Oct 2021 – Present · 4 yrs 8 mos · Lucknow, Uttar Pradesh, India

• Threat Management: Monitored and analyzed security threats using advanced SIEM tools such as Splunk, QRadar, and ArcSight, identifying potential security incidents and taking appropriate action.
• Incident Response: Led incident response efforts, conducting root cause analysis, containment, eradication, and recovery processes for a wide range of security incidents including malware infections, DDoS attacks, and data breaches.
• Security Event Monitoring: Maintained global network infrastructure, ensuring the timely detection and mitigation of security threats. Developed and optimized monitoring rules to enhance threat detection capabilities.
• Log Management: Managed and maintained log provisioning and management systems, ensuring the accurate collection and analysis of security event data from various sources. Conducted regular audits and health checks to ensure data integrity.
• Threat Intelligence: Utilized threat intelligence platforms to stay updated on the latest threat vectors and vulnerabilities. Integrated threat intelligence feeds into the SIEM to improve detection and response times.
• Security Assessments: Conducted regular vulnerability assessments and penetration testing to identify and remediate security weaknesses. Worked with IT teams to implement patches and security updates.
• Policy and Procedure Development: Developed and updated security policies, procedures, and playbooks to align with industry best practices and regulatory requirements.
• Collaboration and Communication: Coordinated with cross-functional teams, including IT, compliance, and risk management, to address security issues and improve overall security posture.
• Incident Documentation: Maintained comprehensive documentation of all incidents, investigations, and response actions.

Apr 2021 – Oct 2021 · 6 mos · Lucknow, Uttar Pradesh, India

• Infrastructure Management: Assisted in the setup, configuration, and maintenance of network infrastructure, including routers, switches, firewalls, and load balancers. Utilized Python scripts to automate network device configurations and updates.
• Network Monitoring: Monitored the performance and health of network infrastructure. Developed Python scripts to automate the collection and analysis of network performance data, enhancing proactive monitoring capabilities.
• Troubleshooting and Issue Resolution: Diagnosed and resolved network issues related to connectivity, performance, and security. Created Python scripts to automate common troubleshooting tasks, reducing mean time to resolution (MTTR).
• Log Management: Managed and analyzed network logs using Python to identify trends, detect anomalies, and generate actionable insights. Automated log aggregation and parsing processes to streamline data analysis.
• Security Implementation: Implemented network security measures including configuring access control lists (ACLs), updating firmware, and monitoring network traffic for potential threats. Used Python to automate security checks and alerting
• Automation and Scripting: Developed Python scripts to automate routine network tasks such as device backups, configuration management, and performance monitoring. Improved efficiency and accuracy in network operations through automation.
• Learning and Development: Proactively learned about new networking technologies and advanced Python programming techniques. Attended training sessions and completed certifications to enhance skills in infrastructure networking and automation.