Cyber Security Engineer
Petroleum Development Oman
Total years of experience :16 years, 7 Months
• Having exposure in setting up the SIEM tool and its usecase that leverage the MITRE ATT&CK framework., endpoint detection and response (EDR) solutions, or threat intelligence platforms that use the framework to enhance threat detection and response capabilities
• Monitoring the Process control domain Network and Systems with relevant security standards and frameworks in the PCD field. Creating the monitoring nodes in the secure zones and creating usecase for the various protect critical assets.
• Design and Setting up SOC & SIEM (Splunk) Managing and running the SOC operations consist of the below mentioned service lines
o Onboarding the IT and OT devices in to SIEM
o Creating Security and Application monitoring Usecase
o Leading the team for Event monitoring & Incident response.
o Handling the SOC operations using the SIEM tool (Splunk)
o Integrating the SIEM tool with other service lines of SOC operations
o Running Governance call with the clients to discuss on the daily/weekly/monthly trend reports.
o Leading the team for SIEM tool operation & Administration
• Handling the operations task and defining the process for Event monitoring and Incident response.
• Working on incidents and alerts raised by the tools and closing the same as per incident management process
• Creating problem record on the repetitive incidents and analysing the root cause of the same.
• Managing and running the SOC operations consist of the below mentioned service lines
o Leading the team for Event monitoring & Incident response.
o Handling the SOC operations using the SIEM tool (Arcsight)
o Integrating the SIEM tool with other service lines of SOC operations
o Running Governance call with the clients to discuss on the daily/weekly/monthly trend reports.
o Leading the team for SIEM tool operation & Administration
• Handling the operations task and defining the process for Event monitoring and Incident response.
• Working on incidents and alerts raised by the tools and closing the same as per incident management process
• Creating problem record on the repetitive incidents and analysing the root cause of the same.
• Owning the Information Security process for the Accenture NOC.
• Managing Operations team of 20 which manages the Accenture SOC.