• Experience in Information Security Management using SIEM tools (Azure sentinel, Splunk) with strong capability of analyzing and monitoring the logs.• Frequently checking upon the raw logs of the devices for any potential threat/suspicious activities. • Knowledge on the KQL queries investigation.• Analyzing Phishing/Spam emails targeted to users, identifying email headers associated with incoming emails, investigating them through Proofpoint and O365. • Performing analysis on Minor, Major and Critical alerts/events triggered in EDR, sharing our analysis to client and acknowledging them in EDR console. • Updating Threat intel, malware artifacts and file hashes which are shared among partners. • Creating process documents which would help the team as reference guide for the future prospect. • Expertise on SOC methodologies such as Incident Handling, Threat detection, real time security event handling, log analysis.• Working on Windows / Unix Security Logs as well as logs form IDS/IPS, HIDS DLP, Next Generation Firewalls, Anti-Virus/Malware, Vulnerability Assessment solution.• Building Reports on the behavior of the logs for the above-mentioned devices and also configuring the alerts if anything is of that critical. • Skilled in Security advisory and Anti-malware And Investigating security threats (DDOS, IP Spoofing, SQL injection) on network (log Monitoring).• Basic configuration in logger like preparing and generating Ad-hoc reports as and when what client request. • Sending daily, weekly and monthly report to the customer which contain all the information about internet security, configuration changes, deny logs, failed logins, alert summary, machines without AV, network security etc. • Monitoring’s mailbox, where it receives all suspicious/ spam/ phishing/ Unwanted emails from employees in a network