R MANOJ
Email: *************@*****.***
Contact: +91-949*******
ArcSight QRadar
Professional Summary:
Overall 3+ years of experience into Information Technology with 3 years of experience into Information Security as Security Analyst (SOC)
Good understanding of security solutions like Anti-virus, DLP, Proxy, Firewall filtering/monitoring, IPS, Email Security, EPO, WAF etc.
Hands on experience with QRadar, ArcSight,Macfee SIEM tool for logs monitoring and analysis, Service now ticketing tool.
Good knowledge on networking concepts including OSI layers, subnet, TCP/IP, ports, DNS, DHCP, firewall monitoring, content filtering, check point etc.
Key skills:
Software:MS Office Suite (Word, PowerPoint, Excel)
Operating systems such as Windows and Linux
SIEM Tool: IBM QRadar, ArcSight,McAfee Nitro, Splunk, MacAfee
Networking: Switches, Routers, OSI layers, TCP/IP model, Security Solutions, Malware analyst
Certified Ethical Hacker
Application Security - Web Security
Phishing Email Analysis, NMAP
Create, Modify and Update Security Information Event Management (SIEM) Tools.
Perform Cyber and Technical Threat Analyses
Cisco network
IEM MONITORING
INCIDENT MANAGEMENT
TICKET PROVISING
Work History:
Security Analyst at Genpact, Bangalore.
May 2017 - Till Date
Key Responsibilities:
Served as Analyst in SOC operations for real-time monitoring, analyzing logs from various security/Industrial appliances.
Administrating various incidents/security alerts triggered in SIEM tool.
Carrying out log monitoring and incident analysis for various devices such as Firewalls, IDS, IPS, database, web servers and so forth.
Security event analysis and intrusion detection by review and analysis of events generated by various components including IDS/IPS, firewalls, Routers, DB, OS and various types of security devices.
Knowledge of Installation, Configuration and upgradation of various connectors, and its troubleshooting.
Work closely with business units to ensure that they know what and how to feed data into Qradar and to create network hierarchy, classify Log Sources within the QRadarSIEM.
Monitoring the customer network using IBMSIEM tool– QRadar,HPArcSight,,MacAfee.
Performing Real-Time Monitoring, Investigation, Analysis, Reporting and Escalations of Security Events from multiple log sources.
Maintain keen understanding of evolving internet threats to ensure the security of client networks.
Contacting the customers directly in case of high priority incidents and helping the customer in the process of mitigating the attacks.
Co-ordinate extensively with networking teams to maintain and establish communication to remote QRadar Collectors/Processors.
Understanding the incident based on to determine whether it’s false or true positive.
Troubleshooting SIEM dashboard issues when there are no reports getting generated or no data available.
Determine the scope of security incident and its potential impact to Client network recommend steps to handle the security incident with all information and supporting evidence of security events.
Creation of reports and dashboards and rules fine tuning.
Good understanding of OWASP Top 10, IDS, IPS, Threat modeling and Cyber Attacks like DOS, DDOS, MITM,SQL Injection, XSS and CSRF.
Recommended design changes for network systems that included router, switch, and firewall configuration
Provided Network Support on Routing protocols such RIP, RIPv2, EIGRP, and EIGRP2
Configured and maintained firewalls
Configuring RADIUS or TACACS+ authentication on Cisco ASA firewalls
Working experience on troubleshooting Cisco VPNs both Site-to-Site and Remote Access
Maintained upgrades and monitored all server and internal infrastructure equipment
Preformed firewall configuration primarily through the command line interface
Monitoring the security events from all the Log sources in MacAfee Nitro SIEM.
Monitoring, analyzing and responding to infrastructure threats and vulnerabilities.
Understanding the incident based on to determine whether it’s false or true positive.
Cross checking the scanned files which we have received from the Helpdesk Team for the recommendation we have given.
Taken care of providing the report on Daily basis with false Positive and True Positive trend.e
Monitoring the security events from all the Log sources in MacAfee Nitro SIEM.
Recommended design changes for network systems that included router, switch, and firewall configuration
Provided Network Support on Routing protocols such RIP, RIPv2, EIGRP, and EIGRP2
Configured and maintained firewalls
Maintained upgrades and monitored all server and internal infrastructure equipment
Preformed firewall configuration primarily through the command line interface
Configuring RADIUS or TACACS+ authentication on Cisco ASA firewalls
Working experience on troubleshooting Cisco VPNs both Site-to-Site and Remote Access
Monitoring, analyzing and responding to infrastructure threats and vulnerabilities.
Understanding the incident based on to determine whether it’s false or true positive.
Taken care of providing the report on Daily basis with false Positive and True Positive trend.
Identify, investigate, or resolve security breaches and incidents.
Creating Dashboard onQRadar to analyze the Data
Initial troubleshooting with respect to Log Source Communication issues.
Monitoring, analyzing and responding to infrastructure threats and vulnerabilities.
Understanding the incident based on to determine whether it’s false or true positive.
Working in GSOC (Global security Operation center) with multiple clients.
Creating Reports alerts and investigate issues identified during monitoring the live traffic.
Preparing RCA document and daily/weekly/monthly Reports.
Cross checking the scanned files which we have received from the Helpdesk Team for the recommendation we have given
Handling multiple customers globally analyzing the customer networks for potential security attacks.
Support security incident response processes in the event of a security breach by providing incident reporting.
Troubleshooting basic errors identified in QRadarand fixing those errors.
Education:
B.Tech from Siddhartha Institute of technology & Science,Hyderabad in 2017
Declaration:
I hereby declare that the above-mentioned information is correct up to my knowledge and I bear that responsibility for the correctness of the above-mentioned.
(R.Manoj)