Job Responsibilities:
Worked as Consultant L3 Senior Security Analyst for the SOC team of one of the retail of U.S.
* Understanding requirements and designing Use Cases.
* Development of ArcSight interface content as needed (Dashboards, Data Monitors, Active Channels,
Rules, Filters, Reports, etc.)
* Managing connector appliances, onboard connectors and software connectors.
* Administration od SIEM Sumo Logic.
* Administration of Tripwire CCM.
* Configuring compliance scans in Tripwire for retail stores as per PCI requirements.
* Configuring compliance scans in Tripwire for discovery of hosts.
* Configuring scans in Tripwire to get asset information such as OS, Registry keys, Hardware etc.
* Configuring various alerts (syslog, email, console ) in Tripwire for property change . compliance scan
completion, system health events.
* Integrating all the alerts in Tripwire with existing SIEM platforms.
* Creating quarterly and annual metrics for management.
* Handling a team of 10 L1 and 2 L2 Team Members in a 24*7 SOC environment.
* Training team members on new threats and remediation.
* Conducting session on multiple security topics in order to enhance the team skill set.