Prayagraj Kashyap

Experience

• 

  Bharat Sanchar Nigam Limited RTTC

  Jun 2018 - Jun 2018

  Internship in Information Technology

  Two weeks vocational Training at Regional Telecom Training Center, BSNL, Nagpur

• 

  ZetaMods

  Jan 2019 - Mar 2019

  Freelance Blogger

  - Worked with ZetaMods (formerly Known as Themefoxx.com) - Posted 4/5 Blogs successfully on various technical topics focused on Android user experience enhancement under Mr. Srivishnu Ramakrishnan.

• 

  Accenture in India

  Aug 2021 - Aug 2024

  - Completed the TechLeap program by Tech-expressway Academy.- Received promotion as Security Delivery Analyst and recognition for delivering Client Value.- Expanded skillset in SIEM (e.g., Sentinel), IAM, and Endpoint Security (e.g., Cortex XSOAR).- Leveraged expertise as a Shared SOC L1 resource to provide comprehensive support across Security Operations, Identity & Access Management, Endpoint Security, and Network Security teams.- Reduced security risk by proactively identifying and mitigating potential threats through log analysis.- Improved security posture by identifying and remediating previously undetected anomalies.- Enhanced threat detection capabilities by uncovering hidden patterns and trends in security logs.- Streamlined security operations: 1. Reduced false positives by 30% through effective tuning of SIEM use cases. 2. Mitigated endpoint threats by investigating Microsoft Defender alerts and incidents to eliminate adware and PUAs (Potentially Unwanted Applications).- Managed alerts and incidents across various tools: 1. Sentinel for general security monitoring 2. Cortex XSOAR for phishing investigations 3. Threat Intel for blocking malicious indicators 4. ServiceNow for incident resolution and user requests Show less - Thrived as a Tier-1 Security Incident and Event Management (SIEM) Analyst supporting a financial client.- Leveraged Splunk expertise to analyze security alerts and events, effectively identifying and prioritizing potential threats.- Utilized ServiceNow for streamlined incident tracking and resolution, ensuring timely communication and remediation.- Demonstrated strong investigative skills by efficiently determining the root cause and nature of security alerts.- Proficient in advanced security consoles including Tanium, Palo Alto Networks - Panorama, and Qualys, enabling comprehensive threat assessment and investigation.- Raised bug requests for tuning the use-cases of SOC Operations and achieved effective drill-down searches- Requested for Whitelisting of Domains with the Content Management Team and obtained the reduction of upto 20% in false positive alerts Show less

  • Security Delivery Analyst

    Dec 2022 - Aug 2024

  • Security Delivery Associate

    Oct 2021 - Nov 2022

  • Application Development Associate

    Aug 2021 - Oct 2021
• 

  PwC India

  Sept 2024 - now

  Incident Response Specialist

  - Led Monitoring and incident response for business-critical systems, conducting thorough root cause analysis (RCA) and implementing remediation plans to minimize downtime and data loss.- Managed SIEM/EDR/IPS/IDS solutions within SOC environment, proactively monitoring and analyzing network and endpoint security events for anomalies and threats.- Monitored Email-Phishing mailbox and mitigated risks for immediate Phishing mails delivered and ensuring ZERO risks from the clickers.- Performed static and dynamic malware analysis, including reverse engineering of malicious code, to understand threat behaviors and develop effective mitigation strategies.- Engaged the digital forensic team for investigations, adhering to strict chain of custody and evidence handling best practices, to identify and preserve critical evidence for legal and internal investigations.- Analyzed Windows and Linux system event logs and artifacts to identify and correlate malicious activity, including unauthorized access, privilege escalation, and data exfiltration.- Identified and exploited web application vulnerabilities, demonstrating a strong understanding of OWASP Top 10 and common attack TTPs, to assess security posture and recommend remediation.- Performed live network assessments using Wireshark and other packet capture and analysis tools to identify malicious network traffic and anomalous communication patterns.- Communicated complex incident findings and security Recommendations to technical and non-technical stakeholders, providing clear and concise reports, presentations, and dashboards.- Enhance the False-positive detection of 3 SIEM and 1 EDR recurring use-case eliminating the redundancy of L1 work over 20% daily.- Assisted with the feedback for the integration of in-house solution for blocking the critical IPs and Domain in Realtime over Firewall. Show less