Mukesh Kumar

Security Analyst at HelpAG

Dubai, United Arab Emirates

HelpAG

Feb 2023 - Present -2 yrs, 7 months

Job Details:Monitor security alerts from various sources, including intrusion detection systems, EDR solutions and SIEM tools. Correlate and analyze events using the SIEM tool to detect IT security incidents. Follow detailed operational process and procedures to appropriately analyze, escalate, and assist in remediation of critical information security incidents. Ensure maturity and improvement of SIEM/security tools monitoring by providing insights and recommendations. Participate in knowledge sharing with junior analysts and contribute to internal knowledge bases through SOP documents. Support onsite and offsite CSOC operations based on customer requirements, including providing assistance for CSOC operations during the World Government Summit 2024 & 2025. Enhance security use cases by analyzing and providing insights into security logs to improve threat detection & response and suppressing false positives. Provide detailed monthly report to customers on SOC services. Automate security incident handling using FortiSOAR, reducing response time and improving operational efficiency.

Meeza

Jan 2022 - Jan 2023 -1 yr

Qatar

Job Details:Responsible for managing security incidents and developing response strategies for multiple enterprise customers, ensuring swift threat mitigation and minimal business impact. Responds to security incidents and conducts threat intelligence analysis to enhance cyber resilience and improve incident detection.

Pakistan Stock Exchange

Sep 2020 - Dec 2021 -1 yr, 3 months

Pakistan

Job Details:Identify and investigate high-priority SIEM offenses, correlating suspicious logs using tools for in-depth analysis and resolution. Developing use cases, create SIEM alerts and rules pertaining to environment. Ensure maturity and improvement of SIEM monitoring by providing insights and recommendations. Configure log sources as per requirement. Perform health checks for security devices on quarterly basis. Monitor end user activities using TrendMicro Apex One EDR, and ensure implementation of policies. Follow-up on incidents as per severity & criticality according to pre-defined SOPs. Manage administration of QRadar such as, upgradation, event parsing, maintaining event logs & flows data backup and retention and etc. Review is conducted daily for network activities and also verified and reconciled against valid request through SIEM reports. Conduct risk assessments for networks and databases as per organizational and compliance requirements to identify and mitigate potential security risks. Circulate security advisories to concern IT teams with remediations.

Habib Metropolitan Bank

Dec 2018 - Aug 2020 -1 yr, 8 months

Pakistan

Job Details:Monitor for attacks, intrusions and unusual, unauthorized or illegal activity and perform analysis of offences occur in SIEM and get it closed in timely manner. Identify incidents for escalation, analysis, and remediation, and prioritize incidents for escalation. Management of rules, IOC’s and use regex where events parsing required for better monitoring. Develop use cases as per banking environment requirement. Integration of different log sources in QRadar. Regularly assess web banking and other applications for vulnerabilities using Nexpose & Nessus. Conduct risk assessments in order to identify abnormalities and report violation to concern team with remediation. Generate reports from QRadar as per requirement for compliance and audit purpose. Conduct routine security reviews of networks, infrastructure, identify gaps, report issues to concerned team and assist in the remediation of identified vulnerabilities identified and get it fixed. Give advice and guidance to staff on issues such as spam and unwanted or malicious emails.