Shekar Azmeera
About Candidate
| Overall 1+ Years of relevant experience as a SOC Analyst, SIEM, Information Security, and Cyber Security. Cyber Security Analyst with Proficient, Through Experience and good understanding of Information Technology. Experienced in network monitoring, Identifying and analyzing suspicious Events and alerts. Manage 24×7 operations at SOC, including eventmonitoring, incident detection, tracking and analyzing on a real-time basis, and report generation. Real-time monitoring of Network Security components and devices such as Firewall, Routers,System Applications, Windows devices,UNIX devices,and Webservers. Recommend improvements in security systems and procedures. Create Log monitoring reports on a daily, weekly, and monthly basis in order to maintain strictSLA adherence. Investigating and creating case for the security threats and forwarding it Respective team to take necessary action. Quickly learned new skills and applied them to daily tasks, improving efficiency and productivity. Carried out day-day-day duties accurately and efficiently. Performing End – End SIEM Implementation (Q Radar) as per the client’s requirement on premise and over the cloud. Good knowledge on networking concepts including OSI layers, subnet, TCP/IP, ports, DNS, DHCP etc. Good understanding of security solutions like Anti-virus, DLP, proxy, Firewall, IPS, Email Security etc. Building Security Strategy, Planning and developing policies. Knowledge on Other SIEM’S Like Q Radar, Splunk Azure Sentinel. Working with Incident Response Team and SOC for effective detection, analysis and Remediation’s of attacks, as well as researching Potential IOCs and linking to Intelligence. Implementing Complex Use Cases as per Client’s requirement and latest attack trends. Experience on Malware attacks and Phishing attacks. Good understanding of security solutions like Firewalls (Palo Alto, checkpoint, Fortinet, Cyberoam), DLP, Anti- virus, IPS, Email Security etc. Preparing daily, weekly and monthly report as per client requirement. |
Education
Work & Experience
Responsibilities: Have Close monitoring incidents & giving clearance to relieving employee to ensure Data Security Log Analysis Email Analysis and deep investigation reports Monitor SIEM alerts, analyze events in SIEM and raise Security incidents in Ticketing Tool Service Now Monitoring security systems and networks for anomalies. Investigating security violations, attempts to gain unauthorized access, virus infections, etc. Coordinate responses to security incidents in a timely manner. Working on O365 Cloud App and Azure Active Directory Work with various teams across the organization to improve security posture. Exposure to Documentation and Reporting Creation of reports and dashboards and rules. Maintain & Document the application support strategy. Coordinate with network team, platform team, Firewall team, application team to complete the task. Hands on experience in SIEM Platform (QRadar, Splunk and Azure Sentinel) Review of SOC incidents, remediation, SLA Good Knowledge on Splunk Enterprise for log collection and Data Analytics. QRadar Administration, QRadar upgrades and patching, Active management of Log source Health, EPS license and System performance. Performing Real-Time Monitoring, Investigation, Analysis, Reporting and Escalations of Security Events from Multiple log sources. Implementation and managing of Q Radar applications. Use case creation, Fine tuning, and Use case gap assessments Responsible for Weekly, Monthly and Quarterly Customer calls, Governance calls, and account management Enhancement to SOC operation, Tracking operational issues, risks.
