Performing real-time Monitoring, Analyzing, and Investigating of logswith Reporting,Escalation and resolve of various Incidents/Events/Security Alertstriggered in SIEM tool from multiple log sourcesUtilize Firewall, Windows & Antivirus Logs to monitor maliciousactivities on the network, IPS/IDS logs to uncover malicious activitygoing on within networkIdentify and ingest indicators of compromise (IOCs), e.gMalicious IPs/URLs, e.g., into network tools/applications… Show more Performing real-time Monitoring, Analyzing, and Investigating of logswith Reporting,Escalation and resolve of various Incidents/Events/Security Alertstriggered in SIEM tool from multiple log sourcesUtilize Firewall, Windows & Antivirus Logs to monitor maliciousactivities on the network, IPS/IDS logs to uncover malicious activitygoing on within networkIdentify and ingest indicators of compromise (IOCs), e.gMalicious IPs/URLs, e.g., into network tools/applications stay up todate with current vulnerabilities, attacksProviding logs to different teams from Splunk ES as and when requestfor logs receivedMonitoring and perform in-depth analysis of security alerts using theCarbon Black platformPerform Malware Analysis by Static and Dynamic methods to identifymaliciousIOCs-indicator of compromise, taking action around IOCs identifiedCreating Reports issues identified during monitoring the live traffic,also preparing.Preparing reports on daily basis by understanding the incidents todetermine whether it is based on True Positive and False PositiveMonitoring and perform in-depth analysis of security alerts using theSentinelOne platform / Microsoft 365 DefenderCreation of Jira/ServiceNow Tickets with different support teamsbased on the alerts requirement with proper track and closure withjustificationUpdating of shift handover document and ensuring proper handoveris doneSpecialized Proof point TAP, Force point Proxy & Carbon Black EDRInvestigate all reported suspicious emails and determine whether theemails are malicious. Show less

Performing real-time Monitoring, Analyzing, and Investigating of logswith Reporting, Escalation, and resolution of various Incidents/Events/Security Alerts triggered in the SIEM tool from multiple log sourcesUtilize Firewall, Windows & Antivirus Logs to monitor maliciousactivities on the network, IPS/IDS logs to uncover malicious activitygoing on within network.Performing real-time Monitoring, Analyzing, and investigating thealerts with Reporting, Escalation and… Show more Performing real-time Monitoring, Analyzing, and Investigating of logswith Reporting, Escalation, and resolution of various Incidents/Events/Security Alerts triggered in the SIEM tool from multiple log sourcesUtilize Firewall, Windows & Antivirus Logs to monitor maliciousactivities on the network, IPS/IDS logs to uncover malicious activitygoing on within network.Performing real-time Monitoring, Analyzing, and investigating thealerts with Reporting, Escalation and resolve of various EDR tools.Providing logs to different teams from Splunk ES as and when requestfor logs received.Perform Malware Analysis by Static and Dynamic methods to identifythe malicious IOCs-indicator of compromise, taking action aroundIOCs identified.Monitoring and perform in-depth analysis of security alerts using theSentinel One platform.Working on multiple tools to perform a day-to-day task, like havingSymantec AV, SentinelOne Response and Protect, Symantec DLP, andmany more.Investigate all reported suspicious emails and determine whether theemails are malicious, non-malicious or legitimate and reply to the userwho reported the suspicious email with a message reporting thefindings and any recommendationsMonitored system performance and responded to alertsInstalled, configured, and supported local area network (LAN), widearea network (WAN), and Internet system.Coordinated with third-party security information and eventmanagement (SIEM) providers to maintain protections and predictthreats. Show less

Performing real-time Monitoring, Analyzing, and Investigating of logswith Reporting, Escalation, and resolution of various Incidents/Events/Security Alerts triggered in the SIEM tool from multiple log sourcesUtilize Firewall, Windows & Antivirus Logs to monitor maliciousactivities on the network, IPS/IDS logs to uncover malicious activitygoing on within network.Performing real-time Monitoring, Analyzing, and investigating thealerts with Reporting, Escalation and… Show more Performing real-time Monitoring, Analyzing, and Investigating of logswith Reporting, Escalation, and resolution of various Incidents/Events/Security Alerts triggered in the SIEM tool from multiple log sourcesUtilize Firewall, Windows & Antivirus Logs to monitor maliciousactivities on the network, IPS/IDS logs to uncover malicious activitygoing on within network.Performing real-time Monitoring, Analyzing, and investigating thealerts with Reporting, Escalation and resolve of various EDR tools.Providing logs to different teams from Splunk ES as and when requestfor logs received.Perform Malware Analysis by Static and Dynamic methods to identifythe malicious IOCs-indicator of compromise, taking action aroundIOCs identified.Monitoring and perform in-depth analysis of security alerts using theSentinel One platform.Working on multiple tools to perform a day-to-day task, like havingSymantec AV, SentinelOne Response and Protect, Symantec DLP, andmany more.Investigate all reported suspicious emails and determine whether theemails are malicious, non-malicious or legitimate and reply to the userwho reported the suspicious email with a message reporting thefindings and any recommendationsMonitored system performance and responded to alertsInstalled, configured, and supported local area network (LAN), widearea network (WAN), and Internet system.Coordinated with third-party security information and eventmanagement (SIEM) providers to maintain protections and predictthreats. Show less