it analyst
Tata Consultancy Services
Total years of experience :9 years, 4 Months
working as a McAfee ePolicy Orchestrator administrator and managing DLP incident management and Microsoft Defender and Phishing Email.
Roles and Responsibilities
•Collecting, analyzing, and preserving the evidence related to incidents.
•Responsible for monitoring and analyzing information security events to ensure a consistent.
•Defining use cases and creating custom correlation rule, alerts as per organization network architecture.
•Fine tuning the rules and reports as per the customer requirements.
•Creation of reports queries and filter for the events that are generated in Qradar tool on the basis of severity and priority of the events. Ensure application availability and SLA adherence.
•Performing daily event monitoring and investigating incidents. Raise incident call based on the analysis of the daily reports, real time alerts and monitoring dashboard.
•Review security - related events, assessing risk and validity, as well as reporting.
•Hands on experience in upgrading McAfee ePO server from 5.3.x to 5.9.x and the endpoint products upgradation to the latest version.
•Hands on experience in upgrading McAfee ePO server platform OS version from 2008 R2 to 2012 R2 and 2016 Hands on experience in upgrading the McAfee products like Agent, VSE and ENS in overall environment.
•Responsible for maintaining 4000+ server and 65000+ nodes are getting DAT/AMcore updated daily.
•Performing Daily Health check on ePO servers, troubleshooting master repository update issues & Manual check-in if required.
•Managing the Endpoint security solutions with McAfee (Agent, AV, VSE) as per the requirement and present state of the security in the client environment.
•Extensively working on Critical escalation and being the Point of contact for customers for any critical issues on Virus infections, Firewall (HIPS) related issues.
•Handling Azure cloud endpoint server from on-premises McAfee ePO.
•Performing compliance check on reporting systems, remediate the non-complaint systems.
•Installation, configuration and maintaining of McAfee ePO server, Repositories and Agent Handlers.
•Responsible for policy configuration, exclusions requests from within the team and from the end users.
•Troubleshooting endpoint products related issues like high CPU usage by VSE.
•Troubleshooting endpoint products related issues and compliance issues like DAT/AMCore update failed etc.
•Performing On-demand system security scans for servers & end-points.
•Responsible to coordinate with vendor to get Extra.DAT for any new virus related IOC's and to perform a pilot testing in test environment then rolling out on production.
•Creating task for automated report to the respective stakeholder as per the requirement from ePO Console.
•Extensively working on Critical escalation and being the Point of contact for customers for any critical issues on Virus infections.
•Participating the CAB meeting to approve the CR before implement.
•Handling Problem incidents, SR & CR as per ITIL process.
•Generating and submitting the Daily, Weekly and Monthly DAT/Threat compliance reports.
•Maintaining SLA compliance level 100% for Servers.
•Perform RCA on tickets which did not meet the SLA or a Problem or a high priority ticket.
•Manage regular meetings with IT representatives to discuss security issues, concerns and solutions.
•Create change records using ServiceNow for all changes made to endpoints.
•Document and evaluate security issues and their workarounds or solutions using Service Now incidents.
•Handling 24/7 on call mobile support for high priority Ticket & escalations as a Single Point of Contact.
•Represent CAB meetings on behalf of team
Roles and Responsibilities:
•Monitoring McAfee ePO console and generate report for anti-virus DAT file update.
•Share the generated Antivirus DAT compliance file with team members.
•Works with operational security team to manage perimeter platforms in day to day operations as well as upgrades, patching, replacements, and new deployments.
•Ensure all systems are updated with latest Antivirus DAT file to keep network free from virus & threats.
•Troubleshoot the problem, if any Malware DAT is not updated and agent is corrupted in workstations.
•Manual virus removal from a Workstation if virus cannot be removed from Console level.
•Manage McAfee ePO console and Antivirus software for enterprise customers.
•Installing McAfee Agent on Server and Workstation.
•Installing Virus Scan Enterprise on Server and workstations.
•Configuring DLP rules in McAfee ePO console.
•Configuring Virus scan Enterprise policies on the servers.
•Installation Active Directory & Creation and Managing User Accounts in Active Directory Services and Additional Domain.
•Extensive experience in user account creation, deletion and configuration.
•Installation and configuration of network Printer.
•Responsible for responding to customer calls on hardware issues.
•Installing, configuring administration of Windows 2008 &2012 Server.
•Configuring DNS, DHCP Servers.
•Sharing, Securing Accessing Files and Folders.
•File, Printer, Internet sharing (Win-Proxy, Win2000 / ME / XP).
•Install, Implement and Maintain Win2000/Win 2003/Win 2008.
•Creating Users, Groups, Organizational Units.
•Responsible for hardware installation, testing and troubleshooting
Rolese and Responsibilities:
•Addressing queries in configuring DNS, DHCP Servers.
•Administration of Windows Server version-2003, 2008 and 2011-SBS and 2012 including Active Directory services, Group policy management.
•Responsibility for data security and Trend antivirus server configuration & maintenance Analyzing system logs and identifying potential issues with computer systems.
•Performing file server backups in regular intervals (Daily/Weekly/Monthly).
•Adding, removing, or updating user account information, resetting passwords