Madhan Kumar
SOC Team Lead
Mississauga,ON
Summary
SOC Team Lead with experience in Cyber Security Operations, SIEM, Vulnerability Management, Managed Detection & Response, Threat Hunting, Threat Intelligence, Incident Investigations and Response.
Have rigidly worked in providing Security Operations to multiple customers from Security Incident Analysis and Response, Security Events Monitoring, Threat Intelligence, SIEM Use cases, Log ingestion, Threat Hunting, Reporting and Vulnerability Management.
Overview
6
6
years of professional experience
3
3
years of post-secondary education
6
6
Certifications
Work History
SOC Team Lead
Stickmancyber Consulting
Bangalore, Karnataka
06.2018 - Current
- Expertise in multiple SIEM/Security Monitoring tools.
- Experience in handling, maintaining team in SOC from managing shifts to collaborating with team to manage SOC operations and knowledge sharing.
- Lead development processes and procedures to improve incident analyses, incident response times and overall SOC functions.
- Experience in managing internal vulnerability scans, investigate scan results and apply remediation's in common security scanning tools such as Qualys, Openvas, and Nessus.
- Experience in handling Business Email Compromise (BEC) incident by following NIST cybersecurity framework.
- Monitoring security of critical systems and changes to highly sensitive computer security controls to ensure appropriate system administrative actions, investigate and report on noted irregularities.
- Performing analysis and providing possible remediation steps for phishing/spam emails by analyzing email header, attachment, and content of email.
- Experience in handling escalations from level 1 Security Analysts - guide / advise on investigation and handling of incidents.
- Deployment, Configuration, and troubleshooting of SIEM Components and optimizing solution.
- Creation of SOPs for the incidents, Plan of Action, Change management, Incident triage & major incident workflow
- Good working Knowledge in endpoint tools such as Symantec Endpoint protection, Blackberry Cylance, and Windows defender.
- Deployment, Configuration of NIDS to monitor traffic to and from all devices on network.
- Working knowledge on Office365 log ingestion, analysis, and reporting of activities.
- Identify and use tools and techniques to conduct static analysis of Malware through multiple threat intelligence tools.
- Good working experience in providing evidence for different Security assessments and Compliance requirements.
- Experience in reporting of breached domains and emails through Dark web monitoring.
- Creating Security advisories based on latest zero-day vulnerabilities and breaches, sharing with customers to create awareness.
- Creating custom report template, generating, and building Daily, weekly, and monthly reports on multiple data sources.
- Excellent working experience in ticketing tools such as Jira and Vtiger.
- Monitoring environments for Security vulnerabilities and report to customers for further actions on remediation. Demonstrated respect, friendliness and willingness to help wherever needed.
- Paid attention to detail while completing assignments.
- Worked flexible hours across night, weekend and holiday shifts.
- Demonstrated creativity and resourcefulness through development of innovative solutions.
- Developed strong communication and organizational skills through working on group projects
- Self-motivated, with a strong sense of personal responsibility
- Learned and adapted quickly to new technology and software applications
- Proven ability to learn quickly and adapt to new situations
- Running the phishing campaigns and will be giving security awareness to the employees.
- Hands On experience on Trendmicro XDR and EDR
Information Security Analyst
Teaq Technologies Pvt Ltd
Bangalore, Karnataka
08.2017 - 06.2018
- Monitored computer virus reports to determine when to update virus protection systems.
- Monitored use of data files and regulated access to protect secure information.
- Drafted security reports and metrics to track security performance and strategize improvements.
- Monitoring alerts in McAfee SIEM Tool.
- Email phishing analysis
- Continuous monitoring, analysis security alerts and event.
- Provide daily summary reports based on security event analysis.
Monitor SIEM alerts, Manages & configures security. - Examine logs from trends and unusual activity on internal and external network traffic through DDOS Security Tool and Prioritize multiple security alarms.
- Identifying virus, spam mail and risk activity.
- Monitored use of data files and regulated access to protect secure information
- Administered and monitored firewalls, intrusion detection systems and anti-virus software to detect risks
- Educated and trained users on information security policies and procedures.
- Exposure to using framework and compliance like MITRE - ATT&CK. CIS Critical Controls OWASP etc.
- Track threat actor and associated tactics technique , and procedures (TTP ).
- Analyzed network traffic and system logs to detect malicious activities
Education
Bachelor of Engineering - Electronics And Communications
Dayananda Sagar College of Engineering
Bangalore 06.2013 - 06.2016
Skills
Team leader
Certification
AlienVault USM Appliance, USM Anywhere and USM Central self-paced training.
Timeline
SOC Team Lead
Stickmancyber Consulting
06.2018 - Current
Information Security Analyst
Teaq Technologies Pvt Ltd
08.2017 - 06.2018
Bachelor of Engineering - Electronics And Communications
Dayananda Sagar College of Engineering
06.2013 - 06.2016
Similar Profiles
YASH SHUKLAYASH SHUKLA
Information Security Consultant at StickmanCyberInformation Security Consultant at StickmanCyber
JOE LOMBARDOJOE LOMBARDO
Head of Growth at StickmanCyberHead of Growth at StickmanCyber
PRAVEEN KUMARPRAVEEN KUMAR
Senior Technology Manager at Business Consulting and Solutions, RXG Business Consulting and SolutionsSenior Technology Manager at Business Consulting and Solutions, RXG Business Consulting and Solutions