Handling security operations and deployment for multiple customers. Proactively, performing threat hunting, researching IOCs and triaging critical events.Responsible for triaging, troubleshooting, on boarding, decommissioning, and creating weekly and monthly reports for assigned customer.Managed Security Services for Premium Customers:• Successfully triaged and escalated approximately 500 security events weekly for 30+ customers,ranging from financial institutions to the energy sector; addressed escalations and Service Requests(SRs) for customers.• Utilized LogRhythm and ArcSight to ensure platform availability, verified smart responses,addressed partial failures, and performed threat hunting; utilized ServiceNow to triage events andescalations in sync with SIEM toolsOn Site Deployment:• Proficiently managing troubleshooting, on boarding log sources, facilitating decommissioning, and crafted weekly and monthly reports for assigned customer.• Performing in-depth analysis of critical events; utilizing customer’s tools to detect anomalies and verify events, detected patterns through threat hunting.

Here, as a part of internal SOC Team, used in-house tools to identify, examine, and triage security incidents.Maintained SOPs, collaborated with internal teams, and bridged between Blue and Red teams to remediate security gaps.Key Responsibility areas:• Examined network security event data (Intrusion Detection Systems, Security Information and Event Management) with precision to pinpoint and swiftly counter intrusion attempts and breaches with efficacy using Splunk.• Utilized Palo Alto Demisto in conjunction with ServiceNow to efficiently triage and track events, meticulously ensuring the completeness of playbooks within Demisto.• Leveraged Proofpoint to detect, block, and analyze phishing emails, ensuring robust protection against phishing• Employed O365 proficiently for comprehensive searches, facilitating the identification of binaries/executable and gathering detailed information on enterprise devices and cloud services.• Leveraged Data Loss Prevention (DLP) technology to precisely detect and safeguard Personally Identifiable Information (PII); used solutions like Code42 and O365 DLP to uphold compliance standards, safeguarding sensitive information from unauthorized disclosure.• Engaged in close collaboration with the Red Team to meticulously pinpoint, enumerate, and rectify vulnerabilities.

Key responsibility areas:- Analyzed network security event data (IDS, SIEM) to identify and respond to intrusion attempts and compromises effectively.- Ensured the integrity and protection of networks, systems, and applications by enforcing organizational security policies and monitoring vulnerabilities.- Utilized DLP technology to identify and protect PII in alignment with corporate policies and standards.- Collaborated closely with the Red team to identify, enumerate, and remediate risks.- Derived results by actively monitoring and enforcing organizational security policies.- Fostered a proactive security culture by promoting the identification and mitigation of potential threats and compromises.

Contributed to the OWASP Chandigarh Chapter as a mentor and guide, imparting knowledge and support to fellow members.

Performed assessments through Private invites and for small-sized companies; acknowledged byover 30 companies including Mercedes, Indeed, and Dell, received kind and swag for contributionsto security assessments and disclosure of vulnerabilities.https://bugcrowd.com/ogzlav/achievements