Rahul Tonpe Email and Phone Number

• Perform Security SIEM, Endpoint detection, Clould security operational task:-Analysis, filters, reports, suggestion of fine-tuning on existing rules, Siemplify,Automation.• Monitoring real time security events on SIEM console.• Analyzing security events and log data to identify potential threats or weaknesses.• Good knowledge on networking concepts including OSI layers, TCP/IP, Ports, DNS, DHCP, IPS/IPS etc.• Good understanding of security solutions like Anti-virus, DLP, Proxy, Firewall, IPS, Email Security etc.• Hands on experience with LogRhythm, Securonix SIEM, Sumo Logic & Dark trace tool for event monitoring and analysis.• SIEM Tool : 1) LogRhythm 2) Securonix 3) Sumo Logic 4) Dark Trace• Endpoint detection : Falcon -Crowd Strike • Security Tools : Firewalls: Cisco ASA, Paloalto Firewall, Cisco ESA, Service now,• Cloud Security: Proof Point TAP and TRAP, Imperva, prisma cloud, Azure, Crowd Strike • Anti-virus: Symantec end point detection, Symantec DLP• WAF: Barracuda

Day to day monitoring on SIEM Tools.• Monitor and Investigate alerts in SIEM Dashboard.• Perform Security Monitoring and reporting, analyze security alerts and escalate security alerts.• Provide first response analysis and investigation based on logs and alerts from different alert sources: Anti-virus, WAF.• Document and escalate incidents-including event’s history, status and potential impact for further action.• Creating dashboard for security monitoring.• Creating AI engine rules as per IOC’s from threat intelligence sources like Qcert, Symantec, and Cisco.• Whitelisting IP’s as per client requirement.• Provide information regarding intrusion events, security incidents, and other threat indication and warning information.• Provide real-time guidance to clients on network configuration, security settings and policies and attack mitigation procedures.• Reporting monthly internal and external traffic bar graph.• Creating and maintaining operational report for weekly and monthly basis.• System handover and everyday checking the system health status.• Working on assign tickets queue and understanding and exceeding expectations on all tasked SLA commitments• Track and report on closure of tickets as per SLA.• Escalating issues to level2 (or) level3 and management when necessary.• Regular health checks monitoring, log analysis and reporting.• Worked in 24x7 operational support• Finding false positive, fine tuning and escalating Security events.