Cyber Security Analyst Immediate Joiner
Resume:
PAVAN KUMAR S H
Cyber Security Analyst
Monitoring security for 24/7, and Deep dive analysis of triggered alerts using SIEM. Acknowledging and closing false positive and raising tickets for valid incidents. Investigating incidents, remediation, tracking and follow-up for incident with concerned teams, stakeholders. Acknowledging closures and closing tickets (True positive or False Positive) as per client response. Perform real time monitoring, security incident handling, analysis and escalations of security events from multiple log sources.
Frequently checking log sources activity and checking EC and EP status. Maintain up-to-date documentation, trackers, repositories. Participate in case review meetings to walk through the handled incidents to peers, SOC Manager and stakeholders.
Search for more information on observed indicators such as flies and IP addresses. Handling escalated alerts of L1 security analysts. Escalating issues to L3 and management whenever necessary.
Frequently sharing IOC's and Advisory's to the client and maintaining SLA's. Monitoring important mails and reverting multiple clients according to there requirements. Fetching required data's by applying filters on SIEM Tool IBM QRadar. Build weekly and monthly reports and drafts shift hand overs mails and handover calls. SUMMARY Self-driven proactive individual with 2.5+ years of experience as a security analyst and having hands on experience on threat detection and incident response. I’m Eager to contribute my expertise in cyber security to major global organization, ensuring the highest level of protection against evolving threats. My goal is to effectively apply my skills in dynamic security environment, actively participating in achieving the organization objectives, while seizing opportunities for continuous learning and professional growth. Provide Cyber Security Operations Centre support on a 24x7x365 basis by shift work, with rotation. Continuous monitoring of alert queues on the SIEM console. Identify false positives and true positives understanding and differentiating intrusion attempts and false alarms. Handle alerts in the SIEM by creating tickets and monitoring intrusions, reviewing security events and alerts generated from multiple log sources.
Regularly communicate with customer IT teams to inform them of issues, and help them to determine and escalate paths for each incident.
Conduct detailed investigations to include intake, prioritization, and documentation of privacy and security incidents.
Based on the alerts, triage the events, and accordingly create a ticket and assign it to Level 2 Analyst. Follow the incident lifecycle defined for alerts.
Ability to handle multiple high-priority items and reprioritize at a moment's notice. Document and maintain privacy and security incident reports for internal compliance. Preparing daily, weekly, and monthly reports.
Shift handover to the nextshift with important updates and pending actions. EXPERIENCE
SOC Analyst L1
Inspira Enterprise India Ltd
CyberSecurityAnalyst
Network Intelligence Pvt Ltd
Bangalore
10/2024 - Present
Navi Mumbai
06/2023 - 09/2024
+91-906******* *************@*****.*** Bangalore https://www.linkedin.com/in/pa van-kumar-s-h
TOOLS
EDUCATION
KEY SKILLS
CERTIFICATION
GOOD KNOWLEDGE ON
Incidentresponse
SIEM management
Log analysis
C1000-162: IBM Security Qradar SIEM V7.5
TCM Security
305 Analyst Fundamentals - LogRhythm
EHE Ec-Council
Bachelor's Of Computer Application Davangere University SIEM TOOL: Splunk ES, IBM QRadar, Azure Sentinel
EDR: Cisco amp
ESA: MS365 Defender
Firewall: Palo Alto, checkpoint
AV: Symantec Antivirus
IPS: Snort
Proxy: Cloud flare
Ticketing Tool: Fresh service, Manage Engine
Good knowledge on security solutions like Firewall, IPS, IDS etc. Good knowledge on network devices like Hub, Switch, Routers. Phases of attacks and mitigations.
Good understanding on malware and its types.
Knowledge on NAT, PAT.
Good knowledge on Architecture of QRadar & Splunk. Knowledge on OSI Model.
Good understanding about cyber kill chain process. Well knowledge about types of hackers.
Familiar with servers: DNS, DHCP, Email server.
Understanding on security concepts like AAA and CIA. Solid understanding on IP address, MAC address, ports and protocols. Good understanding about Event IDs
2018 - 2020
Splunk Fundamental
Contact this candidate