Senior Specialist
HCL
(Sonstiges, 5000-10.000 Mitarbeiter)
Schlagwörter
Skills
A result oriented professional with 5 plus relevant experience as a Sr. Information Security Engineer into SIEM administration, monitoring and Investigation and integration of windows, firewall, proxy, Anti-virus, Linux and IDS devices with SIEM Appliances and creating/adding new use cases for SOC operations and as well as investigating offenses/alerts by raising & analyzing security incidents and formulate incident reports.
A thorough professional with profound knowledge of this field and ability to assimilate the skills for the better results with positive attitude and goal-oriented approach.
SIEM Administration experience with IBM Qradar and RSA Security Analytics (RSA Envision)
Security Events and Logs monitoring, analysis and optimization Through RSA SECURITY ANALYTICS, IBM QRADAR, CISCO Sourcefire IPS, FireEye, McAfee Web Gateway, McAfee Web Reporter, McAfee EPO (Epolicy Orchestrator), Crowd Strike, Symantec Endpoint Protection.
Experience on Endpoint security tools using Crowd Strike and Symantec endpoint protection.
Experience on Vulnerability Management using Crowd Strike Spotlight and Qualys Guard.
Experience on O365 Security & Compliance, Exchange and Azure AD
Hands-on experience in OWASP top10 web application vulnerabilities
Web Application Hacking and Cross Site Scripting, SQL Injection following OWASP Framework
Automated Vulnerability Assessment of Web Applications using Web Inspect.
Vulnerability Assessment of Network using Nmap and Nessus
Experience in SERVICE NOW Ticketing Tool
A thorough professional with profound knowledge of this field and ability to assimilate the skills for the better results with positive attitude and goal-oriented approach.
SIEM Administration experience with IBM Qradar and RSA Security Analytics (RSA Envision)
Security Events and Logs monitoring, analysis and optimization Through RSA SECURITY ANALYTICS, IBM QRADAR, CISCO Sourcefire IPS, FireEye, McAfee Web Gateway, McAfee Web Reporter, McAfee EPO (Epolicy Orchestrator), Crowd Strike, Symantec Endpoint Protection.
Experience on Endpoint security tools using Crowd Strike and Symantec endpoint protection.
Experience on Vulnerability Management using Crowd Strike Spotlight and Qualys Guard.
Experience on O365 Security & Compliance, Exchange and Azure AD
Hands-on experience in OWASP top10 web application vulnerabilities
Web Application Hacking and Cross Site Scripting, SQL Injection following OWASP Framework
Automated Vulnerability Assessment of Web Applications using Web Inspect.
Vulnerability Assessment of Network using Nmap and Nessus
Experience in SERVICE NOW Ticketing Tool
Projekthistorie
10/2017
-
05/2019
- Integrating of Devices like windows, Linux, Firewall, Proxy, Anti-virus & IDS/IPS etc.
- Troubleshooting of RSA SA on integration perspective.
- Creating/Adding use cases/alerts and fine tuning them.
- Installed virtual hosts for RSA SIEM log collector, decoder, concentrator, Archiver, Event stream analysis server and security analytics server.
- Installed and integrated all RSA SIEM components with SA head unit server.
- Created Host memory monitoring policies for all SIEM components.
- Helping the team in analysis on SIEM incidents.
- Working on phishing incidents & malware threats and block the users from visiting malicious websites Phishing, Key loggers, Spyware, Bots etc. as per the customer polices.
- Training new team members on the products, tools & creating SOP’s related to technical documentations.
- Monitoring offenses using Qradar and analyze incidents, various logs from various devices and report the same and create incidents.
- Vulnerability Management (Qualys)
- Providing Advisories to the clients, providing recommendations based on the advisories to the clients
- Suggest to fine-tuning the rules, dashboards and reports
- Proactively Block users from visiting Malicious Websites Phishing, Key loggers, Spyware, Bots etc.) As per the customer polices.
- Worked on malicious alerts and threats and eradicated the virus using the SEPM scan.
- Preparing weekly and monthly reports of alerts and provide the same to client as per their request.
05/2015
-
09/2017
Information security engineer.Sr
FIS
(Sonstiges, 1000-5000 Mitarbeiter)
- Monitoring and identifying any suspicious Security Events or procedural errors using the RSA Analytics console and escalate such events
- Performing a real-time monitoring, investigation, analysis, reporting and escalations of security events from multiple sources including Firewall logs, Proxy Logs, End point logs with the help of RSA Analytics
- Escalate to the L3’s and collaborate with any other support or dependency groups in case necessary for the quick and efficient incident resolution
- Responsible for analysis and reporting of FireEye events, Intrusion Events, compromise Threats, Vulnerabilities, Malware Events, IOCs & Network Intelligence
- Monitored source user activity, normally helped to identify exact machine which is infected
- Worked on service now tool for incident creation and Submitted Incident weekly reports to client.
- Preparation of incident reports with the help of RSA Security Analytics, Sourcefire IPS, FireEye, MacAfee Web Gateway, MacAfee EPO (E Policy Orchestrator)
- Provided KTs to new joiners on the products, tools & processes.
Reisebereitschaft
Verfügbar in den Ländern
Indien
