Tools : LogRhythm SIEM, Microsoft Sentinel, Service Now Ticketing Tool, Microsoft Copilot- Currently working L3 SOC Analyst role includes Incident Management, SIEM Analytics rule Management, Trending threat hunting, Incident Automation Suggestions, Workbook Management.- Incident L3 Analysis and Platform monitoring for Microsoft Sentinel and LogRhythm SIEM.- Handled multiple SIEM Audit requirements for customers managed SOC.- Threat Hunting using Notebooks and Threat Intelligence gathering.- Active participation to Identify Attacks from AttackIQ tool for red teaming activity.- Daily, Weekly and Monthly Report Preparation & Remediation action with managed SIEM customers.- Playbook Creation for Use case Investigations.- Workbook Creation and Tuning as per customer requirement and visibility.- Analytics rule creation and tuning as per customer requirements.- Incident automation and Playbook management to handle critical SIEM incident.- Malicious Program and Suspicious Traffic Investigation and New Analytics rule Development.- New Data Connector Onboarding, Health Monitoring and Troubleshooting.- Actively involved in Microsoft/ LogRhythm support case raise and SIEM platform troubleshoot activity.

Tools : ServiceNow Ticketing Tool, SIEM Tools (LogRhythm, ArcSight), SOAR, Recorded Future (Threat Intelligence).- Daily SME level activity includes Troubleshoot call with customer SPOC.- Daily Alert Analysis and Platform monitoring for LogRhythm and ArcSight SIEM.- Handled multiple SIEM Audit requirements for customers managed SOC.- Threat Hunting and Threat Intelligence gathering.- Active participation to Identify Attacks in IDRBT SOC drills.- Daily, Weekly and Monthly Report Preparation & Remediation action with managed SIEM customers.- SOP and Playbook Creation for Use case Investigations.- Dashboard Creation and Tuning as per customer requirement and visibility.- Threat detection rule creation and tuning as per customer requirements.- Configuration and troubleshoot for devices onboarding &management for SIEM SOAR takedown playbooks.- Malicious Program and Suspicious Traffic Investigation and New use case Development.- New Log Sources Onboarding, Health Monitoring and Troubleshooting.- Actively involved in LogRhythm support case raise and SIEM platform troubleshoot activity.

Tools: Splunk Enterprise Security, Elastic Stack, AlienVault USM, Nessus, Accunatix VM1. Experience in Threat Hunting, Threat Intelligence, Malware Analysis, Incident Response2. Responsible for the technical deployment or troubleshooting in SIEM ensuring the efficient functioning of the solution3. Responsible for Incident Validation, Incident Analysis, Solution Recommendation,4. Troubleshooting of an incident within IT Security incident response teams of SOC.5. Apply investigation techniques to document the root cause and impact of detected computer security incidents6. Maintain awareness of new and emerging cyber-attack threats with the potential to harm company systems and networks. Devises and implements countermeasures to mitigate potential security threats.7. Assist with the development and maintenance of IT security measurement and reporting systems to aid in monitoring the effectiveness of IT Security programs.8. Assist with the development, revision, and maintenance of Standard Operating Procedures and Working Instructions related to IT Security.9. Conducting Vulnerability Assessment & Penetration Testing and Report communication to the IT team.10. Good Coordination skills with various other teams for faster resolution/completion and closing ticket within escalation time.

Tools: Splunk Enterprise Security, Elastic Stack, AlienVault USM, Nessus, Accunatix VM1. Experience in Threat Hunting, Threat Intelligence, Malware Analysis, Incident Response2. Responsible for the technical deployment or troubleshooting in SIEM ensuring the efficient functioning of the solution3. Responsible for Incident Validation, Incident Analysis, Solution Recommendation,4. Troubleshooting of an incident within IT Security incident response teams of SOC.5. Apply investigation techniques to document the root cause and impact of detected computer security incidents6. Maintain awareness of new and emerging cyber-attack threats with the potential to harm company systems and networks. Devises and implements countermeasures to mitigate potential security threats.7. Conducting Vulnerability Assessment & Penetration Testing and Report communication to the IT team.8. Good Coordination skills with various other teams for faster resolution/completion and closing ticket within escalation time.