Security Engineer
MEEZA
Total years of experience :8 years, 6 Months
SIEM, SOAR and Vulnerability Assessment.
Splunk SIEM / SOAR
▪ Design and implement SOAR Playbooks and automate Alert Responses with Splunk Phantom
▪ Administration, Engineering and deployment of SIEM solution Splunk.
▪ Develop Splunk Apps.
▪ Develop Interactive & Dynamic Dashboards in Splunk.
▪ Perform GAP analysis on existing SIEM deployments and report.
▪ Provide consultation during the remediation phase after GAP analysis.
▪ Reviewing log sources and rule review.
Security Incident analysis to remove false positives, escalation and follow-up for closure.
Log hunting and developing Use Cases for emerging threats.
Writing correlation rules in SIEM on Use Cases developed.
Define ‘Automated Reports’ to group and summarize logs for later review and action.
Integrating new devices with SIEM to collect real time logs.
Troubleshooting log source devices for any issues on log collection.
Collecting actionable threat intelligence and hunt for threats.
Update the SIEM knowledge base with latest IOCs.
Respond to ad-hoc requests from customer in scope of security.
Administration and deployment of SIEM solution IBM QRadar.
Integrating device logs with IBM QRadar.
Creating Correlation Rules, Dashboards & Scheduled Reports.
Writing custom DSM parsers for unsupported log formats.
Upgrade/patching of SIEM tool IBM QRadar.
Update knowledge base in SIEM with latest IOCs.
Second level analysis of security incidents and follow up on for effective mitigation.
Extend help to L1 engineers for knowledge transfer.
Collecting actionable threat intelligence distributing the same with customer organization.
Previously part of the Transition Team for on boarding new client’s SOC. (SIEM Solution: Splunk). Responsible for understanding client’s requirement, and documenting the same as SOPs.
I did B.Tech in Computer Science and Engineering from Cochin University of Science and Technology.
URL removed due to policy violation. Please contact support for further information.