SOWNDHARYA C

Working in a 24x7 Security Operation Center in a shared model Actively responds to incident and works till closure Performs proactive monitoring, investigating, and mitigation of security events using SIEM, AV, EDR, VM tools Handling various security incidents SIEM tools(Splunk, Microsoft sentinel) Experience in phising email analysis using Proof Point protection Experience in handling Endpoint Detection tool(Microsoft Defender for Endpoint - MDE), analysing and mitigating the threat Experience in handling proxy tool, Cisco umbrella Performing vulnerability scanning, creating and analysing report, and explaining it to the stakeholders. Following up till the mitigation Identify and Review the Indicator of compromise (IPs, Domains, Hashes) using open source tools and recommend proper blocking based on analysis Usecase creation and fine-tuning based on the environment Worked on Runbook creation for usecases and managing AV compliances and splunk compliance