Having total 3.1 years of experience in Information Security and currently working as a Security Analyst (Security Operation Center team).Experience with SIEM (Security Information and Event Management) tools like monitoring real-time events using IBM Qradar, ArcSight, Splunk, Rapid7, Azure Sentinel.Preparing daily, weekly and monthly reports as per client requirements.Investigating and creating cases for the security threats and forwarding it to the Onsite SOC team for further investigation and action.Good Knowledge of OSI Models, Protocols, security concepts, WAN and LAN concepts, Routing protocols, Firewall security policies and VPN.IDS/IPS – Check Point, HP Tipping Point, Check Point IPS.Having excellent knowledge of Intrusion Detection (deep TCP/IP knowledge, and Cyber security), various operating systems (Windows/UNIX), and web technologies (focusing on Internet security).Having ability to read and understand packet level data Intrusion detection and prevention and Network Security Products (IDS/IPS, firewalls, etc.) Host Security Products (HIPS, AV, scanners, etc.).Experience in performing log analysis and analyzing the crucial alerts an immediate basis through SIEM.Handling critical alerts from Symantec Endpoint Protection and working for resolution. Handling alerts from Crowd Strike EDR and investigation.Correlating the incoming events by creating rules based on a specific set of conditions and logical operations.Hands-on experience in Threat Investigation analysis and Security Monitoring and Operation. Identify malicious URLs and suspicious IPs from IDS events generated and also block the malicious website on proxies to prevent future download of the virus.Analysis of virus alerts triggered by Symantec (SEPM) and provides the remediation steps. SEP health analysis and reporting the outdated workstations to update the virus definitions.