Summary
Overview
Work History
Education
Skills
Certification
Accomplishments
Timeline
Generic
Akhil Panasa

Akhil Panasa

Senior Security Analyst

Summary

I am a results-driven IT professional with vast experience in corporate IT security, planning, implementation of security measures to protect computer systems, networks, and data. Responsible for analysis, prevention of data loss, service interruptions, I provide comprehensive secure network design, systems analysis, and full information lifecycle, focusing on IT solutions and business objectives. As Information Security Analyst, responsible for operation, support, development, and implementation of information systems and related components. Establish and maintain effective communications and relationships within and across teams, business areas, and vendors. Deal with incident identification, assessment, quantification, reporting, communication, mitigation and monitoring. Revise and develop Standard Operating Procedures (SOP) to strengthen the current Security Operations Framework (SOF). Possess broad knowledge of security technologies, processes and strategies.

Overview

8
8
years of professional experience
9
9
Certifications

Work History

SOC Analyst

G42(Kaspersky)
04.2021 - Current
  • Analyzing the logs from different network and endpoint devices that are forwarded to the SIEM tool Splunk and Corelight NDR, utilizing MITRE ATT&CK and Cyber Kill Chain frameworks for enhancing investigation
  • Documented and contained security incidents detected on the network
  • Made sure to meet service level agreements regarding response time and client notification
  • Documented weekly and monthly reports of the security incidents and shared it with
  • The team
  • Working closely with team to tune, evaluate and resolving security incidents escalated by team
  • Tuning response and alerting mechanisms as required
  • Good working experience on End point security tools- Carbon Black, Crowd strike and SEP
  • Performed several threat hunts by correlating information from multiple sources
  • Create process documents and runbooks for analysts for the new use cases moving in production
  • Working day to day on multiple EIP abuse alerts like crypto mining, brute forcing etc.,
  • Identification and designing of use cases that address specific enterprise needs for effective alert triggering and firing of the Security Events
  • Test new correlation content provided by engineering team and use cases using Splunk SIEM filters, rules, data monitors, and proper identification of the incidents and their pattern
  • Suggested tuning recommendations and new content to the Engineering team to provide more value
  • Played a key role by suggesting multiple tuning requests in bringing down the alert volume (from ~200/week to ~40/week) on daily basis
  • Also, worked on ad-hoc requests as they come and helped them in identifying potential risks in their environment
  • Responsible for knowledge transfer to new joiners and analysts
  • Organizing Knowledge Sharing Sessions to both L1 and L2 teams which include ongoing security threats, Security tool knowledge, Networking concepts
  • Gained a profound knowledge on Splunk with exposure to multiple Splunk projects
  • Also, a certified Splunk Power User and currently pursuing Splunk Certified Admin certification.

Senior Security Consultant

IBM
05.2020 - 04.2021
  • Served as operations lead for SOC team and L3 threat analyst
  • Supported core IT Security processes and technologies including Internet content/filtering, DLP, AV/Malware, Sandbox testing and Reporting
  • Organized knowledge sharing sessions to both L1 and L2 teams which include ongoing security threats, Security tool knowledge, Networking
  • Review existing content, to work on fine tuning and reducing the false positive count
  • Threat hunting for identifying hidden vulnerabilities in the environment and reporting to the client
  • Excellent working experience on end point security tools- Carbon Black, Crowd strike, Cylance, Cybereason and SEP
  • Received multiple client appreciation awards and EDR team of the year 2021 award
  • Performed several threat hunts by correlating information from multiple sources
  • Serving Ad-hoc requests for clients by helping them with detail and in-depth investigation on malware operations and providing them suitable recommendations and actionable items
  • Responsible to handle entire team across 3 shifts 24/7 which include training, plus one, review, creating shift schedules and feedback reports for Analysts
  • Actively working as part of threat hunting team for clients
  • Creating weekly and monthly reports of Infrastructure and work delivered for client using PowerBi and PowerPoint presentation.

Senior Security Analyst

NETSURION TECHNOLOGIES
01.2020 - 05.2020
  • Work involved to deal with SIEM specific event analysis using SIEM tool Event Tracker
  • Good working experience on End point security tools- Carbon Black, Crowd strike and SEP
  • Performed several threat hunts by correlating information from multiple sources
  • Understanding the tickets raised by L1 team and carry on the investigations, escalate them to client
  • Thoroughly understand technological requirements for client systems and assist in providing guidelines to effectively mitigate security risks
  • Create process documents and runbooks for analysts for multiple use cases
  • Handle issues with proxy services that effect internet availability to the users and handling emergencies in this front.

Senior Cyber Security Analyst

DELOITTE
08.2018 - 01.2020
  • Served as the primary SPOC and L2 analyst
  • Attended SANS SEC504 training at Miami, USA and gained good knowledge on various attacker tools and methodologies
  • Critically analyze virus samples and new software in multiple sandboxing environments like Any run, Cuckoo, Joe Sandbox, IBM exchange and so on
  • Experience in evaluating and resolving Network Security incidents escalated by L1 team
  • Received Spot Award thrice and Outstanding Award once for my analysis in Threat hunt and for raising high number of tuning requests for a client at Deloitte
  • Tune response and alerting mechanisms, adding additional monitoring feeds as required
  • Supporting core IT Security processes and technologies including Internet content/filtering, DLP, AV/Malware, Sandbox testing, DB monitoring, IT System Compliance with Security Policy/Standards, Reporting
  • Threat hunting for identifying hidden vulnerabilities in the environment and reporting to the client
  • Schedule SPOC for SOC team, to ensure all the availability of analysts for backup and client coverage to provide 24x7 monitoring
  • Speaker of complete QRadar training in USA as well India for new onboarding analysts
  • Developed multiple dashboards and saved searches in QRadar application for SOC Operations
  • Tuning, whitelisting, and writing rule logics for new use cases in QRadar and Splunk SIEM.

Security Analyst

DELOITTE
04.2016 - 08.2018
  • Conduct trainings and knowledge transfer sessions for new and lateral hires
  • Serving Ad-hoc requests for clients by helping them with detail and in-depth investigation on malware operations and providing them suitable recommendations and actionable items
  • Worked as L3 & Operations Lead and have been continuously appreciated for the contribution towards various projects from respective project leads and Service Delivery Managers
  • Helped clients by serving multiple ad-hoc requests
  • Worked on content validation for clients and gave suggestion how to reduce false positives
  • Developed new Use Cases and tuned existing ones leveraging Splunk and QRadar
  • Also, performed threat hunt analysis and received SPOT award for the same
  • Raised 27 tuning requests for a US Client over a very short time, thus reducing the workload
  • Received outstanding award from Deloitte Management for the same along with client appreciation mail
  • Played a key role during ransomware and Trojan attacks viz., WannaCry, Ryuk.
  • Created custom dashboards to monitor IOC hits and advised clients in performing counter steps
  • Provided multiple knowledge sharing sessions on security tools, to L1 analysts
  • Organized NHO sessions for new hires and new SDM's in 2019 in India as well as USA
  • Worked on multiple ticketing tools: JIRA, Service Now (SNOW)
  • Gained profound knowledge on QRadar and Splunk with exposure to multiple Splunk and QRadar projects
  • Excellent hands on experience on End point security tools- Carbon Black, Crowd strike and SEP as I have performed several threat hunts by correlating information from multiple sources
  • Performed testing and have good knowledge on security tools like Bluecat, Dark Trace, Cloud Lock and Beyond Trust
  • Created multiple Playbooks/Runbooks which help new hires to understand the use case and how to handle an alert
  • In depth knowledge and work experience on Incident Response Automation and Orchestration tool – Demisto
  • Created multiple dashboards and saved searches in QRadar to simplify the process of analysis., SIEM specific event analysis using SIEM tools but are not limited to QRadar, Nitro, and Splunk
  • Worked as a Part of Tier-A (L-1 Analyst) team to investigate the logs forwarded by various Network & endpoint devices
  • Looking for suspicious and malicious activities, categorizing the events & raise necessary cases such as Operational, Health and Tuning request aspects along with security incidents for the issue resolution/security investigation
  • Worked for “Threat Intel Analytics” team to gain knowledge on Brand Monitoring alerts, Key Word alerts and creating threat notification reports using tools like Intel 471 and Threat Connect
  • Served Ad-hoc requests for clients by helping them in finding the logs, internal investigation on malicious activity & forensics

CSA

AMAZON
08.2015 - 04.2016
  • For a brief period in UK returns and replacement team
  • To help customers to all their queries, related to returns and replacements as per UK policies and guidelines
  • To take care of escalation chats from customers from erred customers.

Education

Bachelor of Engineering - Electronics and Communication Engineering

M.V.S.R Engineering College
01.2011 - 2015.04

Skills

    SPLUNK

undefined

Certification

Hacker Tools, Techniques, Exploits, and Incident Handling

Accomplishments

  • Created daily database reports to identify and mediate potential vulnerabilities.
  • Educated management on how to minimize risk of cybersecurity attacks.
  • Trained end users on proper security protocol to minimize cybersecurity attacks.
  • Performed comprehensive investigations of security breaches and implemented appropriate solutions.
  • Supervised team of 10 staff members.

Timeline

SOC Analyst

G42(Kaspersky)
04.2021 - Current

Senior Security Consultant

IBM
05.2020 - 04.2021

Senior Security Analyst

NETSURION TECHNOLOGIES
01.2020 - 05.2020

Senior Cyber Security Analyst

DELOITTE
08.2018 - 01.2020

Security Analyst

DELOITTE
04.2016 - 08.2018

CSA

AMAZON
08.2015 - 04.2016

Bachelor of Engineering - Electronics and Communication Engineering

M.V.S.R Engineering College
01.2011 - 2015.04

Similar Profiles

  • Sara Al Othman

    Sara Al OthmanSara Al Othman

    Key account manager at KasperskyKey account manager at Kaspersky

  • CHLOE LIM

    CHLOE LIMCHLOE LIM

    Senior Marketing Specialist at KasperskySenior Marketing Specialist at Kaspersky

  • FATIMA SALEM ALGHAITHI

    FATIMA SALEM ALGHAITHIFATIMA SALEM ALGHAITHI

    Team Leader at G42Team Leader at G42

  • Profile Photo

    null null

    SOC Security Analyst / Incident Response SOC Analyst at Saic (Science Applications Int.)SOC Security Analyst / Incident Response SOC Analyst at Saic (Science Applications Int.)

  • Profile Photo

    null null

    SOC Security Analyst / Incident Response SOC Analyst at Saic (Science Applications Int.)SOC Security Analyst / Incident Response SOC Analyst at Saic (Science Applications Int.)

CREATE PROFILE
Akhil PanasaSenior Security Analyst