sajid sayeed

Worked in a 24x7 Security Operations Center ● Monitoring the customer network using ArcSight SIEM ● Act as first level support for all Security Issues ● Analyzing Realtime security incidents and checking whether its true positive or false positive ● Performing Real-Time Monitoring, Investigation, Analysis, Reporting and Escalations of Security Events from Multiple log sources. ● Raising true positive incidents to the respective team for further action ● Creating tickets on service now and assigning it to the respective team and taking the follow-up until closer ● Escalating the security incidents based on the client's SLA and providing meaningful information related to security incidents by doing in-depth analysis of event payload, providing recommendations regarding security incidents mitigation which in turn makes the customer business safe and secure. ● Contacting the customers directly in case of high priority incidents and helping the customer in the process of mitigating the attacks. ● Determine the scope of security incident and its potential impact to Client network; recommend steps to handle the security incident with all information and supporting evidence of security events. ● Monitoring security systems and networks for anomalies ● Work closely with business units to ensure that they know what and how to feed data into the Arcsight SIEM ● Co-ordinate with networking teams to maintain and establish communication to remote Arcsight Connectors ● Investigate malicious phishing emails, domains, and IPs using Open-Source tools and recommend proper blocking based on analysis ● Installing ArcSight Connectors ● Upgradation of ArcSight Connectors ● Integration of new devices with ArcSight such as Windows, Linux, CISCO Firewall, Routers, Switches etc. ● Doing the troubleshooting if any device is not sending the logs to the ArcSight. ● Creation of ArcSight content like Correlation Rules, Query, Report, Dashboards etc. ● Maintain keen understanding of evolving internet threats to ensure the security of client networks

Role: - Manage 24x7 operations at SOC, including event monitoring which includes incident detection, tracking and analyzing on real time basis, report generation. Place: Bangalore Duration: 15-Nov-2020 to 28-Dec-2022 Organization: -Avacend Solution Private Limited Position: - SECURITY ANALYST Key Result Areas: Job Responsibilities: ● Worked in a 24x7 Security Operations Center ● Monitoring the customer network using ArcSight SIEM ● Act as first level support for all Security Issues ● Analyzing Realtime security incidents and checking whether its true positive or false positive ● Performing Real-Time Monitoring, Investigation, Analysis, Reporting and Escalations of Security Events from Multiple log sources. ● Raising true positive incidents to the respective team for further action ● Creating tickets on service now and assigning it to the respective team and taking the follow-up until closer ● Escalating the security incidents based on the client's SLA and providing meaningful information related to security incidents by doing in-depth analysis of event payload, providing recommendations regarding security incidents mitigation which in turn makes the customer business safe and secure. ● Contacting the customers directly in case of high priority incidents and helping the customer in the process of mitigating the attacks. ● Determine the scope of security incident and its potential impact to Client network; recommend steps to handle the security incident with all information and supporting evidence of security events. ● Monitoring security systems and networks for anomalies ● Work closely with business units to ensure that they know what and how to feed data into the Arcsight SIEM ● Co-ordinate with networking teams to maintain and establish communication to remote Arcsight Connectors ● Investigate malicious phishing emails, domains, and IPs using Open-Source tools and recommend proper blocking based on analysis ● Installing ArcSight Connectors ● Upgradation of ArcSight Connectors ● Integration of new devices with ArcSight such as Windows, Linux, CISCO Firewall, Routers, Switches etc. ● Doing the troubleshooting if any device is not sending the logs to the ArcSight. ● Creation of ArcSight content like Correlation Rules, Query, Report, Dashboards etc. ● Maintain keen understanding of evolving internet threats to ensure the security of client networks.

2008: B.Tech. (Electronics & Telecommunication Engineering) from WBUT University 2004: Class 12th from G.G.P.S, Bokaro, CBSE Board 2002: Class 10th from G.G.P.S, Bokaro, CBSE Board