SuchitAher

Manage client escalations, team management, co-ordinate with different vendors ▪ Provided admin level SIEM solution support of HP ArcSight 5.0 Managing logs and Security Incidents ▪ URL Blocking for ISP Fortigate Firewall Responding Antiabuse ▪ Managing Admin level Arbor Peakflow device ▪ Responsible for critical response and mitigations of DoS and DDoS attacks ▪ Monitoring customer’s Managed Object, creating and updating same as per clients need ▪ adding new devices such as routers to Arbor and prepare various reports

Worked for client BNP Paribas Bank's Global SOC as SME ▪ Team member of CSIRT team of Bank (Cyber security incident response team) ▪ SPOC for Security Incidents ▪ Act in first line of detection and action in incident response procedures including IOC discovery, Blocking them on perimeter, coordinate with different vendors for ready defense ▪ Providing Support of SIEM HP Arcsight 6.08c ▪ Handling Security Incidents from all over Asian countries covering malware, proxy, firewall, IPS etc critical security Infrastructure, content writing e.g. report creation, query creation, rule writing, dashboard etc.

Working for client Alstom Transport as Cyber Security Specialist ▪ Providing Support of SIEM HP Arcsight 6.08c and IBM Qradar security intelligence. ▪ Handling Security Incidents end to end as primary analyst from ransomware like wannacry, petya, SyncCrypt to phishing emails ▪ try to find pattern in incidents and recommend policies based on it, co-ordinate with different vendors team to harden defences.

End Point Security – Deploying Smokescreen deception technology, Fireeye AntiAPT policy administration, Security Incident management for endpoint user assets • End User Computing – Sox compliance sustenance for file based system • PCI DSS Sustenance • Incident management, third party vendor management