Mar 2023 – Mar 2024 · 1 yr · Bangalore Urban, Karnataka, India · Hybrid

• . Perform thorough analysis of potential threats, including malware and intrusion attempts, and deliver top-tier security services to protect highly sensitive data.
• Possess extensive technical expertise, particularly in the areas of forensics,malwareanalysis,threathunting,andthreatintelligence.
• Communicate effectively with various stakeholders,including technical teams,management,&legal to ensure that everyone is informed of the incident and the steps being taken to mitigate it.
• Developed SOP to handle CloudAlerts, Insider risk alert and automated various alerts to improve metrics and reduce investigation time.
• Developed Detection rules based on TTP’s to identify and mitigate advanced persistent threats, aligning with the MITRE ATT&CK framework to enhance visibility and effectiveness of security team.
• Responsible for developing and maintaining incident response plans that outline the steps to be taken in the event of a security incident.
• Participate in on-call rotation periodically which may involve non-traditional non-working hours.
• Experience using investigating tools such as SIEM, Phantom SOAR, Crowd strike, Sentinel One, GCP.
• Perform post incident reviews and ensure all findingsaredocumentedandremediationareappropriatelyactioned.
• Mentor junior team member in investigating security incidents.
• Be the conduit for DFIR and Threat intelligence, extracting IOCs and IOAs from rawdata, analysis reports and threathunting.
• Develop specific content necessary to implement Security Use Cases and transform into correlation queries,templates,reports,rules, alerts, dashboards, and workflow.
• Perform Static and dynamic malware analysis with proper documentation and perform successful remediation of threats.
• Collecting Evidence from the compromised machine to know the root cause.

Jul 2021 – Mar 2023 · 1 yr 8 mos

Jun 2017 – Jun 2021 · 4 yrs