Akhilsai Nuthakki

Having a Good professional experience in splunk, Microsoft 365 defender, incident Management, Email analysis, Data loss prevention and vulnerability assessment.

Ability to communicate effectively with various clients with the ability to explain and elaborate on technical details.

Able to create high quality Security Analysis reports.

Professional Experience:-

• Ingested new logs sources into Splunk.
• Installing and troubleshooting of Splunk components.
• Conduct proactive monitoring, investigating and mitigating of security incidents.
• Monitoring and analysis of security events to determine of threat in the events/alerts.
• Analyze Security event data from the network and also conduct log analysis using Splunk.
• Research new and evolving threats and vulnerabilities with potential to impact the environment.
• Worked in a 24*7 Security operations center.
• Investigate malicious phishing emails, domains and IPs using Open Source tools and blocking based on analysis.

Tool Wise professional Experience:-

SIEM (Splunk):- Coordinating and conducting event collection, log management, event management and monitoring activities using Splunk platforms.

Investigating the notable events.

Checking the data availability from all sources. Log analytics through Splunk query language.

Creating customized dashboards and alarms.

Integrating and Managing Data Sources (Integrated Windows Servers) for connecting to various end systems.

Installing HF/UF and troubleshooting if issues occurs.

Performing log source integration.

Microsoft 365 Defender:- Investing the alerts and analyses it and also check detailed timeline logs and identifying true positive and false positives.

Identifying the root cause of the alerts and resolve with proper resolution.

Blocking the IOC's based on the threat level.

Performing threat hunting creating custom detection rules.

Ensured 100% AV definition compliance of the servers for supported clients.

Web Content Filtering (Cisco Umbrella):- Allowing, Whitelisting, or blocking the URL, domain based on the request.

Analyzing and troubleshooting the issues related to web content filtering.

Vulnerability Assessment: Rapid7 (nexpose):- Responsible for vulnerability scans, assessments, remediation plans, follow up with teams.

Scheduling Ad-hoc scans for multiple clients’ server.

Preparing a high-level vulnerability assessment report and sharing the results with corresponding administration teams

Email phishing analysis:- Investigating the phishing emails going thorough all the checking and will take necessary actions such as blocking the IPs, URL’s, senders mail ID etc.

we will identify similar emails in the environment and quarantine the emails.