Swaroop C

Experience

• 

  SOC Experts

  Jun 2022 - Sept 2022

  Security Analyst

  -Good understanding on network concepts and protocols.-Solid knowledge on security concepts and servers like DNS, Active Directory, DHCP.-Good knowledge on Cyber Attacks and Familiar on cyber kill chain frame work.-Understanding on security solutions like Firewall, IPS/IDS,PROXY, Email Gateway ,Web gateway ,Antivirus ,DLP etc-Knowledge on Vulnerability management, Incident response.-Solid Knowledge on SIEM and Splunk components.-Monitoring and analyzing the logs which are triggered and investigate on it.-Gaining good knowledge to perform Phishing Email, Brute force ,Malware analysis.-Efficient knowledge on Splunk tool writing an queries, creating reports and Dashboards. Show less

• 

  Cyber Sainik

  Sept 2022 - now

  Security Analyst Tier 1

  -Monitoring real-time security events generated across the organization by working with SIEM tool (LogRhythm and Microsoft Sentinel) as a part of the 24/7 Global SOC team.-Verify and monitoring status for SIEM LogRhythm components, system monitors and log sources.-Escalating the alarms and incidents to clients by using Autotask CRM and Connectwise Automate.-Handling security incidents, collaborating with shift leads and higher management to resolve issues within defined SLA.-Identifying the Blacklisted IP's/URL's and escalated to L2 for blocking.-Identifying True Positive and False Positive alarm's, working on effective alarm tuning.-Determining of suspicious IOC’s using Opensource Threat Intelligence Platform that need further investigation, developing use cases and rules.-Analysis of Email based threats: Email header analysis and working on Spam/Phishing emails reported by clients, using Mimecast Email Gateway and Microsoft defender.-Worked on CrowdStrike and Microsoft defender to protect enterprise applications and data from breaches and business disruptions without requiring emergency patching.-Managed firewalls like Fortinet and Cisco Meraki to block malicious IP’s and URL’s. -Performing Daily threat hunting by using various open source websites to find newly arrived sophisticated threats and converting those IoC’s into alarms. -Performing Daily SIEM firewall and log review Check, Endpoint Security check and Web console check, IOC check, Crowdstrike check.-Performing the Daily health check of critical Servers, Alarm review and Closed ticket review. -Performing Weekly LR license check (Pro, Lite, Collector) and Weekly website security check. Show less