compromises to networks through heuristics identification of suspect traffic.
Skills & Expertise (11)
Work Experience
Security Analyst
VSM Infotech Pvt Ltd.
Feb 2022 - Present
Monitoring and analysis of events generated by various security and network tools like Firewalls, Proxy servers, AV, IPS/IDS, load balancerʼs database, and System Applications. Working as Security Analyst for SOC 24*7 environment. Security Incident Response: Responsible for monitoring security alerts. Analysis of logs generated by appliances, investigation, and assessment on whether the incident is False positive or False Negative or True positive. Use SIEM tools IBM Qradar to detect possible signs of security breaches and perform a detailed investigation to confirm a successful breach. Perform root cause analysis (RCA) and appropriately handle the incident as per the defined Incident Management Framework. Following end-to-end Incident Investigation and Incident Response process, ensuring to close the investigation within the defined SLA. Escalation of security incidents to concerned teams and their management and follow-up for closure. Creating tickets in Service now and tracking the status of the incidents. Analysis of daily and monthly reports for incident management and compliance. Real time monitoring of Alerts using Sophos, Microsoft defender. Working in a 24*7 SOC Operations high availability environment. To support the production of regular Information Security Risk reports to the senior management and to key stakeholders. Performing real-time monitoring, Investigating Analysis, Reporting and escalation of security events from multiple log sources. Use EDR Tools to detect possible signs of security breaches and perform detailed investigation to confirm successful breach. Perform root cause analysis and appropriately handle the incident as per defined Incident Management Life Cycle. Monitoring, analyzing the events in EDR and creating a triage report for the Investigation with all the necessary details. Adhering to the process defined by the client and escalating the case. Following end to end Incident Investigation and Incident Response process, ensuring to close the investigation within the SLA. Analyzing malware alerts for Indicator of Compromise (IOC), Investigation and Mitigation of risk. Analyze and response to user reporting phishing email and action on fraudulent email.
Education
No education history added yet
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Skills (11)
Click a skill to find developers with the same skill
