Experience

• 

  Tata consultancy services

  Jun 2019 - Mar 2022

  Worked as a SOC team member which included, but is not limited to:Performing security incident triaging, investigation and reporting.Reporting false positives and fine tuning existing use cases.Preparing and automating weekly KPI reports.Performing threat hunting in customer environment and suggesting use cases based on threat outcomes to strengthen security posture.Building, testing and providing use case logics for deployment.Running searches, both ad-hoc and scheduled, to detect IOCs mentioned in weekly security advisories related to various cybersecurity threats.Doing root cause analysis of security incidents.Preparing technical documents and hosting knowledge sharing sessions for team. Show less Worked as a SOC team member that included but was not limited to:Performing security incident triaging, investigation and reporting.Reporting false positives.Preparing weekly KPI reports.Performing threat hunting in customer environment and presenting the outcomes on a monthly basis.Preparing technical documents that highlight steps to take with respect to an investigation for team.Scheduling monthly vulnerability scans, correlating post scan data and reporting the same to concerned stakeholders. Show less

  • System Engineer

    May 2021 - Mar 2022

  • Assistant System Engineer

    Jun 2019 - Apr 2021
• 

  Cloud software group

  May 2022 - now

  Working as a SOC team member which includes and can be categorised into:  Security Operations:• Performing security incident triaging, investigation and reporting.• Performing root cause analysis of major security incidents by collaborating with other teams.• Preparing dashboards, alerts and scheduled reports for streamlining investigation processes for various alerts.• Creating SOAR playbook prototypes corresponding to detections in the environment.• Preparing technical documents and hosting knowledge sharing sessions for team. Detection Engineering:• Researching detection logics based on various TTPs aligned with MITRE ATT&CK framework.• Creating detection queries, testing and deploying them with related alert SOPs.• Reporting false positives and fine tuning existing use cases. Cyber Threat Hunting:• Hunting for adversarial behaviour by creating hypothesis related to latest cyber attacks and TTPs aligning with various attack frameworks.• Running searches, both ad-hoc and scheduled, to sweep IOCs across the environment. Show less

  • Sr. Security Operations Analyst

    Sept 2023 - now

  • Security Analyst 2

    May 2022 - Aug 2023