SOC Analyst
Wipro Technologies
Total years of experience :11 years, 1 Months
• Security monitoring and incident response using Qradar and Splunk SIEM.
• Conducting regular vulnerability scans, analyzing results, and developing customized scanning solutions using Nexpose
• Real-time log analysis from various sources including firewall, proxy, WAF and endpoints.
• 24/7 SOC operations for incident detection, tracking, and reporting.
• Real-time Monitoring of Alerts using IBM QRadar and Solarwinds
• Security monitoring and incident response using Qradar .
• Analyze offence, follow run book steps and create incidents for all true positive alerts
• Monitor & investigate real-time logs from different log sources
• Validate, classify, and open tickets for security incidents
• Provide support and guidance to the team in case of any issues
• Support daily SIEM operational activities, monitoring and reviewing within the information security environment
• Responding to inbound security alerts, emails, and inquiries from the organization
• Perform investigation of network and hosts/endpoints for malicious activity
.
.
• As Technical, led a team of 25 Engineers and implemented security measures to protect computer systems, data, and networks.
• Reviewed and validated access controls of users over consoles and servers. Experienced in Change, Problem and Incident Management as per ITIL framework.
• Managed and administered Symantec endpoint protection rules for blocking ports and IPs, preventing data loss and service interruptions.
• Also managed Websense for email filtering, created information security content, conducted Information Security Training and Awareness Sessions.
• Managed AD users and groups, created users and groups, OUs, and applied GPOs at the OU level.
• Installed, configured, and maintained physical and virtual servers, Windows OS, and ESXi on HP and Dell servers.
• Distributed software and deployed OS through SCCM 2012 and GFI Languard.
• Managed HP blade servers through iLO and Dell servers through iDRAC. Maintained inventory through CMDB and active directory.
• Worked in a team of Service Desk Engineers, ensuring proper work progress, shift handover, and data communication.
• Monitored network elements and performance information 24x7, provided first-line support, surveillance, troubleshooting, and resolved server-related faults.
• Acted as a focal point for all incidents and requests reported to the Service Desk.
• Administering Windows Server 2003, 2008, and ESX hosts
• Managing users and groups in Active Directory
• Remediating servers
• Patch management through SCCM 2012 and GFI Languard
• Managing HP blade servers through iLO and Dell servers through iDRAC
• Installing and configuring VMware ESXi 5.0, 5.1, 5.5, and 6
• Creating and configuring VMware standard and distributed network switches
• Tasks included installing and configuring Active Directory,
• Managing AD users and groups, configuring and maintaining Cisco switches,
• Setting up a WAN link between branches, monitoring bandwidth utilization, and implementing group policies.
. .