RAMANUJ JAISWAL

Gurugram

Profile Score

About

As a SOC Analyst with +2 years of hands-on experience, I monitor security logs, detect, and respond to cybersecurity threats in real time to safeguard critical organizational assets. Proficient in SIEM, SOAR, Microsoft Defender, and advanced security health monitoring tools, I investigate incidents, mitigate risks, and ensure the integrity, confidentiality, and availability of systems and data. I specialize in proactive threat detection, incident response, and backend system management, collaborating with cross-functional teams to strengthen security measures, optimize SOC operations, and minimize the impact of cyberattacks.

Skills & Expertise (29)

Graylog Advanced

8.8/10

Years Exp

AWS EC2 Advanced

8.5/10

Years Exp

Python Advanced

8.1/10

Years Exp

LINUX Splunk Windows GCP Microsoft Azure Zabbix Grafana Cyberchef SynapsInt IP Void MX Toolbox CISCO Talos Virus Total MISP Leadership Problem-solving Communication Analytical Thinking Bash SQL IDS/IPS Darktrace FortiGate Cisco ASA Palo Alto Sentinel

Work Experience

Cybersecurity Consultant

Nihon Cyber Defence, Pvt. Ltd.

Dec 2023 - Present

SIEM Deployment & Management: Successfully deployed Graylog SIEM architectures for multiple clients, ensuring optimal performance and rapid issue resolution. Threat Detection Rules Development: Developed SIEM detection rules based on the MITRE ATT&CK framework and validated them using RedAtomic (Atomic Red Team), enhancing overall threat detection capabilities. Zabbix Monitoring: Deployed Zabbix Server and integrated it with client SIEM machines, enabling proactive monitoring and alerting across multiple environments. Automation via Scripting: Developed Python and shell scripts to automate monitoring of Graylog nodes and streamline Zabbix server deployment, reducing manual intervention and improving operational efficiency. AWS Resource Management: Managed scalable and cost-efficient AWS EC2 infrastructure with performance monitoring via CloudWatch and CloudTrail. Incident Response: Assisted in containment, analysis, and recovery during security breaches, leveraging the Cyber Kill Chain methodology. Reporting & Insights: Generated and presented weekly and monthly SIEM and executive reports for clients, including detailed IP reputation analysis in Excel. MISP: Integrated MISP threat intelligence and Virus Total with SIEM, improving threat detection accuracy by 80%. MS Defender: Improved organizational security by leveraging Microsoft Defender for phishing email analysis, vulnerability assessment, and remote endpoint protection and management. Monitoring and Dashboard Management: Developed Grafana dashboards for real-time performance visualization and managed SIEM/security alerts using the Zammad ticketing system.