Skills
Ticketing tools- Service now • Ivanti
• SIEM- Microsoft Azure Sentinel • Splunk
• EDR - Microsoft 365 defender Endpoint Security • CrowdStrike • SEPM
• Vulnerability Assessment- Qualys
• Sandboxing- JoeSanbox
• Email security- Microsoft O365 Defender
• Microsoft Entra • Incident Management • Information Security • Cyber Security SIEM Management
About
Monitor Security Operation Center (24x7) events, detecting, preventing, and responding to various Intrusion attempts, threats,
vulnerabilities using SIEM tool -Azure Sentinel
Performing analysis on true positive alerts to determine root cause and impact.
Investigating of phishing emails that the user reports to SOC and analyzing suspicious emails (phishing, spoofed, spam or
SOC Specialist II
other) and finding the legitimacy of those emails, ACADEMIC DETAILS contacting appropriate teams either to whitelist
/blacklist email sender, Blocking the malicious domains and IP's
Examination of Malware reported events by end users by accumulating all the necessary information and work with end users on
issued remediation
Collaborate with teams to create and potentially execute incident mitigation and remediation plans and to close the incident within
SLA.
Providing ad-hoc requests as per internal and client-side requirement.
Assisting the team in finetuning of existing use case of SIEM to reduce false positive incidents. Identifying miss configured
policies and suggesting necessary changes.
Maintaining daily reports number of incidents created, SLA breached report, Hourly offense status report and Draft shift
Handover.
Profile Photo
