Information Security Analyst
Current-Create API scripts to provide insight into our Qradar SIEM environment - Utilize GCP to enable logging from all organization projects into one centralized bucket using log router.- Configure Google SCC app on Qradar to provide critical insight for SOC analyst to conduct investigations.- Create dashboards to provide visibility into ingestions of logs of company environment and Mergers and Acquisitions-Install Wincollect and Sysmon on Windows machines and configure XML config file to send events to event collectors- Create reports, and rules to provide visibility into the SIEM environment- Parse out fields in log sources using regex to assist with detection in rules and allow for report creation-Configure and maintain logging for various log sources