Chetan H

Monitored and evaluated security threats and risks to the organization’s information systems and took appropriate action to mitigate or resolve the issues. Worked on the development of Splunk Dashboards with multiple dynamic drilldowns, reports, and alerts. Participated in Security Operations Center (SOC) construction from inception to completion. Knowledge of relevant frameworks, standards, and best practices such as NIST, PCI-DSS, CIS, MITRE, Cyber Kill Chain, TTPs etc. Developed operational reports for KPIs; weekly and monthly metrics.

Convinced non-technical stakeholders of the vital role of a SIEM. Worked on Vulnerability Management & Patch Management using Puppet Configuration of Splunk, and Azure Sentinel Capability to create small automation scripts and ad hoc tools (Python, PowerShell, and Bash, etc.). During the SOAR management process, significantly contributed to the development of Playbook and UseCase (Logic Apps and Cortex) Handling of Advisory Emails from CSIS and updating to concerned stakeholders. Collaborator in the complete incident response management process . Participated in the incident management process of detection, reporting, and assessment Capabilities such as malware analysis, threat detection, dark web monitoring, and security blogging. Participated in SIEM configuration management

Analysed data from security events to identify security incidents and trends in EDR and SIEM Solutions Played the pivotal role of Shift Leader. Identifying potential threats and ensuring the security of network systems using the SIEM (Microsoft Sentinel) tool. Worked on Configuration SIEM, Use Cases Assessing the health of the SIEM (Azure Sentinel) monitoring console every day and reporting any issues to L3. Individually managed a wide variety of global customers and been SPOC Managed customer SLAs for incident management and reporting in real-time. Investigating the source code of the Phishing/SPAM emails and blocking the Malicious Websites with the help of an email security gateway. Worked on EDR tools such as Defender 365, CrowdStrike, and Carbon Black. Created and enhanced SOPs and technical guides.