Post Job Free

Resume

Sign in

Security Information

Location:
Hyderabad, Telangana, India
Posted:
September 25, 2020

Contact this candidate

Resume:

R MANOJ

Email: adgea1@r.postjobfree.com

Contact: +91-949*******

ArcSight QRadar

Professional Summary:

Overall 3+ years of experience into Information Technology with 3 years of experience into Information Security as Security Analyst (SOC)

Good understanding of security solutions like Anti-virus, DLP, Proxy, Firewall filtering/monitoring, IPS, Email Security, EPO, WAF etc.

Hands on experience with QRadar, ArcSight,Macfee SIEM tool for logs monitoring and analysis, Service now ticketing tool.

Good knowledge on networking concepts including OSI layers, subnet, TCP/IP, ports, DNS, DHCP, firewall monitoring, content filtering, check point etc.

Key skills:

Software:MS Office Suite (Word, PowerPoint, Excel)

Operating systems such as Windows and Linux

SIEM Tool: IBM QRadar, ArcSight,McAfee Nitro, Splunk, MacAfee

Networking: Switches, Routers, OSI layers, TCP/IP model, Security Solutions, Malware analyst

Certified Ethical Hacker

Application Security - Web Security

Phishing Email Analysis, NMAP

Create, Modify and Update Security Information Event Management (SIEM) Tools.

Perform Cyber and Technical Threat Analyses

Cisco network

IEM MONITORING

INCIDENT MANAGEMENT

TICKET PROVISING

Work History:

Security Analyst at Genpact, Bangalore.

May 2017 - Till Date

Key Responsibilities:

Served as Analyst in SOC operations for real-time monitoring, analyzing logs from various security/Industrial appliances.

Administrating various incidents/security alerts triggered in SIEM tool.

Carrying out log monitoring and incident analysis for various devices such as Firewalls, IDS, IPS, database, web servers and so forth.

Security event analysis and intrusion detection by review and analysis of events generated by various components including IDS/IPS, firewalls, Routers, DB, OS and various types of security devices.

Knowledge of Installation, Configuration and upgradation of various connectors, and its troubleshooting.

Work closely with business units to ensure that they know what and how to feed data into Qradar and to create network hierarchy, classify Log Sources within the QRadarSIEM.

Monitoring the customer network using IBMSIEM tool– QRadar,HPArcSight,,MacAfee.

Performing Real-Time Monitoring, Investigation, Analysis, Reporting and Escalations of Security Events from multiple log sources.

Maintain keen understanding of evolving internet threats to ensure the security of client networks.

Contacting the customers directly in case of high priority incidents and helping the customer in the process of mitigating the attacks.

Co-ordinate extensively with networking teams to maintain and establish communication to remote QRadar Collectors/Processors.

Understanding the incident based on to determine whether it’s false or true positive.

Troubleshooting SIEM dashboard issues when there are no reports getting generated or no data available.

Determine the scope of security incident and its potential impact to Client network recommend steps to handle the security incident with all information and supporting evidence of security events.

Creation of reports and dashboards and rules fine tuning.

Good understanding of OWASP Top 10, IDS, IPS, Threat modeling and Cyber Attacks like DOS, DDOS, MITM,SQL Injection, XSS and CSRF.

Recommended design changes for network systems that included router, switch, and firewall configuration

Provided Network Support on Routing protocols such RIP, RIPv2, EIGRP, and EIGRP2

Configured and maintained firewalls

Configuring RADIUS or TACACS+ authentication on Cisco ASA firewalls

Working experience on troubleshooting Cisco VPNs both Site-to-Site and Remote Access

Maintained upgrades and monitored all server and internal infrastructure equipment

Preformed firewall configuration primarily through the command line interface

Monitoring the security events from all the Log sources in MacAfee Nitro SIEM.

Monitoring, analyzing and responding to infrastructure threats and vulnerabilities.

Understanding the incident based on to determine whether it’s false or true positive.

Cross checking the scanned files which we have received from the Helpdesk Team for the recommendation we have given.

Taken care of providing the report on Daily basis with false Positive and True Positive trend.e

Monitoring the security events from all the Log sources in MacAfee Nitro SIEM.

Recommended design changes for network systems that included router, switch, and firewall configuration

Provided Network Support on Routing protocols such RIP, RIPv2, EIGRP, and EIGRP2

Configured and maintained firewalls

Maintained upgrades and monitored all server and internal infrastructure equipment

Preformed firewall configuration primarily through the command line interface

Configuring RADIUS or TACACS+ authentication on Cisco ASA firewalls

Working experience on troubleshooting Cisco VPNs both Site-to-Site and Remote Access

Monitoring, analyzing and responding to infrastructure threats and vulnerabilities.

Understanding the incident based on to determine whether it’s false or true positive.

Taken care of providing the report on Daily basis with false Positive and True Positive trend.

Identify, investigate, or resolve security breaches and incidents.

Creating Dashboard onQRadar to analyze the Data

Initial troubleshooting with respect to Log Source Communication issues.

Monitoring, analyzing and responding to infrastructure threats and vulnerabilities.

Understanding the incident based on to determine whether it’s false or true positive.

Working in GSOC (Global security Operation center) with multiple clients.

Creating Reports alerts and investigate issues identified during monitoring the live traffic.

Preparing RCA document and daily/weekly/monthly Reports.

Cross checking the scanned files which we have received from the Helpdesk Team for the recommendation we have given

Handling multiple customers globally analyzing the customer networks for potential security attacks.

Support security incident response processes in the event of a security breach by providing incident reporting.

Troubleshooting basic errors identified in QRadarand fixing those errors.

Education:

B.Tech from Siddhartha Institute of technology & Science,Hyderabad in 2017

Declaration:

I hereby declare that the above-mentioned information is correct up to my knowledge and I bear that responsibility for the correctness of the above-mentioned.

(R.Manoj)



Contact this candidate