About
No bio added yet
Skills & Expertise (39)
Work Experience
Security Analyst
Bosch
Mar 2023 - Present
Perform incident response analysis to uncover attack vectors involving a variety of malware, data exposure, phishing, and social engineering methods. Monitor security alerts received from SIEM or other security tools like EDR, DLP, email gateway, proxy, IDS/IPS, firewall, threat intelligence, etc. Carry out Level 2 triage of incoming incidents (initial IR assessment of the priority of the event, initial determination of incident nature to determine risk and damage, or appropriate routing of a security or privacy data request). Providing threat/vulnerability analysis and security logs from larger number of security devices In addition to investigate Incident Response support when there is a threat Investigating and monitoring Network traffic / IDS / Firewall / Endpoint security logs using IBM Qradar and Splunk Insider threat and APT detection or Understanding/ differentiation of intrusion attempts& false alarms. Composing security alert notifications raising ticket to higher officials in ticketing tool Advise incident responders/ other teams on threat and providing evidence and information and tracking the threat resolution Email analysis using various open source tools such as MX Toolbox, redirectdetective.com. Perform malware analysis technique such as static and dynamic to understand and mitigate the effect of worms and virus detected by the end point security and isolate them by creating lab environment sand box and too Identifying and prioritizing vulnerabilities in the network Analysis of notables triggered and taking necessary actions Based on the request related to incident, searching, fetching and sharing the logs to the concerned team. Basic search in Splunk and using the fields, using the tags in Splunk and Have knowledge on creating the dashboards and use cases Monitoring the logs from end devices and investigate offenses or any malicious traffic is observed, then taking an appropriate action involving respective tower (if necessary) based on analysis. Log source integration (Windows, Linux and Network devices) to QRadar. Analysing and Troubleshooting the issues related to web content filtering. Allowing, Whitelisting or blocking the URL, domain or IP's based on the request Monitoring the dashboards related to health monitoring of the Log database, log server, Filtering service and Directory service, database updates. Fetching, sharing the logs using for analysis and if requested respectively. Investigating the suspicious mail and taking necessary actions such as blocking the IPs and URLs, source, sender's mail ID etc by coordinating with different teams. Malicious URL's and domains, Bad Reputed Ips, Suspicious Email ID and Domain, malicious attached documents hash values details updating in Trustar and integrated the same with SIEM to identify the malicious traffic entering into the network. PowerShell Scripting for Security Automation. Developed PowerShell and Python scripts to automate threat hunting tasks and incident response procedures, improving response time by 60%. Created custom detection logic and behavioral rules in Cortex XDR to identify advanced persistent threats (APTs) and lateral movement. Integrated Cortex XDR with Python scripts for automated alert enrichment using external threat intelligence sources. Created scripts for automated collection and analysis of Windows Event Logs to detect lateral movement and privilege escalation attempts. Automated malware scanning and quarantine procedures using custom PowerShell scripts integrated with Windows Defender. Used scripting to extract Indicators of Compromise (IOCs) from log files and cross-reference with threat intelligence feeds.
Education
Bachelor of Engineering - Smt Kamala Sri Venkapap M Agadi College Of Engineering
- 2023 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Citizen
Relocation
Open to Relocation
Skills (39)
Click a skill to find developers with the same skill
