About Candidate

A Cyber Security Analyst with proficiency through experience with over 5 years of IT experience and 4 years of SOC & SIEM as a Security analyst to monitoring and investigation system surveillance for suspicious events using SIEM and SOAR Tools. That bestows on me the confidence to accomplish and undertake challenges in the future.

Education

B
B.Tech (EEE) 2014
Sri Prakesh Collage of Engineering

Work & Experience

S
System Analyst July 2018 - March 2019
Infinite Computer Solutions

 Collaborate with technical and threat intelligence analysts to provide indications and warnings and contributes to predictive analysis of malicious activities  Create and track incidents and ETMS  Investigate all security alerts received by making use of all tools and log files possible to determine if the alert is a false positive, a security event, an actual attack, and/or a security incident  Monitor security events and logs such as proxy logs, IPS/IDS events, Firewall, Active Directory (user verification), Vulnerability scans, Anti-Malware events, Web Application Firewall,System log files, to maintain situational awareness  Monitoring and analysis of security events to determine intrusion and malicious events  Perform investigations and evaluations of network traffics, read, and interpret logs with RSA Security and Verizon Siem  Perform shift handoff at the end of every shift to provide situational awareness to the incoming shift.

S
Sr.Security Analyst Mar 2019 - Till
Tech Mahindra

 The main goal of this project is Monitoring of security events using a SIEM, SOAR and other feeds, looking for significant events, and processing reports of unexpected network activity.  Support ongoing tracking and remediation of security issues, ensuring that tickets are closed and issues are addressed in a timely manner.  Conduct investigations on security incidents, perform root cause analysis, and develop mitigation strategies.  Collaborate with cross-functional teams, including network engineers and system administrators, to implement security controls and enhance incident response procedures.  Create and track incidents and request using ticketing tool: (Service desk and Foresight)  On daily basis, checking the non-reporting devices and notifying platform if any device goes down( Syslog servers,etc) and Daily Checking the Health status using the tools like Grafana  Stay up to date with current vulnerabilities, attacks, and countermeasures with security blogs and internal news reportings from CISA, Alien Vault  Perform investigations and evaluations of network traffics, read and interpret logs, and PCAP analysis with Wireshark  Search firewall, email, web or DNS logs to identify and mitigate intrusion attempts  Investigate malicious phishing emails, domains and IPs using Open Source tools and recommend proper blocking based on analysis.  Continuously monitoring and interpreting threats using the IDS and SIEM tools  Stay updated with the latest threats and vulnerabilities by monitoring security advisories, vendor alerts, and industry news.  Provide timely and accurate reports on security incidents, trends, and potential risks to management and stakeholders.  Using FortiSOAR, working on cases generated from SIEM alerts based on playbook created. Cases are elevated into incident if the alert is True positive  Perform shift handoff at the end of every shift to provide situational awareness to the incoming shift. Project:1  Working on the RSA Netwitness SIEM providing operations support at the Security Operations Center for different member firms.  Monitoring live traffic using SIEM.  Participate in weekly and monthly review calls with Customer.  security technologies, including SIEM, IDS/IPS, firewalls, endpoint security, content filtering, and packet inspection  Preparing daily and weekly Reports on client requirement for security threats and trends on the network.  Escalate tickets to the appropriate group  Monitored system servers and desktop per acceptable use policy  Oversee all reports and documentation related to network equipment operations  Perform shift handoff at the end of every shift to provide situational awareness to the incoming shift.

Be the first to review “Sundar Ys”