Cybersecurity professional with 5+ years of experience in security operations and incident response. Holds a Master's degree in Cybersecurity from the Singapore University of Technology and Design and is a Certified SOC Analyst (CSA). Passionate about solving complex security challenges and leveraging technical expertise to strengthen organizational security through proactive threat detection, incident response, and continuous improvement.
Working on multiple technologies like Vulnerability Assessment, SIEM Security Incident Event Management, Incident response, Handling advisories(CVEs and IOCs), Analysing phishing alerts, retrieving logs and generating reports.
Monitoring and analysing logs in Splunk received from the security network devices databases & end devices, investigating alerts when offences are triggered and raising incidents with the concerned team and taking necessary actions.
Detecting advanced threat patterns and analysing the events generated on network, systems, applications and further investigate the threats and prioritize them using Securonix SIEM tool.
Working on Phishing Mails & taking actions on web proxy, then share our analysis to EPS, Email gateway and Fraudwatch.
Working on vulnerability assessment with MSS, preparing the reports with details pertaining to remediate sharing the reports to clients. Good experience in DarkTrace to detect vulnerabilities on network assets, servers and network devices.
Investigate alerts and events using Falcon from Crowdstrike and take necessary actions. GRC archer is used to assess the risks, assign the tickets, request the remediation and track the status of the incidents.
Proactively searching network and endpoint logs for hidden indicators of compromise (IoCs) and mapping behaviors to frameworks like MITRE ATTACK.
Develop and maintain incident response plans to effectively address security breaches or cyber-attacks. Lead investigations into security incidents, analyze root causes and implement corrective actions to prevent future occurrences.
Provide technical support and guidance to end-users and resolve issues in a timely manner. Provide solutions or collaborate with vendors to resolve issues or implement solutions.