About
Having 4.1 years of experience as a SOC ANALYST & Security Analyst in the field of Cyber security Operations for 24*7 SOC environment using the SIEM tools Azure Sentinel, ArcticWolf, Alert Logic, Microsoft XDR, Azure Active Directory (EntraID), XSOAR, and Qualys Guard VMDR and Patch Management, Crowdstrike EDR, Microsoft Defender, Mimecast email gateway. As a Security Analyst working with web application, network, and API Pentesting using the NMAP, Burpsuite, Nessus, and Nexpose.
Skills & Expertise (23)
Work Experience
SOC Analyst L1 & L2
SAP - Germany
Jan 2024 - Present
Perform root-cause analysis of incident and working with eradication upon client approvals. Perform threat hunting to identify adversaries tactics and techniques and working with client hunting tasks on daily basis. Actively engage with clients and stakeholder on daily basis to discuss and approvals. Performed L2 analyst tasks by doing advanced analysis of various used cases via notables, reports and dashboard using Splunk ES app. Providing suggestions to fine-tune alerts that are configured. Tracking, reporting and controlling incident communications with other teams. Proactively reviewing and operationalizing threat intelligence in order to create alerting to detect techniques, tactics and procedures employed by threat actors. Provide regular threat intelligent reports to executive management of the clients. Perform passive reconnaissance using dark web tools like Intel 471, domain tools etc. as a part of security due diligence. Provide a detailed analysis on reachable domains/assets, look-a-like domains, phishing campaigns, open vulnerabilities, web hosting etc. using the OSINT technologies.
SOC Analyst L1
Wipro - MSSP
Dec 2021 - Dec 2023
Conduct daily collection and monitoring of sources from Deep, Dark web and OSINT. Lead hunting efforts based on intelligence requirements for dark web, fraud and phishing investigations. Produce advance vulnerability reports by analyzing the published CVEs and how threat actors are exploiting the vulnerabilities. Identifying potentially malicious domains affecting the customers and reporting them to the web host using various domain look up tools. Providing Ad hoc event and crisis coverage on social sites as per customer Requirement. Monitor for PII, PHI, PFI, sensitive corporate data from illicit sources. Manually hunting for Fraudulent Job Posting, Marketplaces - Counterfeit Goods, Piracy - Media Integrity, Scams- Giveaway, Scams - Money Flipping on social networks. Monitoring for inappropriate use of customer logo using various reverse image tools. Search social sites (specifically the Big 5 networks) for impersonations of Executives & Brands of Zerofox Customers and reporting them to the respective network using trademark given by the customers. Performed end-to-end incident management by monitoring, analyzing and reporting, breaches, attacks, malicious activities through raw logs, alerts and dashboards using Splunk ESM. Also performed advanced incident response and to provide enhanced malware detection by monitoring any phishing attempts through mailbox. Ensuring quality call handling and call escalation adhering to SLA. Responsible for incident management and change management process handling. New device integration and use case creation. Finding the Critical servers and application inventory from respective business owners and scheduling the scan weekly, monthly and Quarterly basis. Knowledge sharing session with the team members whenever complex incident issues are raised and also lessons learned from other team members.
Education
B.Tech (Mechanical) - SVCE(Tirupati) – JNTUA
- 2021 · Afghanistan
