This document contains a resume for Devasis Kumar Mahato. It summarizes his work experience and qualifications. He has over 4 years of experience in information security and SIEM, currently working as a Team Lead for SOC Services at Paladion Networks in Bangalore, India. In this role, he performs security monitoring, incident response, and ArcSight administration. Previously he has also worked on security projects for several banks, enterprises, and other organizations. He holds technical certifications in CCNA and ArcSight administration.

1. DEVASIS KUMAR MAHATO
DOB: 01- July - 1987
Present Address:- #472, K- Main, VysyaBankColony,ShantiniketanLayout, Arekere,Bangalore- 560076
Phone No:- +91-8792223686,8095615064
Email:- devasiskrmahato@gmail.com
Profile Summary:-
 A total of 4+ years of experience in Information Security & SIEM. Team Lead –SOC Services with experience of
strong technical knowledge in technology, process analysisand review.
 Perform real-time investigation, analysis of event using SIEM tools (ArcSight) of Network Security Components and
device such as IPS, Firewalls, Web Application Firewall, Operating Systems like Windows and UNIX, Databases and
other Devices.
 Investigation of threats and real time attacks.
 Possess Knowledge on Log Baselines and understanding of how and where logs will be generated and stored for
different Application and Devices.
Organisation: PALADION NETWORKS, Bangalore(November 12th
, 2012 –Till Date)
India’s oneof the top leadingcompany providingfull servicemanaged Information and network security on a global scale.
Paladion Networks expertise extends over Banking-Finance-Insurance,IT,IT and Consulting,Telecommunications,Research
& Development.
Designation: Team Lead-SOC Services / SIEM ArcSight Admin– Level 2
Job Profile:
• 4+ years of SIEMexperience on ArcSight andSecuritymonitoring usingArcSight.
• Understanding of ArcSight ESM Product component which collect, process, model, prioritize, correlate, monitor, and analysis
enterprise generatedevents.
• Good understanding of phases of ArcSight ESM event life cycle and describe the functional processing which occurs during
each phase. Navigate the ArcSight console to effectively correlate, investigate, analysis and remediate both exposed and
obscure vulnerabilitiesto give situational awareness and real time incident response.
• Check systemhealthof ArcSight ESM, Logger andConnectors, Checkbackups andlogarchival status
• Collecting, analysing and preserving the evidence related to incidents . Log analysis, SIEM log analysis utilizing Enterprise
Products. Writingreports onincidents anddeliver them to Businessand other stakeholders.
• Creation of rules, Active List, Dashboard, active channels based on the customer requirements. Creation of reports, queries
and filter for the events that are generated in ArcSight Console. Ensure applicationavailability andSLA adherence
• Developandconfigure SIEMreports (i.e. dashboards includingdaily, weeklyandmonthlyreports) .
• Troubleshoot ArcSight Components (Connectors, ESM, andlogger).
• Reviewsecurity-relatedevents, assessing risk andvalidity, as well as reporting
• Assist, co-ordinate with the Manager on performinga risk reviewof the dailysecurityrequests that come from the business
• Assist, co-ordinate with the Security Incident Handling Team (onsite projects team) in providing assistance during
investigation.
• Interact with the process owners to understandthe nature ofbusiness, the controlsandpossible risk.
• On-Call Support function (responding to incidents offregular working hours andweekends/holidays)
• Potential to bring any possible security threats or violation of Security Policy to the notice of the Information Security
Manager.
• Act as a Subject Matter Expert and mentor/coach to other, less experienced team members; utilizing knowledge and
experience to quicklyresolve issuesand addressrisks ofa veryvolatile nature.

2. Academic Qualifications
Graduation and
Post Graduation
Passed (BCA-MCA Integrated programme) in year 2011 from IGNOU with (BCA-62%and MCA-
60%)
Class XII Passed Class XII(Science) from Kendriya Vidhyalaya,Chakradharpur (CBSE) in 2005with 58.2%.
Class X Passed Class X (ICSE) in year 2003 from S.E.Rly E/M School,Chakradharpur (I.C.S.E) with 71.3%
Certification
CCNA (R/S) Certified. CSCO12177242
ArcSight Admin+Analyst (HP0-A116)
Work EXPERIENCE
Security Analyst – SOC Services(Paladion Networks –November 2012 – Till Date)
# Client Project Role Details
Client 1,
Client 2
One of the Top5 banks
of Belgium , Paladion
|MSSP
Bank, MSSP Security
Analyst
 Reviewsecurityrelatedevents, assessing risk and
validity, as well as reporting.
 Handling Hotline calls/mails, Policy violation, IPS, ASA
and other securityincidents.
 Creating an incident ticket, Analyzing, Managing and
tracking security incidents to closure by coordinating
with different teams.
 Investigatingattacks/alerts ondifferent devices.
 Correlationof events as per the attach methodology.
 Analyzing IPS, IDS alerts and suggesting corrections to
minimize false positives
 Building content in ArcSight, Fine tuning correlation
rules.
 Performing trendanalysisandsuggest improvement to
securityaspect.
 Prepare and publishmanagement reports
 Troubleshooting connectors, Implementation and
connector Integration.
 Managinghealthof ArcSight Infrastructure.
 Gap assessment ofcontent developedandfine tuning.
Client 3 ,
Client 4,
Client 5,
Client 6,
Client 7,
Client 8,
Client 9,
Client 10
(A Bank inRiyad, KSA),
(A bank inQatar),
(A Resort andCasinoOf
Las Vegas),
(An ISPof UAE),
(A Govt Bank of Qatar),
(An Enterprise of
Malaysia),
(A leading Private Bank
of India),
(A retail groupof Dubai
havingstores in India)
Security
Operations
Team Lead
and
ArcSight
Admin
 Creating an incident ticket, Analyzing, Managing and tracking
security incidents to closure by coordinating with different
teams.
 Analyzing IPS, IDS alerts and suggesting corrections to
minimize false positives.
 Analyzing the correlatedevents over the network.
 Performing trend analysis and suggest improvement to
securityaspect.
 Writing reports on incidents and deliver them to Business and
other stakeholder.
 Understanding of ArcSight ESM product component which
collect, process, model, prioritize, correlate, monitor, and
analysis enterprise generate events.
 Buildingcontent inArcSight, Fine tuningcorrelation rules
 Prepare and publishmanagement reports
 Managingmultiple teams at the same time.
Client 11 A leadingBank of KSA
(Onsite)
Security
Operations
ArcSight
Admin
 Understanding of ArcSight ESM product component which
collect, process, model, prioritize, correlate, monitor, and
analysis enterprise generate events.
 Buildingcontent inArcSight, Fine tuningcorrelation rules
 Prepare and publishmanagement reports.

3. ITIL
Awards and Recognitions
Received Paladion Champ Award twice in 2015 and 2016.
I hereby declare that all the above information is true and if necessary additional proof will be
provided.
Date:
Place: Bangalore Devasis Kumar Mahato