My work regards Cyber Security. with focus on SIEM and troubleshooting.; I'm also strengthening my skills on VA and PT.

About the first theme, I worked for 2 years on a McAfee product: I got the product installed and with a few Data Source added and I completed the configuration phase, wich means addition of others Data Sources, creation of reports and their execution, both on real time and scheduled, Alarms settings and check with the others office when they triggered, creation of specific view and dashboards for the other users.
Then, when a SOC was got to the client, I worked with its members, making custom alarms and checking them when triggered, helping with this the Security office of customer.
The other SIEM with I have worked is ArcSight. Fo my previous employeer, I have  setted up a complete enviroment: I installed and configured the EMS, the Logger, some Connectors and I created the basics Reports and Filter.
Actually, I'm involved in a L2 team wich work with ArcSight and QRadar.

About the troubleshooting, for a previous customer I managed ticket for Change and Incident about: firewall policies, SSL certificates signing, Proxy configuration and DNS records.
Actually, in out L2 Team we work about every troube that our SysAdmin encounter and for what tehy need help, both Systems and Network.

For my interest, I studied for 3 certification that I successfully got: Splunk User 6.x (Foundamentals 1), eJPT of eLearnSecurity, and IBM QRadar Foundamentals.
I'm working on the second steps of eLeanr, the eCPPT certification, and QRada, the ADministrator cert.