Bhavik Solanki Email and Phone Number

Responsible for handling various security events and Incidents in banking security operation1) Worked on multiple escalated SOC-related tickets and provided proper resolution2) Analyzed security event data from the network, including SIEM, AV, XDR, Firewall, WAF, Proxy, Smokescreen, APT solution, IDS/IPS3) Searched firewall, email, web, or DNS logs to identify and mitigate intrusion attempts4) Investigated all reported suspicious emails, determining their malicious, non-malicious, or legitimate nature, and provided findings and recommendations5) Identified indicators of compromise (IOCs), such as malicious IPs/URLs, into network tools and applications6) Effectively tracked events using ticketing tools and followed up with relevant teams for resolutions7) Contributed to day-to-day operations, maintaining efficient and productive collaboration with team members.

Compromised Assessment- Malware AnalysisPerformed multiples Compromised Assessment projects includes below details1) Lead a high-stakes compromise assessment project, skillfully identifying and swiftly addressing a critical security breach, effectively minimizing its impact and fortifying the organization's security posture.2) Collaborated seamlessly with cross-functional teams to efficiently remediate security vulnerabilities and bolster the overall security framework.3) Expertly utilized digital forensics techniques to meticulously gather and analyze evidence of security breaches, ensuring a comprehensive understanding of the incident.4) Conducted Threat Hunting and Malware analysis, and extracting Indicators of Compromise (IOCs) from collected samples.5) Crafted meticulously detailed reports, providing invaluable recommendations for enhancing security measures and proactively preventing future incidents.

Incident ResponseResponsible for handling various security events and Incidents in banking security operations on Priority as few mentioned below1) Analyzed alerts and reports from various security tools including PIM, Proxy, Honeypot, Firewall, WAF, and SIEM.2) Investigated and analyze malicious phishing emails, domains, and IPs, recommending appropriate blocking measures.3) Ensured timely response and appropriate actions were taken in processing advisories received from CERT-In/CSITE.4) Conducted both static and dynamic malware behavioral analysis.5) Identified and responded to phishing sites, phishing mobile applications, and smishing attacks.6) Detected and addressed brand abuse, initiating takedown procedures for mobile applications and websites.7) Effectively tracked events using ticketing tools and followed up with relevant teams for resolutions.

Security Operation CenterResponsible for handling various security events and Incidents in banking security operations on Priority as few mentioned below1) Investigate all security alerts received by making use of all tools and log files possible to determine if the alert is a false positive, a security event, an actual attack, and/or a security incident2) Monitor security events and logs such as proxy logs, IPS/IDS events, Firewall, Active Directory (user verification), Anti-Malware events, Endpoints Security, Web Application Firewall. 3) Collaborate with technical and threat intelligence analysts to provide indications and warnings and contributes to predictive analysis of malicious activities4) Perform shift handoff at the end of every shift to provide situational awareness to the incoming shift5) Accountable for integrating and troubleshooting log sources such as Linux, Windows, Security components, network components with ArcSight6) Provide incident response as part of 24*7 security operation center like analysis of inbound/outbound communications based on customized queries and reports generated on SIEM7) Prepare SOP, plan of action for new device implementation and troubleshooting8) Create and track incidents with help of ticketing tool