Security Analyst
CurrentLed 24/7 security operations, ensuring smooth shift transitions, accurate incident reporting, and continuous monitoring to maintain operational efficiency.• Managed DLP incidents in Microsoft Purview, phishing alerts, and security events by analyzing logs through Splunk SOAR and CrowdStrike, ensuring detection and response to potential threats.• Deployed Splunk SOAR for case management, integrating notables and creating automation playbooks and workbooks.• Integrated threat intel feeds from Crowd Strike Falcon X, enhancing the SOC's ability to identify and mitigate threats.• Led the implementation and fine-tuning of the Splunk and Logscale SIEM platforms and conducted regular vulnerability scanning with Tenable and address security weaknesses.• Enhanced email security and phishing protection with Proof Point and Know4be, reducing phishing attack success rates.• Streamlined Splunk log ingestion from various data sources, optimizing data capture.• Coordinate with SIEM vendors for tool upgrades and fine-tuning, enhancing alert accuracy.• Investigate SIEM alerts, conduct root cause analysis, and manage incidents within SLAs, enhancing overall security posture and response efficiency.• Maintained comprehensive documentation of all threat detection processes, audits, and incident reports.• Assisted in vulnerability management programs, conducting periodic assessments and patching security gaps across networks and applications.