Mukul Anand Email and Phone Number

- Palo Alto Cortex - XSOAR deployment- Palo Alto Cortex - XDR deployment- Palo Alto Cortex - XSIAM deployment- ArcSight Platform architecture design and implementation- ArcSight SOAR, Fusion Implementation- Playbooks creation for Security alerts - Security and Network device logs enrichment with SOAR- Script development to capture the security logs for SaaS based application- Troubleshooting the Security devices product related issues- ArcSight Flex Connector development to parse different type of log format.- Integrating SaaS based application with ArcSight.

- Cloud Security Monitoring Assessment- Security Orchestration Automation & Response- Governance, Risk Management and Compliance( GRC)- UAT testing- Software Assessment- Security Assessment- Splunk Implementation - Elastic Cloud Implementation- Integrate Cloud Infrastructure ( Amazon Web Services/Microsoft Azure/ Oracle Cloud/Alibaba) logs to Splunk & ELK - SIEM Solutions- AWS logs integration with ServiceNow- Splunk to ServiceNow integration- Oracle ERP integration with Arcsight- Physical Security integration with Arcsight- SIEM Architecture design & Implementation- Use case development for Cyber attacks

Key Responsibilities/Accomplishments:- Building/Configuration of E2-Instance (RHEL-Linux,CentOS-Linux,Windows Sever-2012, Apache Tomcat ) on Amazon Web Services Cloud.- Deployment/Configuration of Apache Kafka 2.1.0 on cloud. Integration of multiple producers to collect logs and forward to multiple consumers like ArcSight ESM,Splunk,ArcSight Logger.- Deployment/Configuration of ArcSight Management Center 2.8.0 on AWS (Amazon Web Services) Cloud.- Deployment/Configuration of ADP -Logger v6.6.1 on AWS (Amazon Web Services) Cloud.- Deployment/Configuration of SPLUNK 7.1.1 on AWS (Amazon Web Services) Cloud.- Creating Dashboard on SPLUNK instance to monitor other components.- Integration of ArcSight With Different SIEM solutions.- Deployment/Configuration of ESM 7.11 ( Arcsight Enterprise Security Management) on AWS (Amazon Web Services) Cloud.-SuperConnector installation to send co-related events/Arcsight Rule to kafka as well as on Splunk.- Integration of different type of arcsight smart connector to feed logs to two different SIEM solutions. - ArcMc (ArcSight Management Center) Setup & Configuration.- Migration Connector Appliance to ArcMC- Troubleshooting of ArcSight smart connectors, ArcSight ESM.- Administration of ArcSight Connectors such as Installation and configuration. - Aggregation and Normalize the events on Connector level to reduce the License usage.- Troubleshooting : Aggregation,Filteration on Connector Appliances.- Logger and Connector Appliances Configuration Backup & backup restoration..- Health Monitoring of ESM 6.11- Escalating issues to appropriate stake holders for different application issues wherever neededTraining Completed :1) SPLUNK -SIEM Tool 2) QRadar - SIEM Tool 3) Tableau -Data Analytics/Visualization Tool4) Qualys - Vulnerability assessment & Management Tool

Key Responsibilities/Accomplishments:- Working for a US based Company on their location where the prime responsibility includes handling and managing end to end security.- Managing 24/7 security operation Center covering Incident Response, Threat Management and Forensics Investigation.- Providing Subject Matter Expertise in HP Arcsight (SIEM) for monitoring, Content Development (Use cases), appliance back end support and Architecture enhancements.- Handling various technical aspects like project documentation and taking appropriate actions.- Analysing Phishing/SPAM & Compromised User account and take necessary step.- Analysing IOC from different source like NCFTA, TNT, FS-ISAC on packet analyser tool like Moloch.- Weekly Report & Monthly log monitoring Report preparation. - Responsible for Use case, Rule, Dashboard preparation for possible attack. - Responsible for Fine tuning of rules. - Responsible for troubleshooting like logs Caching/dropping/Dead Feed detection etc.- Connector management and checking of caching and dropping events and handling Administrative tasks like health monitoring of Arcsight and as well as the connector health- Contribute in building long term security strategy and roadmap focused on reducing risk to an acceptable level.- Subject Matter Expert in security technologies covering SIEM, IDS/IPS, Anti-malware etc.

Key Responsibilities/Accomplishments:• Responsible for the overall project, defining and ensuring the quality of the deliverables.• Responsible for the log management on 24*7 bases.• Identifying attacks at network, application and system level and report those attacks to the higher level management.• Incident handling and escalation of the attacks to the higher management• Log Monitoring from various organizational network devices.• Daily,Report Weekly Report & Monthly log monitoring Report Prepration.• Responsible for Use case,Rule,Dashboard prepration for possible attack.• Responsible for Fine tuning of rules,Agent installation.Basic troubleshooting.• Performed re configuration of the solution to cater customer's needs• Responsible for reviewing of current setup

Key Responsibilities/Accomplishments: 1) DATA Leakage and Prevention (DLP) : Websense2) Database Activity Monitoring (DAM) 3) Information Rights Maangement (IRM) : FileSeclore• Responsible for the overall project, defining and ensuring the quality of the deliverables• Manage the Security Devices and troubleshoot the issues faced.• Infrastructure management for the DLP ( Data Leakage and Prevention ) devices for high Availability.• Managing thee Policies and configuration for the DLP systems.• Documenting and preparing the KB for issue faced and new requirements.• Assist in the management of IRM, DRM and PIM.• Maintaining documentation about issues faced by customers with Websense DLP.• Performed system health check for their DLP environment• Responsible in reviewing of their DLP policies• Responsible for conducting workshops with BU to identify requirements and further fine tune existing policies to maximize detection and minimize false positives.