Roomina Merali
An experienced Cybersecurity Engineer with extensive experience in deploying and maintaining SIEM infrastructures
Erfahrungen
März 2022 - Bis heute
3 Jahren 3 MonatenSplunk Engineer – Analytics and Monitoring – Governance and Compliance
Solsys Corporation (TD Bank Contract)
- Successfully onboarded new data from a variety of different inputs including syslog, HEC, UF, HF, Cloud, various Splunk TA's such as DB Connect and Salesforce, Windows Event Collector Servers, and other database connections
- Created and managed Splunk knowledge objects (field extractions, event types, etc.)
- Consulted with management and Technology Asset Owners to determine and implement Security, Logging and Monitoring Audit requirements
- Responsible for mapping customer data to the Splunk Common Information Model (CIM) for Change and Authentication Audit requirements
- Coordinated and conducted event collection, log management, event management, and compliance automation
Mai 2021 - März 2022
11 MonatenPlatform Security Lead
Manulife Bank
- Provided expert guidance regarding the implementation of advanced security use cases
- Developed correlation & detection to support alerting and response capabilities for the SIEM environment
- Designed and implemented a SIEM solution using Splunk, which increased the organization's ability to detect and respond to security incidents
- Worked with security teams to ensure compliance with regulatory requirements such as HIPAA, PCI-DSS, and SOX
- Monitored SIEM systems to detect and respond to security incidents
- Collaborated with internal customers to aid with requests such as Log Source configuration, App installation, Data Parsing, monitoring and alerting
- Installed, configured and supported Devo syslog-ng relays, including parsing of events received
- Created detailed reports, queries, dashboards, alerts, and visualizations as defined by customer requirements
- Worked with the integrations and telemetry teams to onboard Devo events from various common and complex log sources, including AWS and Azure cloud
- Created and maintained standard operating procedures, technical documents, and troubleshooting guidelines, including process improvements as it related to Devo operations
- Conducted System Health Checks on managed technologies and provide recommendations on performance improvements
- Configured Grafana for log analysis and visualization, resulting in improved troubleshooting and performance optimization
- Conducted regular security assessments and vulnerability scans to identify and mitigate potential risks
- Responsible for identifying, investigating, managing and documenting Cyber Security events as part of Incident Management and CSIRT processes
- Accountable for developing devo roles and responsibilities (RACI) document and educating SOC team members in taking over day-to-day Devo support
- Acted as a subject matter expert (SME) while providing leadership, guidance, and mentorship to other security teams on the use of SIEM tools
Juli 2015 - Apr. 2021
5 Jahren 10 Monaten Toronto, Kanada
Senior Security Specialist
BMOFG
Mai 2013 - Juli 2015
2 Jahren 3 Monaten Toronto, Kanada
Senior Analyst
NTT Data
Nov. 2011 - Mai 2013
1 Jahr 7 Monaten Toronto, Kanada
Tivoli Specialist
IBM Canada
Zusammenfassung
With extensive experience in deploying and maintaining SIEM infrastructures, I am well-versed in various security technologies and methodologies. I possess a strong understanding of IT security concepts and best practices, including risk and vulnerability management, log analysis, security monitoring, and threat detection. I have successfully provided expert guidance and consultation to clients and project teams on technical guidance and troubleshooting complex problems. Additionally, I have mentored team members and possess strong leadership skills.
My technical skills include proficiency in UNIX, Windows, and Linux, as well as scripting languages such as Python, Perl, and Splunk Search Language. I have also worked with various security tools such as CyberArk, IBM Security Identity Manager, RSA, and Qualys. With my experience in data analytics and reporting, I am capable of creating custom dashboards, reports, and alerts that deliver real-time insights into security events and incidents.
Sprachen
Englisch
Muttersprache
Ausbildung
Okt. 1980 - Juni 1981
Herzing Career College
Diploma · Systems Analysis and Programming
Zertifikate & Bescheinigungen
Splunk Enterprise 9.0 System Administration
Splunk
Splunk Certified Power User
Splunk
Splunk Core Certified User
Splunk
Splunk Enterprise Security Administration
Splunk
CyberArk Trustee Certification
CyberArk
ITIL Foundation Certified
Tivoli Professional - Certified IT Specialist
Tivoli
Ähnliche Freelancer
Entdecken Sie andere Experten mit ähnlichen Qualifikationen und Erfahrungen.