HARISH GS

Monitoring of Multiple Security Incidents using SIEM tool- Splunk ES. Real time log monitoring of network traffic, intrusion/malware events and devicehealth checkup in IPS/IDS. Experience working in 24/7 SOC with strong focus on meeting agreed SLAs. Strong understanding of MITRE ATT&CK, cyber Kill Chain, Incident Managementand Networking principles. Knowledge of IT Networking / Network Security (Firewalls, IDS/IPS, WAF,Loadbalanders, Storage). Understanding of protocols like TCP/IP, SNMP, DHCP, DNS, HTTP, HTTPS, ARP,SMTP, etc. Solid understanding of the Cyber Incident Response Process & Life Cycle. knowledge of security monitoring tools such as SIEM, IDS/IPS, EDR/XDR, & EmailSecurity Solutions, Basic Networking concept. Worked on Splunk, MS 365 Defender, Palo Alto and other End-point Detection Response (EDR) tools.