Candidate Information
Contact Details
About candidate
specializing in monitoring, detection, and mitigation of advanced cyber threats.
Proficient in using cutting-edge tools like Splunk SIEM, Azure Sentinel, SentinelOne
EDR/XDR, and Microsoft Defender solutions. Expertise in analyzing firewall, proxy,
and IDS/IPS logs to identify threats such as lateral movement, command and
control (C2) traffic, and persistence techniques. Adept at improving security
posture through meticulous investigation and incident response
specializing in monitoring, detection, and mitigation of advanced cyber threats.
Proficient in using cutting-edge tools like Splunk SIEM, Azure Sentinel, SentinelOne
EDR/XDR, and Microsoft Defender solutions. Expertise in analyzing firewall, proxy,
and IDS/IPS logs to identify threats such as lateral movement, command and
control (C2) traffic, and persistence techniques. Adept at improving security
posture through meticulous investigation and incident response
Cover latter
Monitor and analyze security events using Splunk SIEM to detect potential
threats.
•
•
•
•
•
•
•
Investigate and respond to endpoint incidents using SentinelOne EDR/XDR
and Microsoft Defender for Endpoints.
Analyze firewall, proxy, and IDS/IPS logs to identify anomalous activities,
including lateral movement and persistence attempts.
Detect and mitigate command and control (C2) traffic by correlating logs and
leveraging threat intelligence.
Conduct root cause analysis for security incidents and implement measures to
prevent recurrence.
Collaborate with IT and network teams to strengthen security posture and
minimize vulnerabilities.
Analyzed PowerShell-related alerts, new process creation, and unauthorized
lateral movement attempts.
Investigate traffic patterns in firewall logs to identify unauthorized
access, port scans, and unexpected data exfiltration attempts