Nagaraj Alpula

• Managing day to day Qradar SIEM operations
• Investigation on the anomalies and reporting,eliminate false positives and provide the impact and recommend actions
• Analysis of reports and dashboards for threat detections
• Checking log ingestion status of Qradar integrated devices
• Working on use case creation, fine tuning, and log source onboarding to SIEM.
• Experience on the incident handling and response for different attack scenarios e.g Account compromises, Phishing, Malware etc
• Trend analysis of the SIEM alerts & offenses
• Fine tuning the rules,reports and use cases as per customer requirement
• Participating in governance meetings weekly/ monthly ops and working on minutes of meeting

Endpoint Detection and Response

• Analysis of Alerts generated
• Minimizing false positive detection
• Suppression of alerts and whitelisting Application

• Providing Anti-Spam solution of real-time spam protection
• Analysis of SPAM and Legit emails and writing Anti-Spam, Anti-Fraud and legit rules using Regular Expressions
• Working with a core team of Engineers that specialize in stopping malicious traffic and content from reaching our customers
• Spam Analysis: Analyzing Email Headers, Call to Action Domains, and other parameters to identify Spam messages and block them
• Analyze and Detect Email traffic and malicious activity
• Maintenance of Real-time Block Lists, Real-time Allow Lists, and URI Block Lists
• Classify Spam/Phishing, Viruses, and Malicious Trojan malware, Domains, and Fingerprints on the Microsoft Real-Time System
• Working on Region based Phishing reports (US/UK/CA/DE/AU) based on high spam traffic domains
• Creating and updating the existing Regular expressions in Spam assassin Microsoft Ruleset
• Investigating IPs and Domains reputation list
• And Hands-on experience in Incident Management (Microsoft ICM).