K. BHARATH KUMAR

Monitoring the incoming security alerts in Azure sentinel, Splunk & Qradar.  Working in Offshore SOC team. Monitoring of SOC events, detecting and preventing the Intrusion attempts.  Ad hoc report for various event sources customized reports and scheduled reports as per requirements.  Collecting the logs of all the network devices and analyze the logs to find the suspicious activities. Investigate the security logs, mitigation strategies and Responsible for preparing generic security incident report.  Handling Alerts from multiple Security Log sources such as Proxy, Anti-Virus and EDR Deep dive Investigation through Falcon EDR.  Monitoring, analyzing and responding to infrastructure threats and vulnerabilities. Phishing and Spam Email Analysis  Investigate the security logs, mitigation strategies and responsible for preparing generic security incident reports.  Responsible to preparing the root cause analysis reports based on the analysis. Analyzing daily, weekly and monthly reports.  Creating case for the suspicious issue and forwarding it to Onsite SOC team for further investigation. Website Anti-Malware and Defacement monitoring and real-time alerting based on anomalies detected. Troubleshooting SIEM dashboard issues when there are no reports getting generated or no data available.  Analyzing daily, weekly and monthly reports.  Monitoring of SOC events, detecting and preventing the Intrusion attempts. Investigating the events based on particular criteria by creating an Active Channel. Handling the failed logins issues from the different systems.  Handling the different issues like Phishing, Spam and Malicious email. Using Service now to handle & track al kind of incidents.  Working on security related threats and Incidents.  Coordinates with all the teams to Mitigate/Remediate the issue. 24/7 rotating shift