Ashutosh Rajput

Responsible for monitoring the cloud SOC environment.
 Analyze, validate, and mitigate incidents and alerts triggered by SIEM solution Splunk.
 work in compliance with HIPPA
 Analysis and creation of SOP for Phishing mail for internal Environment.
 Remediating notable within SLA (Service Level Agreement).
 Giving suggestions for Splunk Use case and tunning.
 Creation of SOP for various alerts/Notables triggered by CrowdStrike, Splunk, Symantec Endpoint, Azure identity protection.
 Provide Incident Response (IR) support when analysis confirms the actionable incident and Help CSIRT (Computer Security Incident Response Team) in creating an incident report.
 Creating Basic security policies for the company.
 Investigate incident, remediation, and follow-up for incidents.
 Create and maintain information reports for key performance indicators and weekly and monthly metrics.

Responsible for working 24x7 SOC environment.
 Responsible for network security events and take appropriate steps Based on SOP’s (Standard Operation Procedure).
 Work as a part of a growing team, to disseminate information to others-which make us continually improve.
 Coordination with the network team to ensure an effective and efficient process.
 Observe security solutions, SIEMs, firewall appliances, intrusion prevention systems, analysis tools, log aggregation tools.
 Technical analysis of network activity monitors and evaluates network flow.
 Provide real-time guidance to customers on network configuration, security settings, and policies, and attack mitigation procedures.
 Detect incident by monitoring the SIEM console, rules, reports, and dashboards.
 Remediating the incident if possible, otherwise, will gather information then raise a ticket and write the description then escalate to the next level.
 Assisting l2 team for fine-tuning of reports.
 Responsible for shift handovers.