اكشاي C P

- Threat Detection & Monitoring: Monitored live network and transaction traffic using network monitoring tools to
identify anomalies, suspicious patterns, and potential security incidents in real time.
- Log Analysis: Analyzed server logs (HTTP status codes, error logs, failed handshakes) to perform root-cause
analysis on security events and network timeouts — core L1 SOC function.
- Authentication Security: Implemented and audited OAuth2 token-based authentication and secure webhook
handling to prevent unauthorized data access and identity-based attacks.
- Vulnerability Assessment: Conducted API security testing using Postman, identifying and mitigating OWASP Top
10 vulnerabilities including Broken Object Level Authorization (BOLA).
- Firewall & Access Control: Configured firewall rules and IP whitelisting for secure third-party provider integrations,
reducing attack surface on external-facing endpoints.
- Incident Response: Automated real-time troubleshooting workflows and maintained detailed incident response
documentation and runbooks.
- Encryption Standards: Ensured all data workflows adhered to SSL/TLS encryption and data-at-rest protection
standards.

- Security Testing: Conducted functional, regression, and security-focused penetration testing across enterprise web
applications, identifying XSS, session management flaws, and data leakage vulnerabilities.
- SIEM & Log Monitoring: Monitored system health logs and network traffic during high-load periods to detect and
report unauthorized access attempts and system anomalies.
- Data Integrity & SQL: Performed data integrity audits using SQL queries to verify synchronization between branch
databases and central servers — identifying potential data tampering.
- Network Troubleshooting: Provided L2 technical support for VPN connectivity, DNS resolution, and IP conflict
issues, maintaining high service availability.
- Access Control: Configured and managed User Access Controls adhering to the Principle of Least Privilege
(PoLP) to minimize insider threat risk.
- Bug Tracking: Documented critical security regressions and vulnerabilities in JIRA, coordinating with developers for
rapid remediation.