Lokesh K

Worked on automation tools to parse/extract text from documents i.e OCR Had a hands-on-experience on PL/SQL, Microsoft SQL Server and Regular Expression Sharing Daily, Weekly and Monthly reports to the relevant team. Going on a sync call with customers on a weekly basis. Responsible for creating and maintaining various SOP and other documents related to day to day operations

Performing Nmap scan to find vulnerabilities and reporting it to the corresponding team. Analyzing recent security exploits by CVE & CVSS. Based on the analysis, publishing security advisories to the client about the recent security exploits Publishing blog based on exploit in the companies website/LinkedIn profile.

Responsible for Log monitoring, Threat Hunting, Threat Intel and Incident Management. Installing, configuring and troubleshooting ELK stack for log monitoring and analysis. Created alarm alerts and correlation alerts for all the security incidents. Sharing Daily, Weekly and Monthly reports to the relevant team. Creating threat dashboards and custom filters for quick identification of threats. Created various use cases for the enhancement of existing feature and to incorporate the new features. Testing in-house SIEM tool for any vulnerabilities and reporting. Created various SOP's for deploying, monitoring and threat hunting

Continuous monitoring and assess our security posture and implement improvements. Monitoring alerts triggered from SIEM and analyzing logs by taking necessary actions with respect to alerts and remediate the alerts by meeting SLA. Performing Log analysis & investigating the crucial alerts on an immediate basis. Having hands-on experience in working with AWS. Experienced in working with various cloud traffic and logs (AWS, Azure, GCP). Promptly resolve customer tickets and be the first point of contact for customer escalations. Investigating detections/incidents from CrowdStrike EDR and reporting back to the customer with a verdict. Experience in working with Microsoft Sentinel and CrowdStrike EDR/XDR logs. Improving existing use case’s and fine tuning noisy alerts & irrelevant alerts. Creating dashboards for better understanding and visualisation of events. Fine tuning and creating custom correlation rules as per customer environment changes and threat environment. Co-ordination with Research and DevOps team for troubleshooting issues and highlighting them to clients for further resolution and escalation. Responsible to handling/training L1 analysts and new comers. Familiarise with CSPM on AWS and GCP. Experience in handling multiple customer all around the globe. Going on troubleshooting or weekly call with multiple customers. Familiarised with various Threat Intel platforms. Hands on experience in Phishing and Email header analysis. Familiar with Zeek & Suricata by the experience of in-house network packet analyzer tool. Proficiency in Lucene and Data Prime query language, used to investigate incident and to create alerts. Worked with sandboxes “AnyRun”. Strong knowledge and experience in creating PlayBooks for various cloud services, EDR, WAF, Network devices and other popular security services. Exposure to ticketing tool like PagerDuty. Updating security knowledge by taking up various and relevant security certifications.