Akshay Patil

• Responsible for handling various security events and incidents within Telecom security operations, prioritizing issues based on severity and impact.
• Managed Priority 1 (P1) security incidents, coordinating immediate response efforts to mitigate risks and restore operations while minimizing impact to business continuity.
• Created detailed post-incident reports and conducted lessons learned sessions, driving improvements in incident response processes and security posture.
• Monitored security alerts and conducted initial triage of incidents, escalating as necessary to senior analysts for further investigation.
• Maintained knowledge of emerging threats and vulnerabilities through continuous education and industry research, enhancing team preparedness.
• Conducted thorough investigations of security incidents, utilizing tools such as SIEM, IDS/IPS, and endpoint detection solutions to analyze and respond to threats.
• Proactive in fine-tuning activities based on log analysis, ticket closures and customer response, achieving a 15 - 20 percent reduction in false alarms, which significantly enhanced the security operations.
• Experience in managing client relations, ad hoc requests and point of contact to present reports and root cause analysis of high priority incidents to Operational Companies.
• Responsible for creating and delivering daily, weekly, and monthly security incident reports, providing clients with clear insights into security posture and incident trends.
• Developed and implemented incident response playbooks, standardizing processes and improving response times by 40%
• Entered data, generated reports, and produced tracking documents.

Responsible for handling various security events and Incidents in banking security operations on Priority as few mentioned below:

• Hands-on on RSA and CloudSEK portal to monitor security alert trigger in Dark web.
• Hands-on deception technology (Smokescreen) to find internal threat by analyzing security alert like lateral movement activity, Exploitation activity , Data theft activity.
• Manual system analysis (Windows) to find the RCA for C&C connection.
• Monitoring and finding security threat through WAF portal (Indusface)
• Phishing/SPAM Emails analysis.
• Giving resolution on various alert which generated by SOC team.
• Actively participation in Cyber-drill activity which is conducted by RBI to check their preparedness to detect and to enhance the security.
• As per client requirement preparing various report related to security incident like MIS, RBI (CSITE Data) , Weekly and quarterly reports , CERT-IN advisory data.
• Actively participation in RBI Audit.

Responsible for handling various security events and Incidents in banking security operations on Priority as few mentioned below

• Alerts/ Reports analysis from various Security tools (viz. PIM, Proxy, Honeypot, Firewall, WAF, SIEM)
• Phishing/SPAM Emails analysis.
• Process CERT-In/ CSITE Advisories
• Malware Behavioral Analysis
• Phishing Site/ Phishing mobile application/ Smishing analysis and response
• Identify Brand Abuse, its impact and initiating takedown for Mobile Applications/ Websites
• Responsible for creating Monthly Summary Report for clients.
• Keeping track of the events with help of ticketing tool and follow-up with respective teams for resolutions.

Responsible for creating small scale Splunk Enterprise architect including with real time based user cases:

• Implementation of Splunk instance like Search head, indexer, universal forwarder, deployment server, heavy forwarder.
• Preparing real time alert based on receiving logs.
• Preparing dashboard for visual understanding.
• Responsible to create use case - Checking for windows audit log tampering, Detecting brute force attack, Detecting network and port scanning,