About
Having 3+ years of experience in SOC Monitoring, with security operations including Incident management through SIEM. Experience in Security Monitoring and Operation. Experience in Incident Response Life Cycle. Experience on SIEM (Security Information and Event Management) tools like Monitoring real-time events using tools like Microsoft Azure Sentinel, IBM QRadar and Splunk. Working on Recent threats and Recent Vulnerabilities. Filling the Daily health checklist. Created SOP RUNBOOKS for various alerts. Reporting weekly / monthly dashboards to customer. Preparing daily, weekly, and monthly report as per client requirement. Preparing documents & templates for escalations.
Skills & Expertise (19)
Work Experience
SOC Analyst
Tata Consultancy Services
Nov 2022 - Present
Working on the Azure Sentinel providing operations support at the Security Operations Centre for different member firms. Experience in Phishing and malware analysis. Extensive knowledge on Cyber Kill Chain and Mitre Frameworks. Monitoring & analyzing incoming Events in a network. Monitoring AV logs in ESM & raising case for malware infections. Monitoring Windows logs & raising cases for login failures & lockouts based on defined thresholds. Experience in SOP Documentation. Experience in preparing weekly reports, monthly reports and daily reports. Exposure to Ticketing tool like ServiceNow. Investigate security alerts, logs, and indicators to identify threats. Perform incident response, containment, and escalation as per SLA. Prepare security incident reports and mitigation recommendations. Create incidents for all alerts/findings and regular updates on overall analysis as per the defined SLA’s. Displaying the event data in different layouts by defining Dash Boards & Data Monitors. Checking the overall system health, Connectors health & reporting it to the Admin. Team on daily basis. Providing daily, weekly and monthly reports of incident activity. Security Incident Response and closure of Incidents within SLA using ServiceNow& Service Desk Performing Health check of network security devices. Analyzing Phishing and Spam related activities and notifying to the users. Preparing daily and weekly dashboard on the security threats and trends on the network. Working on Real time network traffic by analyzing the logs from IDS and Firewalls through SIEM Tool. Handling the complete incident management framework cycle right from incident identification, incident containment, performing root cause analysis, suggestion and implementation of preventive and corrective controls and perform network analysis as needed on a case to case basis. Participate in weekly and monthly review calls with client and team meetings to review status of the issues and to provide process updates. Providing 24x7 on-call support & coordinating with required Teams to resolve the high security issues.
Education
B.Tech - Jawaharlal Nehru Technological University
- 2021 · Afghanistan
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Citizen
Relocation
Open to Relocation
