About
Rajesh is a Security Analyst with 5 years of experience in investigating routine security related breaches and incidents. In his role, he is the first responder to incidents. This includes Investigating routine security related breeches and incidents. Monitoring security related tools, resources, equipment and functions. Analyzing security and log data to identify potential threats or weaknesses.
Skills & Expertise (43)
Work Experience
Information Security Operations Analyst
Happiest Minds Technologies LTD
Jun 2021 - Sep 2022
Ensure to monitor, investigate and all the alerts triggered in Siemplify console. Ensure to monitor, Analyze and all the events triggered in Varonis, Intsights, and SenseOn console. Creating Playbooks in Siemplify Portal (Case management tool). Monitoring and investigating the MS Defender alerts. Established Logical Access Management, Log Management and Remote access Management and Operations adhering to company security policy, regulatory and legal implications. Experience with vulnerability scanners Such as Nessus, Nmap, Metasploit, and Wireshark. Vulnerability Assessment Plan preparation and Performing VA including Port Scanning for all Servers & Preparing Mitigation plan for observed Vulnerabilities. Good understanding of OWASP Top 10, IDS, IPS, Threat modeling and cyber Attacks like DOS, DDOS, MITM, SQLi XSS and CSRF. Handling Enterprise system logs including application logs, Syslog etc. and implement appropriate strategies to address any issues arising. Perform routine equipment checks and preventative maintenance. Troubleshoot and conduct system health checks. Identifies security risks, threats and vulnerabilities of networks, systems, applications. Worked in 24x7 operational support. Updating Blacklisted IP details on daily basis based on inputs from IP-void. Escalated issues to L2, as part of process. Performing the vulnerability assessment on given network. Perform hunting for malicious activity across the network and digital assets. Monitoring proxy logs & cases on high bandwidth for unwanted external sites, suspicious downloads/uploads Checking connectors’ health status & reporting it to the Admin team. Perform Analysis on worms and viruses detected by McAfee EPO and AV agent and Isolation Virus/Malware/Spyware issues. Complete daily and weekly system health checks. Respond to all incidents and service requests and bring together additional information to either resolve or escalate the issue to the appropriate teams.
Cyber Security Analyst
Microline Information Systems Pvt LTD
Jan 2023 - Present
Continuous Monitoring and Analysis: Vigilantly monitor and analyze a wide spectrum of security events generated by various tools including Firewalls, Proxy servers, Antivirus software, Intrusion Prevention/Detection Systems (IPS/IDS), Cloud platforms (Microsoft Defender, Amazon Web Services, Microsoft Azure, Google Cloud Platform), as well as Windows and Linux servers. Incident Handling and Response: Execute end-to-end Incident Investigation and Response processes, adhering to predefined SLAs, to swiftly address security incidents. This involves promptly escalating security alerts, conducting thorough investigations based on log analysis, and ensuring timely resolution. Utilization of SIEM Tools: Leverage advanced Security Information and Event Management (SIEM) tools such as LogRhythm and IBM QRadar to proactively detect potential security breaches, conduct in-depth investigations, confirm breach occurrences, and perform root cause analysis (RCA) in alignment with the Incident Management Framework. Incident Escalation and Follow-Up: Escalate critical security incidents to relevant teams and management, ensuring comprehensive follow-up to guarantee closure within stipulated timelines. Proactive Threat Management: Provide insightful recommendations for proactive threat hunting and detection, enhancing the organization's ability to thwart emerging cyber threats. Ticketing and Reporting: Proficiently create and manage tickets utilizing ticketing platforms like ServiceNow and Jira. Additionally, analyze daily and monthly incident management reports using Microsoft Excel and Word, facilitating informed decision-making. Collaboration and Coordination: Collaborate closely with Network and Server teams to address technical issues and coordinate activities effectively, ensuring seamless integration of security measures. Vulnerability Management: Conduct comprehensive vulnerability assessments using tools like Qualys and Nessus, identifying critical servers and applications, and scheduling regular scans on a weekly, monthly, and quarterly basis. Engage posture. With respective business owners to communicate vulnerability reports and coordinate remediation efforts. Engagement with Business Units: Participate in calls with business owners, Windows, and Linux teams to schedule Vulnerability Management patching and remediation activities, ensuring minimal disruption to business operations while enhancing overall security.
Education
B.Tech - Abdul Kalam Institute of Technology & Sciences (AKITS) Kothagudem
- 2014 · Afghanistan
