Kathyayini

• Part of 24x7 SOC Team as a Cyber Threat Analyst - L2.
• Performed Threat Hunting to identify security risks and detailed analysis on threats and events that are triggered which were suspected to be true positives escalated by L1.
• Device onboarding by sharing specific log baseline and coordination with respective teams.
• Review of logs from onboarded devices to ensure the quality.
• Configuration of Aggregation, filter to Minimize the utilization and noise.
• Managing connectors for better availability and throughput
• Trained and mentoring new joiners associates on security technologies and internal tools for on boarding them to SOC team.
• Responsible for identifying, assessing, reporting, assisting the remediation of IT security Threats using Azure Sentinel and AISaac tool and updating Customers about critical findings and recommendations.
• Real time monitoring logs from different devices like firewall, Office 365, Defender for Endpoint, Microsoft Defender for Cloud, Azure IaaS, IPS/IDS, NSG, proxy servers, database, domain controllers etc.
• Creating and Maintaining track records for SOP, Run books and Play books.
• Triage security alerts and Fine Tune false positive alarms.
• Audit for Incidents and Alert handled.
• Integration of new Log Sources (Windows, Linux), Content Hub Solutions (Azure Firewall, Microsoft Defender for Cloud, Microsoft Insider Risk) and regular inspection of health check of integrated devices and troubleshooting for better monitoring coverage through SIEM tool.
• Prepared Daily, Weekly and Monthly MIS based on required metrics in terms of user and network activity, alerts generated, and potential threats observed.
• Responsible for advanced security incident detection and threat analysis for complex and/or escalated security events and responded within SLAs.
• Performed out-of-box analysis of certain alerts using multiple malware sandboxes, historical IP analyzer, Behavior analysis, URL blacklist.
• Use case Creation based on customer requirements and advanced threats by collecting IOCs like malicious IPs, hashes, URLs, email, malicious domains for cyber threats like ransomware, malware, and other vulnerabilities.
• Prepared Advisories for clients based on latest Ransomware and Zero Day Vulnerabilities and reported to clients as per there asset and applications.
• Performed e-mail header analysis and confirm legitimacy of email and thereby identifying malicious sender ID and domains.
• Detecting and minimizing digital risk by identifying unwanted exposure by doing Threat Hunting using Various Hunting Modules, Queries and workbooks and protecting against external threats.
• Perform vulnerability, Network and Web application scanning assessments using automatic and manual tools to confirm detected vulnerability.

• Design UI using C#, .NET controls.

• Design and develop Middle Tier using ADO.NET.

• Implement business logics, update/retrieve data to/from SQL Database and create stored procedures.

• Develop code as per business and technical specifications.

• Create test data and perform functionality testing to ensure that Business requirements are met.

• Write different classes, modules and web-forms.

• Implement Enterprise RPA in coordination with Business.

• Robot creation, testing and deployment using UiPath.