SOC Analyst
Location : Hyderabad, India
Experience : 4 Year
Rate: $14 / Hourly
Availability : Immediate
Work From : Offsite
Category : Information Technology & Services
SHASHIKANT ASHOK
S O C A N A L Y S T
Overall 3+ Years of Experience in Cyber Security, SOC (Splunk SIEM/ Azure sentinel) Domain, where I can utilize my extensive knowledge about the area gained during my BSc degree.
Good understanding of information technology. Specialized in proactive network monitoring of SIEM (Sentinel &Splunk). Have a deep knowledge of identifying and analyzing suspicious events.
The Splunk SIEM (Security Information and Event Management) Platform is an Integrated Set of Products for Collecting, Analysing, And Managing Enterprise Event Information. They Include Software and Appliances forEvent Collection. Log Management, Event Correlation, Compliance Automation, Identity Monitoring, the major components used in this project are Forwarder, Indexer, and Search head.
T E C H S K I L L S
SIEM - Splunk/azure sentinel EDR-Carbon black Microsoft Defender Malware analysis
phishing analysis Log analysis Firewall analysis
T O O L S
Splunk SIEM
80%
Azure sentinal
75%
Microsoft Defender
80%
carbon black
85%
Service now
85%
CA-Spectrum (Monitoring tool)
80%
E D U C A T I O N
Bachelor of Science from karnatak university Dharwad - 2019
E X P E R I E N C E
Client – Bank of America Designation – SOC Analyst
Tools Used – Splunk/Azure sentinel SIEM Aug 2019 to still Date
K E Y R E S P O N S I B I L I T I E S
S IEM
Worked in a 24x7 Security Operations Center Conduct log analysis using Splunk SIEM Tool
Analyze security event data from the network (IDS, SIEM). Perform static malware analysis on isolated virtual servers
Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
Monitoring and analysis of security events to determine intrusion and malicious events. Perform static malware analysis on isolated virtual servers
Search firewall, email, web or DNS logs to identify and mitigate intrusion attempts.
Investigate malicious phishing emails, domains and IPs using Open-Source tools and recommend proper blocking based on analysis.
Ensure the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.
Research new and evolving threats and vulnerabilities with potential to impact the monitored environment
Ensure the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.
Research new and evolving threats and vulnerabilities with potential to impact the monitored environment
Identify suspicious/malicious activities or codes.
Monitoring and analysis of security events to determine intrusion and malicious events.
Search firewall, email, web or DNS logs to identify and mitigate intrusion attempts
investigate malicious phishing emails, domains and IPs using Open-Source tools and recommend proper blocking based on analysis.
Hands on experience on the Incident Response activities like malware analysis, phishing analysis. Working on assign ticket queue and understanding and exceeding expectations on all tasked SLA commitments.
Escalating issues to level 2 and management when necessary.
Investigate incidents using Active Channels/ Dashboards/Events/Graphs/Annotations and reports. Monitor real-time security events on SIEM (Splunk/Sentinel SIEM) console and Event Analysis and Investigating and mitigation.
EDR (Carbon Black)-Responsibilites
monitoring and perform in-depth analysis of security alerts using the CrowdStrike platform. Exercise incident handling processes across Windows, Mac, and Linux platforms.
Perform malware analysis.
Perform remote remediation of malware or malicious activity.
Develop and improve processes for incident detection, triage, and the execution of countermeasures
Produce high-quality written and verbal communications, recommendations, and findings to customer management.
Demonstrate industry thought leadership through blog posts, CrowdCasts, and other public speaking events.
Supervise internal programs or teams.
Serve as the technical escalation point and mentor for lower-level analysts. Provide oversight and quality assurance for issues worked by lower-level analysts. Assist in the advancement of security processes and procedures.