CURRICULUM VITAE

Anil Kumar

) 981*******

E-**3/434 Budh Nagar, Inderpuri, New Delhi-110012

Email: advwb1@r.postjobfree.com

Professional Summary

Informational security professional with 10 years of industrial experiences out of which 6 year of experience in handling SOC operations as L1 & L2 positions. Have good exposure to security technologies like SIEM, Vulnerability management, Privilege Access Management, Threat Intelligence and Incident Management.

Note: Immediate Joiner

Certifications

Certified Ethical Hacker V12

Cyber Security Foundation Professional Certificate (CSFPC)

Fortinet - NSE 1 & 2 Network Security Associate

Technical Skills

SIEM & Related Tools: Micro focus (ArcSight ESMv10.5 / Logger), RSA (Net witness 11.3, RSA Security Analytics 10.3, Gurucul – UEBA,

Ticketing Tool: Service now, RSA Archer

Anti-virus: TrendMicro.

PAM (privileged access management): NetIQ Micro focus, ARCON PAM

Threat Intelligence Platform’s: IP void, Virus Total, Mx Toolbox, URL void, Cisco Talos, IBM XForce.

Patch Tool: Mircofocus ZENworks.

Additional skills:

Organized and dedicated worker with serious approach.

Good communication skills including delivery of security reports in plain English.

Demonstrated capacity to work effectively in teams and independently as evidenced through work history.

Displayed excellent abilities like positive outlook, Integrity, communication and commitment skills.

Hard working, self-motivated to excel professional development.

Ability to complete tasks within the specified span of time.

Professional Experience with job details

Working as a Sr.SOC Analyst in SIFY Technologies Limited, New Delhi, India from Oct 2022 to till

Job Responsibility:

Desired Skills:

Log monitoring through SIEM tool

Incident Handling -Investigate incident, remediation and follow-up for incidents.

Create and track investigation to resolution.

Basic trouble shooting of log source issues.

Handling a various alert related, possible phishing attack, SMB signatures, Brute force attack, Logon failure, Suspicious signatures, Recon activity, Authentication failure, failed attempt alert, Log Source not reporting, Symantec left alone, alert related to network scan etc...

Distinguishing alerts into false positive and true positive in order to raise the tickets on true positive alerts and to escalate the same for responsible team as per the given escalation matrix.

Remediating the incidents, if possible, otherwise, will gathering information then raise a ticket and write the description then escalate to next level.

Performing the follow up activities in order to send the reminders to the respective persons or team to take action on raised tickets within a stipulated time.

Performing ticket closure activities once the action taken on raised tickets.

Generate daily incident reports and monthly reports on time.

Maintain the timely delivery of reports.

Knowledge of security best practices and concepts.

Review, analyze, and respond to security events triggered through the security monitoring systems according to internal security procedures for cyber events.

Provide proactive feedback to senior personnel and management as required.

Responsible for shift handover.

Communicate with external team to resolve the queries relating to the raised incidents.

Working as a Sr.SOC Analyst in Inspira Enterprise India Private Ltd from 28th May 2021 to 07th Oct 2022.

Client: Housing and Urban Development Corporation Ltd (HUDCO)

Job Responsibility:

Desired Skills:

Log monitoring through SIEM tool

Incident Handling -Investigate incident, remediation and follow-up for incidents.

Create and track investigation to resolution.

Basic trouble shooting of log source issues.

Distinguishing alerts into false positive and true positive in order to raise the tickets on true positive alerts and to escalate the same for responsible team as per the given escalation matrix.

Remediating the incidents, if possible, otherwise, will gathering information then raise a ticket and write the description then escalate to next level.

Performing the follow up activities in order to send the reminders to the respective persons or team to take action on raised tickets within a stipulated time.

Performing ticket closure activities once the action taken on raised tickets.

Generate daily incident reports and monthly reports on time.

Maintain the timely delivery of reports.

Knowledge of security best practices and concepts.

Review, analyze, and respond to security events triggered through the security monitoring systems according to internal security procedures for cyber events.

Provide proactive feedback to senior personnel and management as required.

Responsible for shift handover.

Communicate with external team to resolve the queries relating to the raised incidents

Working as a SOC Analyst in Motherson Sumi InfoTech design Ltd from 09th July 2018 to 26th May 2021.

Job Responsibility:

Security (SIEM- Arcsight) Monitoring.

a.Monitoring of logs

b.Troubleshooting

c.Creation of Reports

Manage and configure security monitoring tools

Review alerts and determines relevancy and urgency

Create trouble tickets for alerts that signal an incident; escalate to Tier 2 for review and/or incident response.

Support vendors in conducting POC for Arcsight and Qradar.

Working on Threat intelligence feeds.

Working on Security Advisories for compliance and asset management

Maintain strong communications with the client to manage expectations, ensure client satisfaction.

Responsible for handling security incidents which are reported at our CERT Desk.

Device Integration on SIEM tool for various devices.

Creation of SOC Weekly report and sends to Stakeholders.

Creation of Monthly Threat Intelligence Dashboard and sends to Stakeholders.

Working as a Senior Engineer in HCL COMNET LIMITED from 28th April 2014 to 08th July 2018.

Client Site: Oriental Bank of Commerce.

Job Responsibility:

Experience in administration of RSA Archer GRC (ver6.1) applications

1.Assign L1 incident handlers to reviewed and assess the incident.

2.Investigation and analysis -> escalate an incident to an L2 & L3.

3.Capture the timeline of the incident.

4.Resolve the incident and track root cause analysis and security control Efficacy.

5.Daily, Weekly & Monthly Reports to customers.

6.User and account handling

SOC Monitoring of SIEM Tool (RSA SA Version 10.6.3).

1.Monitoring of logs and creating Alerts.

2.Rules, Reports, Device Configuration, and Troubleshooting.

3.Create User and Provide services as per requirement.

Knowledge of WSA Proxy iron port 10.1.0.-52

1.Backup and restoration of SOC Devices.

2.Invoke and revoke the internet access to the user IPs and websites.

3.Create identified profile, category & Access policy as per User requirement.

4.Upgrade the Devices.

Knowledge on Anti-Apt (ver. 6.2.2)

1. Health Checkup.

2. Reporting

3. Monthly Backup.

4. Blacklist and Whitelist IP as per analysis and Customer requirement.

Knowledge of ARCOS PAM (Ver 4.7.9.3)

1.Adding new Users and providing access rights, to specific services on a role basis& reporting.

2.Device and services health Check

3.Fetching the report daily, weekly wise.

4.Monthly Backup.

Knowledge of NBA (ver 6.8.4),

1.Create User and Provide services as per requirement.

2.Fetching the report daily, weekly wise.

3.Monthly Backup.

Other Experience

Employee

MICROLAND LIMITED

Customer

Bank of America & Honeywell International (India) Pvt. Ltd

Period

1ST Oct 2009 to 25th April 2014

Role/ Responsibilities

EUS Engineer – Desktop Support Engineer & Voice Support Engineer

Employee

iGATE (“IMS Limited “)

Customer

Matrix Cellular (International) Services Pvt. LTD

Period

5 May 2008 to 30th Sep 2009

Role/ Responsibilities

Field Engineer – Desktop Support Engineer

Academic Qualification

Course

Institution

Board/University

Year of completion

Division

MCA

Soft dot Hi-Tech Educational & Training Institute, Delhi

Sikkim Manipal University

2012

II

BCA

Guru Nanak Institute of Management, Delhi

Guru Gobind Singh Indraprastha University

2004

I

10+2

S.K.R SR.SEC Public School- Delhi

AISSCE

2001

II

High school

S.K.R SR.SEC Public School- Delhi

C.B.S. E

1998

III

Strengths

Self motivated, with good interpersonal and communication skills.

Ability to take on responsibility and work as a team member / Tech Lead.

I regard Team Spirit as an integral part of productivity.

Dedication & serious involvement in the assigned job.

Honest attitude for professional & personal life.

Highly flexible to work anywhere any time.

Innovative & Positive Attitude

Hardworking

Personal Profile

Father’s Name : Sh. Rajender Kumar

Languages known : English, Hindi.

Interest : Drawing & Learn new technology.

Marital Status : Married

Notice Period : Immediate joiner (15 days)

Place: Delhi ANIL KUMAR

Date:

Contact this candidate