• Worked in 24x7 operational support• Performing real-time Monitoring, Analyzing, and Investigating of logs with Reporting, Escalation and resolve of various Incidents/Events/Security Alerts triggered in SIEM tool from multiple log sources.• Utilize Firewall, Windows & Antivirus Logs to monitor malicious activities on the network, IPS/IDS logs to uncover malicious activity going on within network.• Identify and ingest indicators of compromise (IOCs), e.g., malicious IPs/URLs, e.g.… Show more • Worked in 24x7 operational support• Performing real-time Monitoring, Analyzing, and Investigating of logs with Reporting, Escalation and resolve of various Incidents/Events/Security Alerts triggered in SIEM tool from multiple log sources.• Utilize Firewall, Windows & Antivirus Logs to monitor malicious activities on the network, IPS/IDS logs to uncover malicious activity going on within network.• Identify and ingest indicators of compromise (IOCs), e.g., malicious IPs/URLs, e.g., into network tools/applications Stay up to date with current vulnerabilities, attacks.• Performing real-time Monitoring, Analyzing, and Investigating the alerts with Reporting, Escalation and resolve of various EDR tools.• Providing logs to different teams from Splunk ES as and when request for logs received.• Monitoring and perform in-depth analysis of security alerts using the Carbon Black platform.• Perform Malware Analysis by Static and methods to identify the malicious IOCs-indicator of compromise, taking action around IOCs identified. Show less

• Worked in 24x7 operational support Utilize Firewall, Windows & Antivirus Logs to monitor malicious activities on the network, IPS/IDS logs to uncover malicious activity going on within network.• Identify and ingest indicators of compromise (IOCs), e.g. malicious IPs/URLs, e.g., into network tools/applications Stay up to date with current vulnerabilities, attacks.• Identify suspicious/malicious activities in SentinelOne EDR and Microsoft 365 Defender and defender for cloud.•… Show more • Worked in 24x7 operational support Utilize Firewall, Windows & Antivirus Logs to monitor malicious activities on the network, IPS/IDS logs to uncover malicious activity going on within network.• Identify and ingest indicators of compromise (IOCs), e.g. malicious IPs/URLs, e.g., into network tools/applications Stay up to date with current vulnerabilities, attacks.• Identify suspicious/malicious activities in SentinelOne EDR and Microsoft 365 Defender and defender for cloud.• Perform domain and email analysis with Proofpoint email gateway.• Participate in phishing campaigns Search firewall, email, web, or DNS logs to identify and mitigate intrusion attempts.• Perform Malware Analysis by Static and Dynamic methods to identify the malicious IOCs-indicator of compromise, taking action around IOCs identified• Investigate malicious phishing emails, domains and IPs using Open-Source tools and recommend proper blocking based on analysis.• Continuously monitoring and interpreting threats using the IDS and SIEM tools.• Investigate all reported suspicious emails and determine whether the emails are malicious, non-malicious or legitimate and reply to the user who reported the suspicious email with a message reporting the findings and any recommendations.• Investigate all security alerts received by making use of all tools and log files possible to determine if the alert is a false positive, a security event, an actual attack, and/or a security incident.• Monitor security events and logs such as proxy logs, IPS/IDS events, Firewall, Active Directory (user verification), Vulnerability scans, Anti-Malware events, Endpoints Security, Web Application Firewall, NetFlow, and Packet Capture.• Create and track incidents and request using ticketing tool: (Service Now).• Perform shift handoff at the end of every shift to provide situational awareness to the incoming shift. Show less

Cyber Security Analyst with proficiency through experience and great understanding of Data Security. Have a deep knowledge in identifying and analyzing suspicious events and network incidents.

Technical skills that are focused on computer systems, software, routing and switching, as well as soft skills and communication, problem solving, and analysis.