Faizan Khan

Experience

• 

  ARI pvt ltd

  Oct 2013 - Oct 2015

  Network Engineer

  Applied Research International Pvt. Ltd. Company worked as a NetworkEngineer.

• 

  ManpowerGroup

  Oct 2015 - Aug 2016

  Executive-IT Network

  Manpower Group India Pvt. Ltd. as an Executive IT Network Engineer

• 

  HCL Technologies

  Nov 2016 - May 2019

  Specialist

  Previous Professional experience:HCL Technologies.Designation: Specialist – SOC L2Assigned to Project: Equinor (Statoil)I was working with HCL’s client Satoil (Equinor) which is a Norwegian multinational energycompany headquartered in Stavanger, Norway. It is a petroleum and wind energy company withoperations in thirty-six countries. By revenue, while under Statoil name, Equinor was rankedby Forbes Magazine (2013) as the world's eleventh largest oil and gas company and the twenty-sixth largest company, regardless of industry, by profit in the world. Show less

• 

  NTT DATA

  Aug 2019 - Aug 2020

  Senior Engineer (SOC-SIEM)

  Responsibilities:• Working on Qradar SIEM tool.• Qradar (SIEM): Device integration, dashboard creation, reports, Usecase, Search queries, finetuning rules etc. Monitoring security Offences.• Monitoring real time security events/Incident for client environments.• Incident analysis, incident response, SIEM monitoring, and other operational tasks in support of technologies managed by the Security Operations Centre• Research and determine the actual problem.• Escalate the issue to correct contacts.• Incident creation using service now and JIRA tool as per the priority of the case.• Read and reply to e-mails.• Answer the Security Operations Center (SOC-CSIRT) phone/chat.• Support the Security Engineers when working to resolve issues.• Create and deliver reports and support for audit requests.• Possibly add and tune rules based on client requestsArsight SIEM: Daily monitoring of Loggers and Connectors with the help of ArcMC (management Console), to check the status of a particular device and its health with the help of events like fatal errors, event drop, storage full, increased cache alerts. Log analysis based on IDS and Endpoint security (SCEP) alerts. Knowledge of Receiver, Forwarder, smart connector, flex connector, ESM etc.IDS : Handling IDS alarms on daily basis and troubleshooting customer environments to fix reported issues. IDS case investigation with the help of SIEM logs.SCEP Antivirus: Monitoring of System Center Endpoint protection, malware detections, updated definitions etc.Palo Alto Firewall: Log analysis with the help of firewall. Rule creation.F5 Load Balancer: Configuration of VIP, dossier, pool, iRules etc.JIRA Tool: Working on IDS cases with the help of alerts registered on JIRA.ServiceNow: For creating Incident and documentation. Show less

• 

  Coforge

  Jan 2021 - Mar 2022

  Senior Associate cyber security services

  SOC L2

• 

  Tata Consultancy Services

  Apr 2022 - Jan 2024

  Cyber Security Analyst

  Security Analyst Cyber Security