• Working in Security Operation Center(24x7), monitoring of SOC events, detecting and preventing the Intrusion attempts.• Monitoring real-time events using SIEM tool like QRadar, LogRhytm• Monitoring, analyzing and responding to infrastructure threats and vulnerabilities.• Collecting the logs of all the network devices and analyze the logs to find the suspicious activities.• Investigate the security logs, mitigation strategies and responsible for preparing generic security… Show more • Working in Security Operation Center(24x7), monitoring of SOC events, detecting and preventing the Intrusion attempts.• Monitoring real-time events using SIEM tool like QRadar, LogRhytm• Monitoring, analyzing and responding to infrastructure threats and vulnerabilities.• Collecting the logs of all the network devices and analyze the logs to find the suspicious activities.• Investigate the security logs, mitigation strategies and responsible for preparing generic security incident reports.• Monitoring 24x7 for Security Alerts and targeted phishing sites by using SIEM tool with the help of technologies such as Mimecast, EDR, Proxy, DLP.• Analyzing daily, weekly and monthly reports.• Creating the tickets in ticketing tool (SNOW).• Doing threat hunting process with the tool of Crowd strike.• Checking all the tickets assigned in the shift are with proper analysis & notes updated regularly.• Acknowledge on qualified security alerts received and investigating the incident with log analysis. Engage required stakeholders & follow-up till closure• Security Advisories - Contribution, Evaluation and Publishing• Identifying the issues/gaps in customer environment and highlighting the risk associated• Responsible to do eyeball monitoring and converting the qualified alerts to an Incident within the customer timeline.• Responsible for providing security advisories on timely basis with instructions of preventive and corrective measures to mitigate potential impact to customers• Responsible to prepare/review Weekly/Monthly SIEM reports with trends and attack vector information• Responsible for shift handovers for the associated projects - both in analyst level & shift lead level• Responsible for giving Proper Knowledge Transfer for the Analysts on Analyzing the Incidents.• Responsible for creation of playbooks for the alerts when client needed any requirement Show less