Information Security Analyst
Evolent Health International pvt ltd
مجموع سنوات الخبرة :7 years, 3 أشهر
Responsible for monitoring the cloud SOC environment.
Analyze, validate, and mitigate incidents and alerts triggered by SIEM solution Splunk.
work in compliance with HIPPA
Analysis and creation of SOP for Phishing mail for internal Environment.
Remediating notable within SLA (Service Level Agreement).
Giving suggestions for Splunk Use case and tunning.
Creation of SOP for various alerts/Notables triggered by CrowdStrike, Splunk, Symantec Endpoint, Azure identity protection.
Provide Incident Response (IR) support when analysis confirms the actionable incident and Help CSIRT (Computer Security Incident Response Team) in creating an incident report.
Creating Basic security policies for the company.
Investigate incident, remediation, and follow-up for incidents.
Create and maintain information reports for key performance indicators and weekly and monthly metrics.
Responsible for working 24x7 SOC environment.
Responsible for network security events and take appropriate steps Based on SOP’s (Standard Operation Procedure).
Work as a part of a growing team, to disseminate information to others-which make us continually improve.
Coordination with the network team to ensure an effective and efficient process.
Observe security solutions, SIEMs, firewall appliances, intrusion prevention systems, analysis tools, log aggregation tools.
Technical analysis of network activity monitors and evaluates network flow.
Provide real-time guidance to customers on network configuration, security settings, and policies, and attack mitigation procedures.
Detect incident by monitoring the SIEM console, rules, reports, and dashboards.
Remediating the incident if possible, otherwise, will gather information then raise a ticket and write the description then escalate to the next level.
Assisting l2 team for fine-tuning of reports.
Responsible for shift handovers.