naresh soc

SOC monitoring, alerting, Incident Response and Investigation using IBM QRADAR and SPLUNK. • Responsible for managing successful resolution of Incidents within defined Service Level Agreements. This includes the escalation, communication and management of all Incidents and monitoring of other open Incidents, Service Requests. • Monitoring all security alerts – Review the alerts and handle them as per the process. This involves working with different groups and ensuring that all the alerts are closed in a timely manner. Also contributes to the process improvements via SPLUNK. • Investigating, analyzing and remediating Security Incidents via SPLUNK and IBM QRADAR. • Support security incident response processes in the event of a security breach by providing incident reporting. • Investigating, analyzing and remediating Security Incidents via SPLUNK. • Analysis of malicious attacks, incidents, vulnerabilities, Fraud Detection. • Responsible for Handling and mitigating attacks related to Malware, Viruses, Spoofing, Phishing, Spam and Email Monitoring. • Familiar with emerging cyber security threats, malwares & their attack vectors. • Creating Queries, Reports and Basic Rules (Testing environment) in SPLUNK. • Prepare daily, monthly and yearly reports and send to Business. • Coordinating with On-call, Threat Intelligence for analysis of the threat related issues. • Handling Spear Phishing Attacks, advanced fee frauds and ensuring Spam Management within SLA • Windows Log source troubleshooting. • Tracking, reporting, and controlling incident communications with other teams. • Working in Security Operation Center (24x7), monitoring of SOC events, detecting and preventing the Intrusion attempts. • Experience in understanding the logs of various network devices (Routers, IDS/IPS, Firewall), operating system (Windows). • Experience on SIEM (Security Information and Event Management) tools like Monitoring real-time events using SPLUNK and IBM QRADAR. • Sound Experience in Monitoring & Investigating the incoming Events in SPLUNK and IBM QRADAR. • Preparing reports as per client request, preparing daily, weekly and monthly report as per client requirement. • Recognizing attacks based on their signatures. • Reporting weekly / monthly dashboards to customer. • My understanding of any business requirements and implementing it from a technical stand-point converts my projects and tasks to success endeavors in a team. • Monitoring, analyzing and responding to infrastructure threats and vulnerabilities. • Ad hoc report for various event sources customized reports and scheduled reports as per requirements. • Experience in cyber - attack methods, perform analysis of security logs to detect unauthorized behavior and provide daily reports to SOC Lead. • Monitoring of SOC events, detecting and preventing the Intrusion attempts. • Collecting the logs of all the network devices and analyze the logs to find the suspicious activities • Investigate the security logs, mitigation strategies and responsible for preparing generic security incident reports. • Responsible for preparing the root cause analysis reports based on the analysis • Generating the Daily, Weekly, Monthly reports from SPLUNK. • Analyzing daily, weekly and monthly reports. • Ad-hoc reports as and when what client requires, monitoring its health etc. • Creating the tickets using BMC Remedy. • Creating case for the suspicious issue and forwarding it to Onsite SOC team for further investigation. • Well versed Understanding of common network services (web, mail, FTP, etc.), network vulnerabilities, and network attack patterns • Experience in performing log analysis and analyzing the critical alerts from a security approach. • Investigate and create cases for the security threats while performing initial triage and escalate for further investigation and mitigation. • Identifying the malicious URL’s and suspicious IP’s from IDS events generated and also blocking the malicious website on proxies

Experienced Security operations Center Analyst with a demonstrated history of working in Incident Management and Response. Skilled in Email security, investigating Security Incidents and coordinating with teams to contain a compromise situation, finding root cause for incidents, making/suggesting changes to improve Security measures in an organization. • Having 4 Years of IT Experience and relevant of 3 years' experience as a SOC Analyst L1 in security monitoring, alerting, incident response and investigation using IBM QRadar and SPLUNK. • Cyber Security Analyst with proficient and thorough experience and a good understanding of information technology. Specialized in proactive network monitoring of SIEM (IBM QRadar and SPLUNK).

SOC Analyst seeking roles in Network Security,Cyber Security,Information Security,Incident Management,Vulnerability Assessment,Email Security,Cloud Security,IBM Qradar,Splunk,Proofpoint,Fireeye,Servicenow,Remedy ITSM,Palo Alto,SonicWall,MS Defender