- Led hands-on research and development initiatives on the Wazuh platform, successfully adding new features to enhance its monitoring and security capabilities.- Deployed and administered a range of endpoint security solutions, including EDR (Endpoint Detection and Response), XDR (Extended Detection and Response), and EPP (Endpoint Protection Platform), ensuring robust protection across organizational networks.- Managed and optimized endpoint security tools, driving the implementation of best practices to mitigate risks and enhance overall cybersecurity posture.

• Creating use cases on SIEM mapped with MITRE ATT&CK Framework• Tuning false positive alerts and amendments in already created use cases for better detection• Creating incident response plans for different attacks• Creating documentation on every lesson learned• Developing guidance documents to follow new processes or technologies in a SOC environment• Escalating alerts escalated by L1 to the client for execution of action• Continuously performing threat hunting to find loopholes in detection in the environment

• Monitor and analyze security alerts and incidents on the client's network and systems.• Promptly escalate true positive alerts to the relevant teams for immediate action, and escalate any detected leaky banking credentials to the appropriate team to swiftly block affected cards or accounts.• Perform initial triage on detected security events and escalate incidents as necessary.• Assist in maintaining and updating security documentation, procedures, and client inventory.• Collaborate with other team members to improve the organization's overall security posture and enhance security measures effectively.• Utilize Jira/Outlook Email for efficient client communication, ticketing, and incident tracking, ensuring a streamlined and transparent process for addressing security concerns and providing timely updates to clients.Current and Past Technologies in My Toolbox:Endpoint Security Tools:CrowdStrike EDRMicrosoft Defender XDRTrend Micro Vision OneKaspersky EPPSIEMs:IBM QRadarSecuronixAlien Vault USMThreat Intelligence Platforms / Information Security Sources:CTM360 CyberBlindSpotCTM360 ThreatCoverCTM360 HackerViewEmail Security:Trend Micro Deep Discovery Email InspectorMicrosoft EOP

• Thoroughly examined each cybersecurity domain with a keen eye to gain a deep understanding of its functionality.• Understood the CIA Triad theory, covering data privacy, accuracy maintenance, and emergency planning in information security.• Explored the theory behind multi-factor authentication (MFA) and the importance of auditing user activities.• Learned about network configurations, monitored network traffic, and designed secure networks theoretically.• Studied security risk analysis, created security policies, and stayed updated on cybersecurity trends from a theoretical perspective.• Dived into theoretical concepts for managing user access and conducting security audits.• Monitored and analyzed security alerts and incidents within a practice environment for learning.• Actively used IBM QRadar as a SIEM solution and Kaspersky as an EDR (Endpoint Detection and Response) solution for threat detection.• Performed initial triage on detected security events and escalated incidents as necessary for a hands-on learning experience.