• Protecting the critical infrastructure from malicious attacks through various security technologies for the Clients.• Experience working in SOC environment as SME; monitoring QRadar, research, assessment and analysis on Intrusion Detection and Prevention tools as well as Anomaly Detection systems, Firewalls, Antivirus systems, proxy devices.• Monitoring and Handling Cybereason Alerts.• Daily tasks include Log monitoring & analysis, Incident response, Computer forensics, and Malware analysis• Provide technical guidance and mentorship to team members.• Participate in all the phases of incident response, including detection, containment, eradication, post-incident reporting and writing Splunk query on used cases

Analyze and respond to security threats from SEAM for Firewall (FW), Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Antivirus (AV) and other security threatsRespond to inbound requests via phone and other electronic means for technical assistance with managed servicesRespond in a timely manner (within documented SLA) to support, threat and other casesMonitor customer devices and services to quickly identify, escalate and resolve incidentsDocument actions in cases to effectively communicate information internally and to customersWork as an integral part of a global team delivering high-value Managed Security Services (MSS).Work closely with stakeholders and other regional SOCs as required.Adhere to policies, procedures, and security practices

• Protecting the critical infrastructure from malicious attacks through various security technologies for the Standard Chartered Bank.• Experience working in SOC environment; monitoring, research, assessment and analysis on Intrusion Detection and Prevention tools as well as Anomaly Detection systems, Firewalls, Antivirus systems, proxy devices.• Follow pre-defined actions to handle BAU and High severity issues including escalating to other support groups. Execute daily adhoc tasks as needed.• Provide technical guidance and mentorship to team members, as proper.• Experience working in SOC environment; monitoring and analyzing network traffic, host-based security logs and IDS alerts• Diagnoses risk, security and compliance incidents and issues that may involve extensive analysis, and recommends resolutions to management.• Monitoring DDOS alerts

• Protecting the critical infrastructure from malicious attacks through various security technologies for the World Bank Group• Data mining from the SIEM logs and works with the Intelligence community to identify unknown threats.• Packet level analysis through Wireshark to identify the root cause.• Perform monitoring, research, assessment and analysis on Intrusion Detection and Prevention tools as well as Anomaly Detection systems, Firewalls, Antivirus systems, proxy devices (ArcSight, Palo Alto Networks, etc.)• Record detailed Incident Response activities in the Case Management System.• Diagnoses risk, security and compliance incidents and issues that may involve extensive analysis, and recommends resolutions to management.• Participate in all the phases of OIS incident response, including detection, containment, eradication, post-incident reporting and writing Splunk query on used cases.• Analyzing suspicious mails [Abuse, spam, phishing, vishing, scam] and its attachments.• Investigating APT and Network Intrusion Attacks.• Incident and Root cause Analysis, Incident Report creation and Qualitative analysis, documentation.• Served as a consulting resource for Web security related matters including users awareness, training and education• Provides technical guidance and mentorship to team members, as proper.

Duties & Responsibilities:• Experienced as Security Analyst in protecting the critical infrastructure from malicious attacks through various security technologies for the World Bank• Daily tasks includes Log monitoring & analysis, Incident response, Computer forensics, and Malware analysis.• Monitor OIS mail service accounts (abuse, OIS general, eServices, etc) for security events, triage, and establish threat levels based on asset classification and data classification.• Record detailed Incident Response activities in the OIS Case Management System.• Monitoring and analyzing the security event arises through Snort, Site Protector, Secure works, Arcsight, Mcafee epo issues.• Managing a team for analyzing Advanced Persistent threats, Spear Phishes• Reverse Engineering APT Malware samples from Intelligence Sources.• Investigating APT and Network Intrusion Attacks.• Provide global updates and statistics regarding Intrusion Detection analysis• Perform research on vulnerabilities and calculate CVSS scores to determine the criticalness of the vulnerability• QualysGuard reports for vulnerabilities and provide appropriate patching and remediation plan of action for each high level vulnerability.• Analyze the security patches released by Microsoft and assist the patching team to determine the severity of each patch in context with the environment

Responsibilities: • Handling McAfee Site Advisor• Writing VIL (Virus Information Library) Of McAfee has detailed information on viruses, Trojans, hoaxes, vulnerabilities and Potentially Unwanted Programs, where they come from, how they infect your system and how to mitigate or re-mediate them• Classifying the threats based on the behavior using various reverse engineering tools to monitor Registry, Directories, Folders and Network activity• Analyzing malware and add DAT for those malicious content• Handling McAfee Site Advisor• Writing VIL (Virus Information Library) Of McAfee has detailed information on viruses, Trojans, hoaxes, vulnerabilities and Potentially Unwanted Programs

Jr.Research analyst(2.7yrs experienced) in COMODO security solutions Chennai,In the field of Malware Collection, Research and analysisResponsibilities: • Gained knowledge about the types of malware and its behavior, Dynamic Analysis of malware and PE Structure and the registry keys that are accessed and modified by the malwares• Gained knowledge about important Windows API Functions• Learnt about unpacking techniques for different types of Packers• Responsible for collection of Malware from Various sources, such as surfing, Forum, Groups and Trading • Analyzed the Malware Behaviors• Handled Honeypots• Maximized collection of new malwares• Created Signatures for COMODO BO Clean and COMODO Antivirus• Involved in Samples Exchanging with other AV Companies• Member of First Response Group-Responsible for handling False Positives, malware collection from various sources and creating immediate detection for latest threats

Certified in Mainframe (System Programming and Administration) from Maples ESM Technologies Pvt Ltd.,