Soc Analyst Security Associate
Resume:
CURRICULUM VITAE
Anil Kumar
E-**3/434 Budh Nagar, Inderpuri, New Delhi-110012
Email: ************@****.**
Professional Summary
Informational security professional with 10 years of industrial experiences out of which 6 year of experience in handling SOC operations as L1 & L2 positions. Have good exposure to security technologies like SIEM, Vulnerability management, Privilege Access Management, Threat Intelligence and Incident Management.
Note: Immediate Joiner
Certifications
Certified Ethical Hacker V12
Cyber Security Foundation Professional Certificate (CSFPC)
Fortinet - NSE 1 & 2 Network Security Associate
Technical Skills
SIEM & Related Tools: Micro focus (ArcSight ESMv10.5 / Logger), RSA (Net witness 11.3, RSA Security Analytics 10.3, Gurucul – UEBA,
Ticketing Tool: Service now, RSA Archer
Anti-virus: TrendMicro.
PAM (privileged access management): NetIQ Micro focus, ARCON PAM
Threat Intelligence Platform’s: IP void, Virus Total, Mx Toolbox, URL void, Cisco Talos, IBM XForce.
Patch Tool: Mircofocus ZENworks.
Additional skills:
Organized and dedicated worker with serious approach.
Good communication skills including delivery of security reports in plain English.
Demonstrated capacity to work effectively in teams and independently as evidenced through work history.
Displayed excellent abilities like positive outlook, Integrity, communication and commitment skills.
Hard working, self-motivated to excel professional development.
Ability to complete tasks within the specified span of time.
Professional Experience with job details
Working as a Sr.SOC Analyst in SIFY Technologies Limited, New Delhi, India from Oct 2022 to till
Job Responsibility:
Desired Skills:
Log monitoring through SIEM tool
Incident Handling -Investigate incident, remediation and follow-up for incidents.
Create and track investigation to resolution.
Basic trouble shooting of log source issues.
Handling a various alert related, possible phishing attack, SMB signatures, Brute force attack, Logon failure, Suspicious signatures, Recon activity, Authentication failure, failed attempt alert, Log Source not reporting, Symantec left alone, alert related to network scan etc...
Distinguishing alerts into false positive and true positive in order to raise the tickets on true positive alerts and to escalate the same for responsible team as per the given escalation matrix.
Remediating the incidents, if possible, otherwise, will gathering information then raise a ticket and write the description then escalate to next level.
Performing the follow up activities in order to send the reminders to the respective persons or team to take action on raised tickets within a stipulated time.
Performing ticket closure activities once the action taken on raised tickets.
Generate daily incident reports and monthly reports on time.
Maintain the timely delivery of reports.
Knowledge of security best practices and concepts.
Review, analyze, and respond to security events triggered through the security monitoring systems according to internal security procedures for cyber events.
Provide proactive feedback to senior personnel and management as required.
Responsible for shift handover.
Communicate with external team to resolve the queries relating to the raised incidents.
Working as a Sr.SOC Analyst in Inspira Enterprise India Private Ltd from 28th May 2021 to 07th Oct 2022.
Client: Housing and Urban Development Corporation Ltd (HUDCO)
Job Responsibility:
Desired Skills:
Log monitoring through SIEM tool
Incident Handling -Investigate incident, remediation and follow-up for incidents.
Create and track investigation to resolution.
Basic trouble shooting of log source issues.
Distinguishing alerts into false positive and true positive in order to raise the tickets on true positive alerts and to escalate the same for responsible team as per the given escalation matrix.
Remediating the incidents, if possible, otherwise, will gathering information then raise a ticket and write the description then escalate to next level.
Performing the follow up activities in order to send the reminders to the respective persons or team to take action on raised tickets within a stipulated time.
Performing ticket closure activities once the action taken on raised tickets.
Generate daily incident reports and monthly reports on time.
Maintain the timely delivery of reports.
Knowledge of security best practices and concepts.
Review, analyze, and respond to security events triggered through the security monitoring systems according to internal security procedures for cyber events.
Provide proactive feedback to senior personnel and management as required.
Responsible for shift handover.
Communicate with external team to resolve the queries relating to the raised incidents
Working as a SOC Analyst in Motherson Sumi InfoTech design Ltd from 09th July 2018 to 26th May 2021.
Job Responsibility:
Security (SIEM- Arcsight) Monitoring.
a.Monitoring of logs
b.Troubleshooting
c.Creation of Reports
Manage and configure security monitoring tools
Review alerts and determines relevancy and urgency
Create trouble tickets for alerts that signal an incident; escalate to Tier 2 for review and/or incident response.
Support vendors in conducting POC for Arcsight and Qradar.
Working on Threat intelligence feeds.
Working on Security Advisories for compliance and asset management
Maintain strong communications with the client to manage expectations, ensure client satisfaction.
Responsible for handling security incidents which are reported at our CERT Desk.
Device Integration on SIEM tool for various devices.
Creation of SOC Weekly report and sends to Stakeholders.
Creation of Monthly Threat Intelligence Dashboard and sends to Stakeholders.
Working as a Senior Engineer in HCL COMNET LIMITED from 28th April 2014 to 08th July 2018.
Client Site: Oriental Bank of Commerce.
Job Responsibility:
Experience in administration of RSA Archer GRC (ver6.1) applications
1.Assign L1 incident handlers to reviewed and assess the incident.
2.Investigation and analysis -> escalate an incident to an L2 & L3.
3.Capture the timeline of the incident.
4.Resolve the incident and track root cause analysis and security control Efficacy.
5.Daily, Weekly & Monthly Reports to customers.
6.User and account handling
SOC Monitoring of SIEM Tool (RSA SA Version 10.6.3).
1.Monitoring of logs and creating Alerts.
2.Rules, Reports, Device Configuration, and Troubleshooting.
3.Create User and Provide services as per requirement.
Knowledge of WSA Proxy iron port 10.1.0.-52
1.Backup and restoration of SOC Devices.
2.Invoke and revoke the internet access to the user IPs and websites.
3.Create identified profile, category & Access policy as per User requirement.
4.Upgrade the Devices.
Knowledge on Anti-Apt (ver. 6.2.2)
1. Health Checkup.
2. Reporting
3. Monthly Backup.
4. Blacklist and Whitelist IP as per analysis and Customer requirement.
Knowledge of ARCOS PAM (Ver 4.7.9.3)
1.Adding new Users and providing access rights, to specific services on a role basis& reporting.
2.Device and services health Check
3.Fetching the report daily, weekly wise.
4.Monthly Backup.
Knowledge of NBA (ver 6.8.4),
1.Create User and Provide services as per requirement.
2.Fetching the report daily, weekly wise.
3.Monthly Backup.
Other Experience
Employee
MICROLAND LIMITED
Customer
Bank of America & Honeywell International (India) Pvt. Ltd
Period
1ST Oct 2009 to 25th April 2014
Role/ Responsibilities
EUS Engineer – Desktop Support Engineer & Voice Support Engineer
Employee
iGATE (“IMS Limited “)
Customer
Matrix Cellular (International) Services Pvt. LTD
Period
5 May 2008 to 30th Sep 2009
Role/ Responsibilities
Field Engineer – Desktop Support Engineer
Academic Qualification
Course
Institution
Board/University
Year of completion
Division
MCA
Soft dot Hi-Tech Educational & Training Institute, Delhi
Sikkim Manipal University
2012
II
BCA
Guru Nanak Institute of Management, Delhi
Guru Gobind Singh Indraprastha University
2004
I
10+2
S.K.R SR.SEC Public School- Delhi
AISSCE
2001
II
High school
S.K.R SR.SEC Public School- Delhi
C.B.S. E
1998
III
Strengths
Self motivated, with good interpersonal and communication skills.
Ability to take on responsibility and work as a team member / Tech Lead.
I regard Team Spirit as an integral part of productivity.
Dedication & serious involvement in the assigned job.
Honest attitude for professional & personal life.
Highly flexible to work anywhere any time.
Innovative & Positive Attitude
Hardworking
Personal Profile
Father’s Name : Sh. Rajender Kumar
Languages known : English, Hindi.
Interest : Drawing & Learn new technology.
Marital Status : Married
Notice Period : Immediate joiner (15 days)
Place: Delhi ANIL KUMAR
Date:
Contact this candidate