About
Performance-driven Cyber Security professional with 9 years of experience managing enterprise security operations and incident response across global environments, including in-depth analysis and investigation of security incidents using SIEM & EDR solutions to reduce cyber risks, implement corrective and preventive actions within defined SLAs, and strengthen organizational security. Known for leading high-performing teams and aligning security initiatives with business objectives to deliver measurable improvements in security posture and customer satisfaction.
Skills & Expertise (24)
Work Experience
Assistant Manager (SOC Lead)
Deloitte India
Feb 2023 - Present
Supervise and coordinate day-to-day SOC operations, including monitoring, detection, and incident response ensuring timely identification and resolution of incidents. Handle SIEM, EDR and phishing alerts on a day-to-day basis. Handling third-party vendor breach related incidents. Mentor and guide SOC analysts (Tier 1, Tier 2, Tier 3), driving performance and foster a collaborative team culture. Ensure adherence to escalation procedures and response timelines by monitoring key metrics such as Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR). Prepare status reports and lead client calls, providing timely updates and insights during status meetings. Involved in the customer interaction, generation and presentation of the different customized Reports and Dashboards to present a clearer view on various events. Assisting SIEM engineering team in validating the existing SIEM use cases and providing fine tuning and automation suggestions. Act as backup for Threat Intel team and manage TI tasks when required. Create and maintain vulnerability management reports and lead remediation calls to drive resolution efforts. Review and update SOPs to enhance process efficiency and compliance. Preparation of shift rosters for all the team members.
Sr. SOC Analyst
HCL Technologies
Dec 2021 - Feb 2023
Worked as a Security Analyst in SOC operations for real-time monitoring, analyzing logs from various security appliances. Searching, monitoring and analyzing alerts using SIEM tools. Auditing and preventing any malicious events in the endpoint devices using CrowdStrike and FireEye. Analyzing phishing, spam emails targeted to users, identifying email headers associated with incoming emails & investigating. Performing threat analysis and mitigating or classifying it as benign. Experienced in web gateway tools such as Symantec WSS and capable of whitelisting and blacklisting domains to ensure network safety and analyzing domain logs to detect and respond to security threats, ensuring network integrity. Proficient in handling diverse security alerts, including unfamiliar sign-in properties, logins from anonymous IPs, detection of malicious URL clicks, and mitigating password spray attacks, ensuring robust protection of digital assets and user privacy. Good knowledge on Incidents involving threats like Ransomware, Malware Uncleaned Machines, Bot C&C activity, Data Outbound transfers, Excessive firewall deny events etc. Coordinating with vendors for operational issues. Documenting the procedure & technologies and actively participating in knowledge transfers and contributing to adhere to the SOPs. Creating access policies, URL whitelisting & blacklisting, URL bypassing and reporting using WSS proxy. Managing user requests, Shift Handovers, striving for customer satisfaction. Escalation and coordination with the other domains for unresolved incidents. Good communication and presentation skills. Handling SIEM Operations like Log source Integration, creation of use cases and fine tuning.
SOC Analyst
Capgemini
May 2020 - Dec 2021
Worked as a Security Analyst in SOC operations for real-time monitoring, analyzing logs from various security appliances. Searching, monitoring and analyzing alerts using SIEM tools. Auditing and preventing any malicious events in the endpoint devices using CrowdStrike and FireEye. Analyzing phishing, spam emails targeted to users, identifying email headers associated with incoming emails & investigating. Performing threat analysis and mitigating or classifying it as benign. Experienced in web gateway tools such as Symantec WSS and capable of whitelisting and blacklisting domains to ensure network safety and analyzing domain logs to detect and respond to security threats, ensuring network integrity. Proficient in handling diverse security alerts, including unfamiliar sign-in properties, logins from anonymous IPs, detection of malicious URL clicks, and mitigating password spray attacks, ensuring robust protection of digital assets and user privacy. Good knowledge on Incidents involving threats like Ransomware, Malware Uncleaned Machines, Bot C&C activity, Data Outbound transfers, Excessive firewall deny events etc. Coordinating with vendors for operational issues. Documenting the procedure & technologies and actively participating in knowledge transfers and contributing to adhere to the SOPs. Creating access policies, URL whitelisting & blacklisting, URL bypassing and reporting using WSS proxy. Managing user requests, Shift Handovers, striving for customer satisfaction. Escalation and coordination with the other domains for unresolved incidents. Good communication and presentation skills. Handling SIEM Operations like Log source Integration, creation of use cases and fine tuning.
Network Security Analyst
Wipro
Mar 2017 - May 2020
Worked as a Security Analyst in SOC operations for real-time monitoring, analyzing logs from various security appliances. Searching, monitoring and analyzing alerts using SIEM tools. Auditing and preventing any malicious events in the endpoint devices using CrowdStrike and FireEye. Analyzing phishing, spam emails targeted to users, identifying email headers associated with incoming emails & investigating. Performing threat analysis and mitigating or classifying it as benign. Experienced in web gateway tools such as Symantec WSS and capable of whitelisting and blacklisting domains to ensure network safety and analyzing domain logs to detect and respond to security threats, ensuring network integrity. Proficient in handling diverse security alerts, including unfamiliar sign-in properties, logins from anonymous IPs, detection of malicious URL clicks, and mitigating password spray attacks, ensuring robust protection of digital assets and user privacy. Good knowledge on Incidents involving threats like Ransomware, Malware Uncleaned Machines, Bot C&C activity, Data Outbound transfers, Excessive firewall deny events etc. Coordinating with vendors for operational issues. Documenting the procedure & technologies and actively participating in knowledge transfers and contributing to adhere to the SOPs. Creating access policies, URL whitelisting & blacklisting, URL bypassing and reporting using WSS proxy. Managing user requests, Shift Handovers, striving for customer satisfaction. Escalation and coordination with the other domains for unresolved incidents. Good communication and presentation skills. Handling SIEM Operations like Log source Integration, creation of use cases and fine tuning.
Education
B.Tech(ECE) - Haldia Institute Of Technology, WB
- 2016 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Skills (24)
Click a skill to find developers with the same skill
