Tandra Rahul
About Candidate
| Diligent and detail-oriented SOC Analyst L1 with a strong foundation in cybersecurity fundamentals. Proficient in threat detection, incident response, and security monitoring.Overall 2.4 years of relevant experience in Information Security and currently working as a Security Analyst (Security Operation Center team).Experience with SIEM (Security Information and Event Management) tools like Monitoring real-time events using Splunk Cloud, Ark Sight, And XDR – Secureworks.Good knowledge of networking concepts including OSI layers, TCP/IP model, ports, DNS, DHCP, HTTP, etc. Good understanding of security solutions like Firewalls(palo alto), IDS, Anti-virus, etc. Preparing weekly and monthly reports as per client requirements.Hands-on experience with Splunk Cloud as SIEM tool for log monitoring, Log Analysis, and Network Traffic Analysis. Experience in performing and analyzing crucial alerts on an immediate basis. Investigating and creating a case for security threats. |
Education
Work & Experience
Work closely with business units to ensure that they know what and how to feed data into ArcSight create network hierarchy, and classify Log Sources within the McAfee SIEM. Monitoring the customer Network Traffic Analysis using IBMSIEM tool- Splunk, HP Arc Sight, and XDR tool- Secureworks. Tandra Rahul Skilled SOC Analyst L1 with Proficiency in Log Analysis, Malware Analysis, Threat Detection, Incident Response, and Security Monitoring. Performing Real-Time Security Incident Monitoring, Investigation, Log Analysis, Malware Analysis, Reporting, and Escalations of Security Events from Multiple log sources. Maintain a keen understanding of evolving internet threats to ensure the security of client networks. Escalating the security Incidents based on the client's SLA and providing meaningful information related to security incidents by doing in-depth analysis of event payload, and providing recommendations regarding security incidents mitigation which in turn makes the customer business safe and secure. Contacting the customers directly in case of high-priority incidents and helping the customer with Incident Response Procedures for the attacks. Coordinate extensively with networking teams to maintain and establish communication with remote Processors.
