DHATCHINAMOORTHY PERIYANNAN

Monitoring & analysing of security events using SIEM tool using Sentinel SIEM. • Good knowledge in networking concepts including OSI layers, subnet, TCP/IP ports, DNS, DHCP. • Good knowledge in Firewall and analysing traffic, inbound and outbound connection. • Analysing, Monitoring, Preventing in Endpoint using Crowdstrike EDR, Sophos EP, Microsoft MDR, SentinelOne, • Analysing & Identifying Host Based Indicators, Network Based Indicators. • Sandbox knowledge MX Toolbox Sandboxing, Hybrid Analysis. • Knowledge in Azure Sentinel Log Analytics. • Knowledge in Microsoft Defender – Endpoint, Email • Knowledge in Malware analysis. • Real time monitoring for Network security components and devices such as Firewall, Routers, System Application, Windows devices, Web servers. • Manage 24*7 operations at SOC including event monitoring, incident detection, tracking and analysing on real time basis, report generation. • Create Log monitor report on daily, weekly, monthly basis to maintain strict SLA adherence.. • Threat management using the Sophos EP and scanning the End user workstation Based on the events triggered from the SIEM tools. • Analysing and reporting breaches, attacks, malicious activities, unauthorized accesses of company assets using Sentinel SIEM tool in compliance with Federal standards. • Monitoring the raw logs as well as alerts triggered in SIEM tools integrated with various devices like IDS, ISS, CISCO AND CHECKPOINT FIREWALLS, SWITCHES and ROUTERS, CISCO ACS etc. and making sure all the company assets are not vulnerable to attacks. • Identifying unauthorized usage/access on windows machines using Syslog. • Monitoring the proxy & antivirus logs and making sure all the company assets are free from malware