M Sandeep Sleeva Raj

Responsibilities ● Worked in a 24x7 Security Operations Center. ● Monitoring the customer network using ArcSight SIEM. ● Act as first level support for all Security Issues. ● Analyzing Realtime security incidents and checking whether its true positive or false positive. ● Performing Real-Time Monitoring, Investigation, Analysis, Reporting and Escalations of Security Events from Multiple log sources. ● Raising true positive incidents to the respective team for further action. ● Creating tickets on service now and assigning it to the respective team and taking the follow-up until closer. ● Escalating the security incidents based on the client's SLA and providing meaningful information related to security incidents by doing in-depth analysis of event payload, providingrecommendations regarding security incidents mitigation which in turn makes the customer business safe and secure. ● Co-ordinate with networking teams to maintain and establish communication to remote ArcSight Connectors ● Installing ArcSight Connectors ● Upgradation of ArcSight Connectors ● Integration of new devices with ArcSight such as Windows, Linux, CISCO Firewall, Routers, Switches etc. ● Doing the troubleshooting if any device is not sending the logs to the ArcSight. ● Creation of ArcSight content like Correlation Rules, Query, Report, Dashboards etc. ● Maintain keen understanding of evolving internet threats to ensure the security of client Networks. ● Troubleshooting SIEM dashboard issues when there are no reports getting generated or no data Available.