Experience

• 

  Tata consultancy services

  Sept 2019 - Nov 2022

  Cyber security analyst

  At TCS, I am Part of the Cyber SOC team responsible for the security of internal networks and systems.• Investigate incidents on various tools like EDR (CrowdStrike), AV, Deception Technology (Attivio,Smokescreen), XDR, Cloud security(Azure) and UEBA• Active involvement in SOAR (Demisto) engineering tasks and maintaining the SOAR (Demisto) platform• Experience in Azure cloud security Protecting data and applications, managing identity and access for users and cloud resources• Based on investigation findings working on blacklisting and whitelisting of IOC and IOA• Creating and refining SIEM (IBM QRadar) rules• Developing automation scripts/workflows within the SOAR platform using Python• Prior hands-on experience doing Phishing analysis, Malware analysis, SIEM log analysis, and Use casecreations• Preemptively detecting unidentified threat vectors (Threat hunting) and applying preventive measures to Mitigate security flaws Show less

• 

  Comcast

  Nov 2022 - now

  Development engineer 2

  As an XSOAR Developer, I am responsible for creating and maintaining playbooks, workflows, and integrations within the xSOAR platform to support security operations and incident response. My key job responsibilities include:Developing custom playbooks and workflows: Responsible for creating custom playbooks and workflows that automate and orchestrate security tasks across multiple tools and systems. This includes designing and implementing integrations with various third-party systems, as well as configuring custom logic and data handling within the xSOAR platform.Collaborating with security teams: Working closely with security teams, including incident response analysts, threat hunters, and vulnerability management teams to understand their needs and develop effective solutions to meet those needs. I also collaborate with cross-functional teams such as IT and operations to ensure that integrations and workflows are aligned with broader business goals.Creating documentation and training materials: I am responsible for creating and maintaining documentation and training materials for playbooks, workflows, and integrations. This includes documenting integration requirements, design specifications, and standard operating procedures (SOPs) to support the effective use and troubleshooting of the xSOAR platform.Continuous improvement: I continuously evaluate and improve playbooks, workflows, and integrations to ensure that they are effective, efficient, and aligned with security best practices. This includes monitoring system performance, identifying areas for improvement, and proactively proposing enhancements or changes to improve overall system effectiveness.Staying up-to-date with security trends: I stay up-to-date with the latest security trends, threats, and technologies to ensure that the xSOAR platform is using the latest and most effective tools and methodologies. Show less