G .Naresh Email and Phone Number

 Monitoring and analysis of events generated by various security and network tools like Firewalls, Proxy servers, AV, IPS/IDS, load balancer’s database, System Application, Cloud (Amazon, Azure, and Google) Windows and Linux servers etc... Working as Security Analyst for SOC 24*7 environments. Security Incident Response: Responsible for monitoring of security alerts. Analysis of logs generated by appliances, investigation, and assessment on whether the incident is false positive or True positive.  Use SIEM tools (Q Radar and Splunk) to detect possible signs of security breaches and perform detailed investigation to confirm successful breach. Perform root cause analysis (RCA) and appropriately handle the incident as per defined Incident Management Framework.  Using Active Directory will check the user’s activity sign in logs and access privileges. Following end to end Incident Investigation and Incident Response process, ensuring to close the investigation within defined SLA.  Escalation of security incidents to concerned teams and their management and follow-up for closure. Creating tickets in Service now Tool and tracking the status of the incidents. Analysis of daily and monthly reports for incident management and compliance. Coordinating with Network team, Server team regarding activities and technical issues. Creating vulnerability and remedy reports and reporting them to users. Finding the Critical servers and application inventory from respective business owners and scheduling the scan weekly, monthly, and Quarterly basis. Scanning the environment using (Nessus) finding the vulnerabilities based on the business units and sending the report to respective business owners. Knowledge sharing session with the team members whenever complex incident issues are raised and also lessons learned from other team members.