Abdul Razakh

Experience

• 

  NSEIT LIMITED

  Jun 2019 - Apr 2020

  Technical Supervisor

  As a Technical Supervisor I have worked in completely networking domain. with the team I have to connect more than 100 systems to single network and sharing drives, assigning ip to each systems, crimping of lan, installation of operating systems like windows, Linux, Ubuntu, etc.., and also softwares and anti virus applications to be installed and ensure it is updated.

• 

  IDC Technologies, Inc.

  Jan 2021 - Jun 2022

  Endpoint Engineer

  As a Endpoint Engineer My Day to day activities are E-mail investigation using OSINT tools , monitor network activities, RTR operations, and user authentication related issues and password management.

• 

  Deloitte

  Jun 2022 - May 2023

  • Associate solution advisor

    Jun 2022 - May 2023

  • Associate Solution advisor

    Jun 2022 - May 2023
• 

  ECI

  Aug 2023 - now

  Security Operations Center Analyst

  24/7 eyes on glass monitoring security events generated from different security devices, assigning incidents, investigating the alerts by referring play book, finding root cause of alerts, fine tuning if possible or closing FP alerts, Escalating true positive alerts and following with clients and other teams to check remediation status of alerts, Apart from this handling ad-hoc requests like (Missing client emails, not able to access website, Redirecting external emails to particular internal user mail box, Whitelisting URL's etc)Additionally, Raising support cases to Cisco Umbrella/ Talos/ Proofpoint for recategarization of websites/Domains.Also handled DLP requests like USB removable media access, Google drive upload access.Siem: ELK And Google Chronicle EDR : SentinelOne and Crowdstrike (Admin level access) Proxy Tool: Cisco Umbrella DLP: Cyberheaven Azure ADProofpoint (Admin level access)Threat hunting, Blocking Ioc's in respective Devices. Resolving incidents, phishing emails to ad_hoc requests of clients. Show less