· Conducts analysis using a variety of tools and data sets to identify indicators of malicious activity on the Network.· Optimized existing security tools by configuring custom rulesets tailored to the client’s specific needs, enhancing threat detections capabilities. · Writing correlations rules, fine tuning SIEM detections rules to reduce false positives.· Coordinates validate and manage the organizations cyber threat intelligence sources and feeds. · Intelligence gathering on current and emerging threats from various sources including dark web monitoring and industry-specific information sharing groups. · Provide Tier-2/3 support to escalated incidents and identifies the root cause of incidents and problems.· Developed and worked in creating various playbooks for SOC via XSOAR automation· Leading regulatory cyber drills and internal cyber tabletop exercises. · PoCs of the new Security tools from a SOC perspective including testing the tools capabilities in threat detection, incident response and overall impact on SOC workflows and efficiency. · Handling EDL within security infrastructure. · Taking down impersonated Domains, Social Media threats, etc. · Guiding and mentoring the team.

· SIEM event trend analysis and writing filters, Identifying and writing correlation rules for the malicious patterns · Fine tuning the correlation rules and writing filter documents to filter out the traffic and reduce the noise in the alerting environment.· Hands on experience with Malware analysis.· Handing of escalated suspicious reported email incidents and EDR alerts· Leading vulnerability assessments (Database standards compliance monitoring) - Scanning, analyzing and getting the non-compliant finding fixed by coordinating with different teams.· Working on DDOS with Service provider for Franklin Templeton network.· Hands on experience with CASB tools (McAfee Mvision and Palo SASE) managing Cloud Access Security Brokers to monitor and secure cloud services. · Trend analysis for Email DLP, Data at Rest, etc. and follow-up actions.· Pentest incidents and finding are fixed by following with concern server/Assert owners.· Tracking all Incidents till Closure, Coordinate with the stakeholders for resolution and reporting.· Timely Detection and identification of intrusions attempts/attacks or suspicious activity and work with cross functional teams for in-depth analysis. · Reports generation from different tools and provided to management like SLA analysis, types of incident management, Escalated incidents, etc.

· Real Time Log analysis from different devices such as Firewalls, IDS/IPS, Windows Servers, UNIX, Proxy Servers, ePO, Web Servers and Networking Devices.· Forensic analysis of the desktops which are infected with worms, virus. Suggest the requiredrecommendations for the infected host after detailed forensic analysis.· Identifying the infected patterns/files and source of infection by thorough forensic analysis (Sys internals)· Hands on experience with Malware analysis.· Email Header Analysis and categorization of phishing mails· Windows, Unix and Linux failed authentication analysis – Identifying for any suspicious behaviors and the Types/source of failed login attempts.· DLP endpoint analysis- Data in Motion and Data at rest.· Tracking all Incidents till Closure, Coordinate with the stakeholders for resolution and reporting.· Compliance management of all network devices and its configuration according to standard build procedures.· Timely Detection and identification of intrusions attempts/attacks or suspicious activity and work with cross functional teams for in-depth analysis.

Data:• Well acquainted with CISCO routers and Switches configuration • Expertise in network switching, designing and network layers• Thorough with IP Protocols, Routing Protocols, etc. • Monitoring of bandwidth utilization of links• Proficiency in using monitoring tools for network systems • Auditing and Hardening of Switches and Routers.• Working on day to day network issues.• Good communication, management, and troubleshooting skills • Hands on experience with troubleshooting ASA firewall issues.Security:• Knowledge about role base access to users. • Configuring, managing of Site to site VPN’s• ACS configuration creating user and resetting passwords.• Experience of developing security policies and mitigate risks

• providing Internet connectivity and technical responsibility for 24 hour to Corporate Customers and Home users• Installing and configuring Cisco Routers/Switches (Catalyst 2950, 3500, SF300, DPC, Optilink 98026, Edge-Core, Voltek )• Designing, implementation, monitoring and maintaining the Network.• Generating Tickets using CRM.• Implementation and testing of LAN/WAN designs in a lab environment, and the creation of documentation necessary before and after deployment.• Hands on experience in maintaining WAN Links, IP addressing and sub netting.• Working over OSPF, EIGRP, RIP-V2 protocols, router on stick method.• Administrating the Network of over 1200+ users• Enabling Switch/TCP ports for end users to establish connectivity • Switching related tasks included implementing VLANS and configuring ISL trunk and 802.1Q on Fast-Ethernet channel between switches• Implemented and maintained network security policies, ACL for local and remote users.• Network Assessment and Documentation (including technical, operational, and economic assessment) • Implementation of TCP/IP & related Services-DHCP/DNS • Setting up user accounts and subscriptions • Good understanding of OSI Model, TCP/IP protocol suite.• Bridging and switching concepts, LAN technologies such as Ethernet-CSMA/CD.• IP addressing and sub netting, Routing concepts, VLSM/CIDR.• Working knowledge with routing protocols - RIP, EIGRP, BGP and OSPF• Switching protocol- STP, RSTP, MSTP• Firewall-Cisco PIX and ASA• Working knowledge of Network Management tools.• Ether Channel, HSRP, multi-layer switching.• IP telephone configuration• Creating User IDS and making subscription plans.• Wireless Router Configuration• Knowledge of MPLS• Setting up VLANS and configuring trunk on Fast-Ethernet channel between switches