Susmitha Vadana

 Working on IBM QRadar SIEM Tool for Providing the SOC (Security Operation Centre) Operations.  Part of SIEM administration team working Global SOC.  Monitor real-time security events and dashboard monitoring on Event Analysis and Investigating.  Good Knowledge on OSI Models, ICMP, HTTP, HTTPS, DNS, TCP/IP, Protocols, Security concepts, WAN and LAN concepts, Routing protocols, Firewalls, Threat Hunting, VPN, IPS/ IDS.  Analysing Phishing, Spamming, and Malicious URL sites, Malware etc.  Working on incidents and reviewing the alerts and do detailed analysis on alerts.  After analysing alert raising incident in ticketing tool for true positive incidents and follow up the team up to incident closure.  For better security practice creating templates of Threat Advisories for recently released Security updates and recent attacks once validated by Tech Lead releasing to clients.  Basic Troubleshooting of devices for log stoppage.  Preparation and Validation of SOPs, SOC operational Manual, Process Documents, Prepared Incident management and Escalation Matrix.  Regular monitoring, log analysis and reporting.  Working on incidents and reviewing the alerts and do detailed analysis on alerts.  Creating and submitting of daily, weekly, monthly reports without fail.  Writing Use cases based on Event of interest and Best practice and fine tuning as and when required.  Track and report on closure of tickets as per SLA.  Providing 24*7 support and coordinating with required team to resolve the issues.