As a cybersecurity incident responder, my role is to detect, investigate, and resolve security incidents within an organization. My primary responsibility is to maintain the confidentiality, integrity, and availability of the organization's digital assets, and take security incident response capabilities of a organization through PICERL strategy.
With over seven years of experience in the field of Information Security and Blue Team operations, I have gained extensive proficiency in a wide range of security tools and technologies. I am also skilled in coding with Python, which enables me to automate repetitive tasks and enhance the overall efficiency of my team.
As a security incident responder, I lead the SIRT, investigate incidents on Endpoint, Cloud, and Identity Management, collaborate with stakeholders to remediate issues, and conduct Threat Hunts to proactively protect the organization digital assets.
As a Network Security Analyst, my responsibilities include handling network security alerts across multiple client environments, creating network signatures and detections to catch evolving threats, and conducting threat hunts on scale and complex environments. I also write Python code to automate tasks and increase team efficiency, fine-tune existing detections to reduce false positives and noise, and research the latest attack vectors and vulnerabilities exploitation. Finally, I provide detailed reports to clients along with recommendations to investigate further.
Awake Security got acquired by Arista Networks, Job Responsibilities are same as whats mentioned in Arista Networks.
As a Security Analyst, I am responsible for investigating, triaging, and responding to security alerts. I also write detection and prevention policies to safeguard the enterprise and conduct threat hunting in the network to proactively monitor and detect existing attackers by creating use cases of Tactics, Techniques, and Procedures (TTPs) followed by APTs and threat actors.
My expertise extends to engineering and administration of Qradar, FireEye, BigFix, Forescout, WAF, McAfee EPO and WebProxy, SEPM, and other security products. I also write Standard Operating Procedures (SOPs), Runbooks, and Playbooks for SOC teams to follow and ensure endpoint compliance stays above 90% for maximizing visibility.
As part of the CSIR team, I monitor, identify, analyze, produce reports, and escalate malicious activities. I conduct log analysis and deep analysis of security alerts generated by network endpoints such as Mcafee Web Proxy, IBM QRadar SIEM, SEPM, and Imperva WAF. I also conduct static and dynamic analysis of malware received through employee emails to create host-based and network signatures.
Conducting digital forensics on hard drives, thumb drives, and memory cards, both through tools and manually, is another important aspect of my role. I investigate external attacks, including SWIFT incidence, and produce Indicators of Compromise (IoCs) to various teams to update security policies.
I conduct periodic health assessments of Qradar SIEM, covering network hierarchy, backups, and firmware upgrades, and am responsible for deploying and monitoring 1500+ log sources integrated into the SIEM. Additionally, I coordinate with different OEM teams for troubleshooting of non-logging servers and perform quarterly reconnaissance activity to check server scope as per the bank's compliance policy.
Grade: University Gold Medallist
Grade: 83 %
In the first series of the web browser forensics , we will talk about Chromium Based Browser.
In the this part we will uncover the web browser forensics artefacts of Mozilla Firefox.
In this part of series, we will uncover the web browser forensics-related artifacts of Safari Browser.
As a highly skilled and experienced security analyst with a passion for investigating, triaging, and responding to security alerts, I possess an exceptional ability to engineer and administer a wide range of security products, create network signatures and detections, and conduct threat hunts.
With skills in Python, log analysis, digital forensics, and malware analysis, I bring a wealth of knowledge and expertise to any organization looking to improve their incident response capabilities, safeguard their enterprise, or stay ahead of the latest attack vectors. So why wait? Hire me today and take your security posture to the next level!