Rajshekar Vijay Raghavan

Conducted meetings with customer stakeholders to comprehensively comprehend their existing utilization of security tools and ascertain their objectives for incorporating threat intelligence and implementing automation. Oversaw the complete life cycle of SOAR operations, effectively overseeing and coordinating all aspects of the process. Maintained regular communication with internal and external stakeholders, delivering project updates and insuring ongoing transparency. Developed tailored playbooks and automation routines based on specific business and customer prerequisites. Offered professional guidance and recommendations to clients and internal users on optimal practices for SOC automation.

+ Led fhe design and implementation of a centralized SIEM solution using IBM
QRadar, integrafing diverse log sources across the enterprise.
+ Developed and maintained a 3-year security technology roadmap, aligning
cybersecurity inifiatives with business objectives and emerging threats.
+ Developed custom use cases and correlation rules in QRador fo address
specific security requirements and compliance needs.
« Implemented Sigma rules for standardized threat detection across multiple
SIEM platforms, improving consistency and reducing false positives.
« Utilized threat emulation techniques fo simulate advanced persistent threats
(APTS) and validate the effectiveness of security contro.
+ Established a robust security monitoring framework for cloud environments,
including Azure and AWS, using native and third-party SIEM connectors.

Oversaw and managed all high priority and Critical Security Incidents, ensuring end-to-end incident management. Managed Splunk SIEM and Demisto XSOAR on the Microsoft Azure platform. Developed and optimized detection rules to identify intrusion or insider malicious activity using EDR, NIDS, AV, FW, Windows events, and other sources. Led and participated in the evaluation and proof-of-concept of security tools and technologies in alignment with the security roadmap. Integrated various devices/services, including Cisco Stealth-Watch, AWS Guard-Duty, TrendMicro Apex One, Cybereason, Tipping-point, Zscaler, PaloAlto, with Splunk or Demisto based on specific requirements. Handled escalations and resolved issues related to security technologies/tools on a global scale, contributing to the expertise of the global SOC L3/Experts team in areas such as Threat Hunting,
WORK EXPERIENCE

Forensic Analysis, IPS, EDR, DLP, etc.

+ Led and mentored a team of 34 engineers, demonsirating sirong leadership
and project management skills in overseeing SIEM operations and incident
response activities
« Engineered and deployed custom use cases and playbooks on Splunk SIEM
and Demisto XSOAR, enhancing Security Operations efficiency.
+ Developed and maintained Sigma rules for detecting emerging threats,
ensuring adaptability across different SIEM platforms.
+ Conducted thorough log and event analysis, delivering fhreat analysis
reports and sirategic insights to stakeholders.
+ Conducted large-scale data analysis on terabytes of log data to identify
patterns, anomalies, and potential security threats across the enterprise
network.
« Analyzed security incidents post-resolution, identifying areas for improvement
in both technical controls and incident response processes.

Resolved complex technical issues and escalated support cases to achieve a 95% customer satisfaction rating, contributing to increased customer retention and loyalty. Led a team of junior support engineers in analyzing and troubleshooting software and hardware problems, resulting in a 50% reduction in average resolution time. Developed and implemented a comprehensive training program for new support engineers, resulting in improved knowledge transfer and reduced onboarding time by 30%. Collaborated with cross-functional teams to identify and resolve product defects, resulting in a 20% decrease in bug reports and enhanced product quality.

+ Configured and maintained firewalls, IDS/IPS, and other security controls to
protect the organizations network and systems
+ Monitored network fraffic and identified malicious activity. resulting in the
successful containment of a major attack
+ Managed incident response activities during crifical security events,
effectively containing threats and minimizing damage fo systems and data

Conducted comprehensive vulnerability assessments and penetration testing on critical systems, resulting in the identification and remediation of numerous high-risk vulnerabilities, effectively minimizing the potential for cyber-attacks. Developed and implemented vulnerability management programs, including the establishment of vulnerability scanning procedures, which significantly enhanced the organizations ability to proactively identify and mitigate potential security threats. Collaborated with cross-functional teams to assess and prioritize vulnerabilities based on their potential impact, ensuring that limited resources were allocated effectively to address the most critical security risks. Designed and executed vulnerability remediation plans, coordinating with system administrators and stakeholders to apply patches and implement security measures, resulting in a significant reduction in overall vulnerability exposure.

« Analyzed network traffic to identify malicious activity, such as malware,
phishing, and other cyber threats
+ Monitored and responded to security incidents, ensuring that all security
threats were mitigated and appropriate countermeasures were taken
« Configured and maintained firewalls fo ensure the security of the corporate
network

Developed and enforced advanced threat detection system, resulting in a significant decrease in the number of successful cyber attacks against the organization. Conducted regular vulnerability assessments and penetration testing to identify and remediate security gaps, resulting in a 20% improvement in overall network security. Led incident response efforts, effectively containing and mitigating cyber threats, minimizing downtime and financial loss. Provided expert advice and guidance to executive management on emerging cyber threats and recommended proactive security measures, resulting in the successful implementation of a robust security framework.

Led the implementation and deployment of Microsoft UAG and Network Security Solutions to protect valuable data and services Installed and provided comprehensive support for Microsoft UAG Servers, maintaining their continuous availability Installed and commissioned Checkpoint R75.40 and Cisco ASA, ensuring seamless network security operations Conducted low level and high level designs for migration projects, ensuring smooth transitions Expertly resolved McAfee Endpoint Protection issues on client machines, optimizing performance Regularly monitored and updated DAT versions to ensure current security measures Effectively managed escalations in daily operations and projects, insuring prompt issue resolution

+ Installed and configured firewalls and anti-virus software to improve network
security
+ Developed and maintained a secure network and computer systems,
ensuring data protection and security
+ Configured and maintained firewalls, IDS/IPS, and other security controls to
protect the organizations network and systems.
+ Collaborated with cross-functional teams fo identify areas of improvement,
leading fo increased operational effectiveness
« Analyzed data fo identify root causes of problems and recommend
corrective actions

Demonstrated expertise in troubleshooting various network printers and printer-related software, ensuring seamless operations. Promoted to NPSQ (New Products Specific Queue) with responsibility for resolving issues with newly manufactured devices, achieving a high rate of First Contact Resolution (FCR). Elevated to Level 2 Support member within the same process, effectively managing escalated client and user concerns. Handled client and user escalations with utmost professionalism, providing prompt resolutions and ensuring customer satisfaction.