Ankit Pandagre | SOC X CSIRT | EDR - Threat Detection and Response | Incident Response & Management | Endpoint Security | Threat Intelligence | GCP - Cloud Security

Ankit Pandagre

SOC X CSIRT | EDR - Threat Detection and Response | Incident Response & Management | Endpoint Security | Threat Intelligence | GCP - Cloud Security

India, Telangana, Hyderabad

Cyber security professional with 4+ years of experience actively looking for a job opportunity.

About Me

I am a Cyber Security Professional with 4 years of experience skilled in: – Endpoint Detection and Response - CrowdStrike Falcon, – SIEM and EDR technologies, – Threat hunting and Threat Intelligence,

Industry Served

IT & Technology




SOC X CSIRT Analyst | Threat Detection and Response

Tokopedia India
02 Oct 2021 - 09 Nov 2022 a year
Hyderabad, Telangana
• Threat detection and response via Crowdstrike falcon complete. • Assist L1/L2 for security event and initial incident response to detected threats. • Experience in SIEM tools like Symantec SIEM, Splunk, and Elastic Search. • Proficient in Incident Management and Response in a Global SOC environment. • Threat hunting in EDR telemetry data. EDR monitoring – Crowdstrike falcon, Carbon black. • Google cloud protection – cloud armor for DDoS protection. • Playbook and document creation for SOC use cases. Creation of detailed process documentation. • Respond to alerts for security systems such as firewalls, IPS/IDS, SIEM, EDR, WAF, threat and vulnerability management tools working with teams to understand and remediate security vulnerabilities. • Research public and private sources to identify novel threats and attack techniques, and to provide recommendations for detection and mitigation.

Security Analyst | Security Incident Manager

Civica India
14 Jan 2021 - 26 Aug 2021 7 months
Baroda, Gujrat (Remote)
•Defined and streamlined SOPs. Policy making for Phishing incidents. •Performing in-depth investigation on demand. Investigating detection over Symantec web proxy. • Monitoring and managing ClearSwift email gateway. •Splunk – Security events analysis, Splunk query language. •Managing and adding lexical expression over email gateway. •Preparing weekly and monthly report of security incidents and trends. •Respond to alerts for security systems such as firewalls, SIEM, EDR, and WAF. •Blacklisting Email IDs, Domains on email gateway to block phishing/spam emails. • Investigate cyber threats on a real-time/day-to-day basis, involving alerts, log analysis, event/incident correlations. •Monitoring and managing Sophos AV jumpbox for malware detection and preparing report. •Evaluate the current Security Infrastructure for best practices, and recommend changes to enhance security.

SOC Analyst | Information Security Specialist

Symantec India
21 Mar 2019 - 17 Sep 2020 a year
Chennai, Tamil Nadu
• Experienced in working with Symantec Global Security Operations Center. • Worked as SOC analyst for enterprise global security operation center (SOC as service). • Security Incident Monitoring and Response with Symantec SIEM. • Experienced in working with Fortune 500 customers as well as start-up environments in helping and advising to adopt effective measures against cyber threats. • Analyzing various security device logs and predict the threats using various open/close intelligence. • Incident Handling, Incident Management, Intrusion Analysis, Analyzing different kind of security incidents. • Reviewing customer queries and guiding customers with threat remediation strategies and best security practices. • Pre-validate the incidents before it publish to customers. • Forensic analysis to identify artefacts to provide more detail about infected device using Symantec MEDR. • Provide an in-depth investigation/analysis of logs to the escalated cases to the customers.

Internship - Security Analyst

09 Jan 2017 - 15 Jun 2017 5 months
Hyderabad, Telangana
• Monitor global systems looking for potential threats, vulnerabilities and indicators of compromise. •Perform in-depth analysis of security alerts utilizing CrowdStrike EDR. •Provide Incident remediation and prevention documentation and recommendations to customers based on defined procedures and analyst experience. •Document and conform to processes related to security monitoring procedures. •Initiate escalation procedure to counteract potential threats, vulnerabilities and threat actors. •Compilation and review of service focused reporting. • Providing assistance to Senior Cyber Security Analysts on Threat Hunting engagements. • Contributing to the continuous improvement of SOC procedures and documentation.  Perform other duties as assigned.


Master of Technology - Information Security and Cyber Forensics

SRM University
11 May 2016 - 13 Feb 2020 4 years
Chennai, Tamil Nadu

Bachelor of Engineering - Computer Science Engineering

RGPV University
16 Oct 2013 - 24 Feb 2016 2 years
Bhopal, Madhya Pradesh