mukesh kumar

Delivered multi-client SOC operations across Splunk, LogRhythm, QRadar, Sentinel & Securonix, while handling EDR solutions simultaneously. Managed high/critical incidents end-to-end with SLA adherence, impact assessment, containment & reporting. Provided on-site CSOC support for World Government Summit 2024–2026. Improved detection engineering via SIEM rule optimization & MITRE ATT&CK-aligned use cases, reducing false positives & enhancing coverage. automated IR playbooks in SOAR.

Managed end-to-end security incident response for multiple enterprise customers across Splunk and McAfee ESM SIEM platforms. Monitored user and entity behaviour using Azure Security Center and Microsoft Cloud Defender, detecting anomalies and insider threats. Conducted scheduled and ad-hoc vulnerability assessments, delivering findings and remediation recommendations to client IT teams.

Investigated & resolved high-priority SIEM offenses by correlating activity across FMC, ESA, EDR, & PAM tools using MITRE ATT&CK framework. Developed & maintained SIEM detection use cases & QRadar correlation rules tailored to the exchange's threat environment; managed QRadar administration. Monitored endpoint activity via TrendMicro Apex One EDR, enforcing policies & investigating anomalies. Conducted quarterly risk assessments & network health checks, coordinating remediation with IT stakeholders.

Monitored & investigated security incidents (attacks, intrusions, unauthorised activities) via IBM QRadar SIEM; managed IOC ingestion & custom event parsing using regex. Developed banking-specific detection use cases & integrated diverse log sources into QRadar for comprehensive visibility. Performed vulnerability assessments on web banking applications & infrastructure using Nexpose & Nessus. Generated compliance & audit reports from QRadar in support of regulatory requirements.