Network Engineer Resume
4.00/5 (Submit Your Rating)
SUMMARY:
- 2.7 Years of hands on IT Experience in securing the network environment using SIEM Tools like HP ArcSight ESM, RSA enVision.
- Strong experience in HP ArcSight components like ArcSight ESM, ArcSight Data - Base, ArcSight Smart Connector, ArcSight Logger, ArcSight Console and Arcsight Web.
- End-to-end architecture and sound knowledge of ArcSight Express & ArcSight ESM.
- Sound Experience in Installing & Configuring the ArcSight ESM & its Components.
- Sound Experience in Monitoring & Investigating the incoming Events in a network.
- Expertise in defining resources like Rules, Filters, Dash Boards, Data Monitors, Active Channels etc.
- Sound Experience in generating Daily, Weekly & Monthly Reports.
- Sound Experience in Log Management by administering ArcSight Logger.
- Exposure to Ticketing tool like HP Service Manager & BMC Remedy.
- Exposure to the network devices like Firewalls, Malwares, IDSs etc.
- Strong knowledge on Arcsight Event Life Cycle & its Phases.
- Familiar with Networking Concepts.
- Good communication, problem solving skills and the ability to acquire new skills in a timely manner.
- Strong in team coordination and managing tasks.
TECHNICAL SKILLS:
SIEM Tools: HP ArcSight Components:
Ticketing Tools: Network Devices:
Firewalls: Check Point3.0, Symantec Gateway Security 2.0
Vulnerability Assessment: Rapid 7(Nexpose), Retina N/W Security Scanner 4.9.
VPN Client: Cisco VPN Client 7.0
Data Base: Oracle 10g.
Operating System: Micro Soft Windows Server (2003/2008).
PROFESSIONAL EXPERIENCE:
Confidential
Environment: HP ArcSight ESM5.0 & its Components.
Responsibilities:
- Configuring Resources like Assets, Asset Ranges, Zones, Locations etc. in a Network Environment.
- Categorize the incoming events using Event Categorizer.
- Monitoring the incoming events in Demo Live Active Channel.
- Correlating the incoming events by creating Rules based on specific set of Conditions & Logical Operators.
- Assigning required Actions based on the rules & conditions specified.
- Managing the Notification process when a rule action is triggered.
- Filtering the events by defining & applying Filters at different levels of an events.
- Displaying the event data in different layouts by defining Dash Boards & Data Monitors.
- Investigating the events based on particular criteria by creating an Active Channel.
- Integrating the Commands, Applying the Inline Filters in an Active Channel to make the investigation process reliable.
- Identifying the Source of Infection in using different options available in the Inspect/Edit like Event Inspector.
- Customizing the Active Channels by Adding or Removing the Columns.
- Sorting the columns of different Filed Sets of different resources.
- Defining & Assigning Cases to the events.
- Annotating the events by Assigning Statuses to the events & notifying them to particular team.
- Defining the Report Work Flow by Gathering Data(Queries & Trends), Develop Reports(Report Template) & Run Reports((Query+Trend)+Report Template)
- Running the reports automatically on yearly, monthly, weekly, daily & hourly basis using Job Scheduler.
- Checking the overall system health & reporting it to the appropriate team.
- Generating & Sending Logs to ArcSight Customer Support based on requirement.
- Create Dash Boards & Generate Reports using Query Viewers.
- Create Import & Export data into Packages & Bundles.
- Add the content to Active Lists & Session Lists.
- Logging the Incident & Change Request Tickets to concern Team or Employee on demand.
- Providing 24x7 on-call support & coordinating with On-Site Team to resolve the high severity issues.
Confidential
Environment: HP ArcSight ESM5.0 & its Components.
Responsibilities:
- Creating New Users & User Groups & giving appropriate ACL Permissions.
- Analyzing the incoming threats & giving information to the clients.
- Defining Rules & Filters to correlate the incoming events.
- Defining new Dash Boards & Data Monitors in different layouts.
- Monitoring the Active Channels & adding Cases to the particular event.
- Checking the System Health & updating it to concern team.
- Monitoring the GSOC-Mail Box & creating the tickets.
- Logging the Change Request & Incident Management Tickets to L-2 Support Team & other Teams based on the Severity.
- Managing the Events based on the generated SOPs.
- Checking the Escalation procedure & updating it to the client.
- Reporting the event status & information to the clients as well as Manager.
- Following the SLA timelines and techniques while resolving the incident.
- Providing L-1 Investigation support & updating the status to the concern team.
- Handling End-To-End Client calls.
- Attending review meeting sessions conducted by the clients as well as manager.