Sardar Charandeep Singh

• Security Monitoring: Leveraged Cortex XSIAM dashboards to monitor real-time alerts, prioritize and investigate incidents, and drive effective response strategies to minimize MTTR.
• Threat Analysis: Proactively investigated malware alerts via Cortex XSIAM, assessed artifact reputations, mapped incident progression in the Incident War Room, identified impacted assets and users, and delivered effective remediation to mitigate threats.
• Email Analysis: Investigated user-reported and suspicious emails via the email gateway, validated sender credentials, scrutinized URLs and file attachments, traced affected users, and implemented swift remediation to contain potential threats.
• Jira Incidents: Handled Jira incidents for multifactor authentication (MFA) issues, LastPass access concerns, and security approval workflows to ensure timely resolution and operational continuity.
• Security Operations Response Actions: Integrate indicators (IOCs/BIOCs/correlations) into Cortex XSIAM daily to strengthen threat intelligence, detection, and response. Led weekly quarantined file audits to verify containment effectiveness, and conducted monthly allow/block list reviews to ensure alignment with evolving security policies.

Software/Applications Used : Cortex XSIAM, Jira, Zscaler, Microsoft Defender, LastPass, Microsoft Azure Portal, and Microsoft Entra.

• Security Monitoring: Monitor security events and alerts using SIEM (Security Information and Event Management) platforms to identify potential security incidents, and endpoint security solutions to detect and mitigate threats.
• Email Analysis: Investigate user-reported and other suspicious emails from the email gateway. Verify the legitimacy of the sender, investigate hyperlinks and attachments, identify affected users, and perform remediation actions.
• Threat Analysis: Investigate malware alerts received from Cortex XDR. Verify and check the reputation of alert artifacts, establish an alert timeline, identify affected assets and users, and perform remediation actions.
• Incident Detection and Triage: Investigate security alerts to determine if they indicate a real security incident. Prioritize and triage incidents based on their severity, and potential impact on the organization. For true positive events, perform remediation actions.

Software/Applications Used: HPSM, Splunk, Cortex XDR, Symantec, SentinelOne, Proofpoint PPS, Wireshark, and PuTTY.

Client: Telus Communication Limited

• Implementation: Provisioning and configuration of Cisco Unified Communication Virtual Servers—CUCM, IMP, CUC, and Expressway according to customer requirements on the Hosted Platform using VMSphere for Telus Cloud Collaboration customers, and ensuring the services are ready for the customer before the ETA date.
• Preventative Maintenance: Maintain Cisco Unified Communication Servers (CUCM, IMP, CUC, Expressway,Firewalls) and IDCs by performing checkup and test activities on the servers on a daily, bi- weekly and monthly basis depending upon the customer services.
• Service Assurance: Technical support for VoIP and Unified Communication devices(CUCM, IMP, CUC, Expressway,Firewalls).
• MACD Orders: Handling Skype for Business MACD orders and Migrating of UC Servers on different blades, adding and removing subscribers on VMSphere.
• Service Monitoring: Analyzing SIP customer's traffic during peak time and report in case of abnormality and Monitoring customers stats in OCSM-ME for assurance and to investigate in case of abnormality.
• Incident Management: L-1 incident management and escalation point for voice services for enterprise customers, Coordinating with multiple teams and field engineers to provide solution on voice services related issues and working on both Service affecting and Non-service affecting issues and escalating the incidents to resolve within SLA.

Software/Applications Used: Lynx,Putty,OCSM-ME,OSM, VMSphere,
RTMT, WinSCP, X-Lite,Calabrio ,Wireshark and SFDC.