Incident analysis, responses and remediation using SIEM tools.
Security Log Analysis Monitor and analyze the logs from various security tools any events that need to be correlated from a security perspective to be researched and submitted to the tools team for the alert development.
Analysis of the Network Attack, blocks, detects and regular Health Checkups in the real Environment.
Monitored customer’s network the scheduled reports and ensured that network is hazard free from all threats.
Extract the logs, Perform real time log analysis using SIEM technologies and Forensics Analysis of logs as per the request.
Configure, document, and maintain various security devices (proxy servers, email gateways, Host IDS, AV, DLP, DNS servers, Assessment and monitoring tools)
Examine existing infrastructure and identify weaknesses and propose remedial action.
Perform regular assessments of the environment and its applications to document any risks.
Work as a mentor to Information security engineers and analysts.
Assist in Audit, policy management, patch management and incident management activities.
Correlating events from a Network, OS, Applications or IDS/Firewalls and analyzing them for possible threats.
Monitor and maintain Firewalls, SSL VPN gateways, Intrusion Protection system and any other security related equipment and services.
Hands on experience in deploying Internet and core aggregation firewalls, Cisco and Juniper.
Change management adds, changes, deletes, authorized submitter’s lists and metrics reporting for Operations team.
Configuration of security policies in Netscreen, Fortigate, Checkpoint and Snorts.
Reviewing & creating the FW rules and monitoring the logs as per the security standards in Checkpoint and Netscreen Firewalls.
Contact with the various projects and team regarding the rules, monitoring the Logs and document, disable or refine the rules as per the clients’ requirement.
Auditing the rules based on security standards and refining it.
Conducting Training for the Team Members.
Responsible for daily security checks, monitoring unsuccessful logons, monitoring inactive users in Production system.
Monitors the clients networks scheduled reports, Incidents and behaviour,usage of user activities.
Coordinating all security related issues and with Internal Infrastructure Team, and Validating the Expectation request and approving.
Manage the SIEM and other security monitoring tools from integration, monitoring, correlating and reporting perspective based on the business needs.
Involved in BVT and UAT testing.
Maintain the knowledgebase.
Modify the new and exist categories as per update.
Verify the collecting data by the team and update in main database.