top of page
Modern Architecture
Danish K

SOC Lead

Danish K

Danish is a seasoned SOC Lead known for delivering impactful security operations solutions. His expertise in managing, coordinating, and optimizing Security Operations Centers has driven notable improvements in incident response and threat management. Danish is available hourly, monthly, or quarterly to enhance your security operations and bolster your organization's protection.

Hire Now

Responsibility

  • Managed individual and team performance to consistently meet standards.

  • Leading a team of 18 security analysts in a 24/7 SOC environment, ensuring vigilant monitoring and rapid response to security incidents.

  • Developed and supervised work schedules to maintain proper staffing levels.

  • Training Initiatives: Conduct regular training sessions to enhance SOC analysts' skills in threat detection, malware analysis, and utilization of security tools.

  • Client Communication: Interface with clients to deliver updates on security posture, incident reports, and actionable recommendations for enhanced security.

  • Creating interactive Power BI reports for performance reporting.

  • Actively participated in hiring new team members.

  • Provided a centralized location for management, coordination, and knowledge base contact during severe and critical incidents.

  • Policy Development: Develop and implement comprehensive SOC strategies, policies, and procedures to fortify security posture and mitigate client risks.

  • Understanding Incident trends and Reducing False Positive Incidents, True Positive

  • Incident analysis will provide recommendations to improve security.

  • Playbook Development: Develop and implement workflows for various incidents so that analysts can follow the investigation as per process

  • Providing Leadership to SOC Analysts and fine-tuning rules to eliminate false positives.

  • Conduct proactive monitoring, investigation, and mitigation of security incidents.

  • Analyse security event data from the network (SIEM).

  • Research new and evolving threats and vulnerabilities with potential impact on the monitored environment.

  • Work in a 24x7 Security Operations Center.

  • Perform Root Cause Analysis (RCA) and make preventative recommendations.

  • Assisting in creating the daily SOC report and briefing customers as necessary.

  • Involved in planning and implementing preventative security measures and building incident response.

  • Participate in daily security meetings with other security leadership.

  • Monitoring and responding to all required operational support network queries and events.

  • Prepare reports of analysis and results to provide briefing to management.

  • Providing Incident response support to SOC analysts.

  • Mentor SOC analysts and cater to their technical roadblocks.

  • Investigate, document, and report on information security issues and emerging trends.

  • Managed SLAs for security tickets, ensuring timely resolution of incidents and requests are performed by SOC analysts.

  • Provided technical support to enterprise customers for Microsoft Defender for Cloud and

  • Microsoft Sentinel.

  • Helped Microsoft Enterprise customers onboard Microsoft Sentinel and Microsoft Defender for Cloud.

  • Troubleshoot and diagnose technical issues related to the product.

  • Communicate effectively with customers to provide clear and concise instructions on issue resolution.

  • I am an experienced and proficient engineer specializing in Microsoft Defender for Cloud and Azure Sentinel with a proven track record of effectively implementing and managing security solutions in complex cloud environments.

  • Possessing a solid technical background in cybersecurity and cloud computing, adept at designing, configuring, and optimizing security policies, alerts, and workflows to safeguard cloud resources and mitigate cyber threats.

  • Skilled in threat detection, incident response, and security incident analysis, with the ability to identify and remediate security vulnerabilities in real time

  • A collaborative team player with excellent communication skills, capable of liaising with cross-functional teams to ensure comprehensive security coverage and compliance with industry standards and regulations.

  • Expertise in Windows Networking Components.

  • I worked on DNS, DHCP, DFS, SMB, VPN, NPS, Wireless, NLB, and RPC Failure.

  • Active Directory, Hyper-V, NIC teaming, Group policy, Windows Firewall.

  • Proven expertise in deploying, configuring, and troubleshooting the above components.

  • Hands-on experience with tools like:

  • For trace analysis: Wireshark, Netmon, Insight Client, Text analyzer

  • Case management: DFM, Rave

  • Supporting customers with Microsoft’s support contracts.

  • Resolving queries related to Microsoft’s networking technologies

  • Analyzing network traces, TSSV2 logs, and ETL/ Wireshark traces.

  • Working on collaboration tasks with other teams, seeking help on networking-related components.

  • Giving triages on various topics.

  • Handling escalation calls, supporting teammates, and Monitoring reported issues/bugs.

  • Provide customer advocacy for documentation and updates for reported issues.

bottom of page