Chandana Suresh

• Good experience in Security monitoring & analysis of Security events from heterogeneous Security Devices, Servers, and Databases using ArcSight and other security tools. • Correlated logs from various security devices to identify potential threats/incidents, demonstrating proficiency in log monitoring. • Network designing project which belongs to Telecommunication domain. Network designing by virtualizing networks using equipment’s like ADVA R7, Infinera, Huawei. • Designing networks in a cost efficient and effective manner based on customer requirement.

• 24*7 SOC monitoring including log analysis of the events received from devices (Antivirus, Firewall, APT, Domain Controller, Switch, Router, Proxy Server, and VPN etc) • As a part of daily operations, used to work on the daily health check reports ensuring the tool is running both in Prod and Non-prod environment and everything there is in place. • Coordinated with cyber defence team to perform drills and tabletop exercises to test and improve the incident response plan (pen test and red team activities). • Participated as an escalation point for 24x7 operations support. • Created Automated VA reports for effective vulnerability remediation. • Onboarding assets to VA tools such as Nessus Tenable io and Qualys • Created Customized Vulnerability Assessment report and dashboard as per customer requirement.

• Worked as a Technical lead for multiple clients ensuring the smooth running of day-to-day activities. • Good experience in Log source onboarding and Rule creation in Qradar • Security monitoring & analysis of Security events from heterogeneous Security Devices, Servers, Databases using SIEM tools Qradar, ArcSight, Sentinel and other security tools. • Conducted phishing simulation programs using Microsoft Defender tool to improve employee awareness. • Created SOP and Ransomware playbook documents to improve the incident response process. • Conducted regular vulnerability assessments using industry-standard tools like Qualys and Nessus Tenable io. • Conducted 24/7 monitoring of platform uptime, performing daily health checks on the SIEM infrastructure to guarantee optimal performance. • Successfully handled a diverse range of security incidents, including Email Phishing, Malware alerts, and Recon events. • Enhanced threat intelligence within the Qradar platform by creating rules and identifying Indicators of Compromise (IOC) through rapid searches. • Applied expertise in threat intelligence to evaluate security risks and proposed effective mitigation strategies. • Identify and capture risks due to unavailability of control. • Prioritizing and raising relevant service requests/incidents for actions (blocking, patching, scanning, SIEM threat feed update and historical query etc.) • publishing Summary report to the cyber defense team along with threat, probable impact, action and relevant service requests. • Exposure to Security Tools like Windows Defender for ATP, ArcSight, Sentinel, CDC, ServiceNow, Symantec MSS, Arbor Console, IPS devices etc.