Sep 2020 – Jun 2022 · 1 yr 9 mos · Bengaluru, Karnataka, India

• Working on Splunk implementation and deployment.
• Architect Design and capacity planning for Splunk.
• Parser writing
• Reports, Dashboard, Alarm creation, Content Development.
• Conducting POC for new customers.

Jan 2020 – Sep 2020 · 8 mos · Bengaluru, Karnataka, India

• Working on Securonix snypr implementation and deployment.
• Architect Design and capacity planning for Securonix Snypr.
• Parser writing
• Reports, Dashboard, Alarm creation, Content Development.
• Conducting POC for new customers.

Mar 2019 – Jan 2020 · 10 mos · Bengaluru, Karnataka, India

• Working on Splunk implementation and deployment.
• Architect Design and capacity planning for Splunk.
• Parser writing
• Reports, Dashboard, Alarm creation, Content Development.
• Conducting POC for new customers.

Aug 2016 – Mar 2019 · 2 yrs 7 mos · Bengaluru, Karnataka, India

• Working on Splunk, ArcSight, Qradar implementation and deployment.
• Architect Design and capacity planning for Splunk.
• Automation for SIEM solutions via DevOps.
• Parser writing
• Reports, Dashboard, Alarm creation, Content Development.
• Conducting POC for new customers.

Dec 2014 – Jul 2016 · 1 yr 7 mos · Greater Bengaluru Area

• Working on Data Source integration with McAfee ESM.
• Parser writing
• Reports, Dashboard, Alarm creation , Content Development.

Jul 2014 – Dec 2014 · 5 mos · Pune/Pimpri-Chinchwad Area

• Worked on Imperva, McAfee Foundstone, Tripwire, Retina, Algosec.

Sep 2013 – Jul 2014 · 10 mos · Bengaluru, Karnataka, India

• Installing S-TAP (through GIM & manually) on DB servers (Distributed and Z/OS)
• Access Management for Guardium appliances (providing access, defining roles, revoking access etc)
• Configuring Inspection Engines on S-TAP’s.
• Setting up/maintaining Export, Import, and Purge & Archive function on Guardium appliances.
• Tracking and Monitoring STAP services on Database Servers.
• Monitoring Export/Import/ processes on Guardium collectors.
• Guardium policy upgrades and patch installations.
• Investigate/Troubleshoot daily job errors and break fix.
• Working with IBM Guardium Support to resolve issues.
• Working with Application owners/DBAs for testing & deployment of Guardium agents on database servers.

Oct 2011 – Sep 2013 · 1 yr 11 mos · Bangalore

• ●RSA Envision SIEM tool administration, correlation rules administration based on security incidents threats and there impacts on corporate networks. IT security devices integration with enVision. Analysis and reporting of newly occurred incidents and threats on Client's network and based on that providing with best possible correlation rules and reports for proper alerting and incident management.
• ●SIEM L1/L2 Security operation support from global security operation center 24/7 Operation Support Installation, configuration & management of SIEM product - RSA enVision Integration & Troubleshooting of SIEM Policy. Applies own judgment to independently determine a course of action, which is then executed independently post review.
• ●Preparing daily reports and security advisory for customer devices
• ●Analyze customized reports .Worked on different attack/threat analysis techniques/pattern for detected vulnerability.
• ●Responsible to analyze firewall, IDS and Proxy logs to detect any possible attack such as SQL injection, XSS, Port scanning etc.
• ●To ensure accurate results and enhance overall security against zero day and DoS/DDoS attacks.
• ●To generate scheduled and adhoc audit report.
• ●Timely escalation of detected threats or abnormalities to the respective team and providing the possible resolution available.