Experience

Trojan Hunt India LLP

• India
• Computer and Network Security
• 1 - 100 Employee

• SOC Analyst

  • Mar 2023 - Present

  Worked in a 24x7 Security Operations Center. Monitoring the customer network using Qradar SIEM. Act as first level support for all Security Issues. Analyzing Realtime security incidents and checking whether its true positive or false positive Performing Real-Time Monitoring, Investigation, Analysis, Reporting and Escalations of Security Events from Multiple log sources. Raising true positive incidents to the respective team for further action Creating tickets on service now and assigning it to the respective team and taking the follow-up until closer. Escalating the security incidents based on the client's SLA and providing meaningful information related to security incidents by doing in-depth analysis of event payload, providing recommendations regarding security incidents mitigation which in turn makes the customer business safe and secure. Contacting the customers directly in case of high priority incidents and helping the customer in the process of mitigating the attacks. Determine the scope of security incident and its potential impact to Client network; recommend steps to handle the security incident with all information and supporting evidence of security events. Show less



Arrowbench Solutions Pvt Ltd

• Bengaluru, Karnataka, India

• Security Analyst (SOC)

  • Jan 2021 - Apr 2023

  • Monitor SIEM alerts, and analyze events in the SIEM tool (ArcSight & Splunk). • Analyzing events in the SIEM tool and raising incidents using Ticketing tools like Service Now etc. • Generating tickets for validating incidents. • Assist in identifying Root Causes of incidents. • Knowledge of performing Real-Time Monitoring, Investigation, incident Analysis, Reporting • Knowledge of malware analysis and email analysis & IP analysis. • Investigate malicious phishing emails, domains, and IPs using Open-Source tools like mxtoolbox, IP void, and Virus total and recommend proper blocking based on analysis. • Knowledge of Installing and Uninstalling processes of ArcSight Connectors. • Upgradation of ArcSight Connectors. • Knowledge of Integration of Windows and Syslog devices with ArcSight. • Integration of windows devices such as CISCO ASA firewall, router, switch, etc. • Creation of ArcSight content like Active channels, Reports, queries, Trends, Dashboards, etc. • Working knowledge on creating active channels, reports, dashboards, and alert creation. • Doing the troubleshooting if any device is not sending the logs to ArcSight. Show less



SIEM XPERT

• India
• Computer and Network Security
• 1 - 100 Employee

• Security Analyst Intern (SOC)

  • Jul 2020 - Dec 2020