Balaji Rompicherla

• Worked for 24/7 Security operation center (Proactive Monitoring) as an L2 Analyst
• Captured and analyzed network traffic using Wireshark in Kali Linux for incident investigation.

• Expert in Phishing mail analysis, User Account compromise alerts, Device driven alerts, IOC and Remediation

• Collaborating with Threat Intel team on latest attacks, threat advisories. Collaborating Malware analysis team for File Analysis, performing IOC sweeps and blocks in client environment.
• Analyzing incidents from Azure Identity Portal, Qradar SIEM, and Azure Sentinel SIEM.
• Review the latest alerts to determine relevancy and urgency. Create new tracking tickets for alerts that signal an incident and require review or escalation.

• Performing incident handling and documentation within the incident response lifecycle (detection, analysis, mitigation, reporting, and documentation).

•Skilled with Kali Linux tools such as Burp Suite, Wireshark and Nikto.

• Involved in preparing weekly reports which are presented to CISO.

• Handling customer’s weekly incident calls.

• Continuously monitor security alerts and events from SIEM tools (e.g., Splunk, QRadar).
• Analyze logs from various sources (firewalls, IDS/IPS, antivirus, servers, endpoints).
• Monitor real-time dashboards and alerts to identify suspicious or malicious activity.
• Investigate security incidents to determine scope, severity, and root cause.
• Perform initial triage of alerts to determine the credibility and potential impact.
• Follow organizational and regulatory guidelines during incident handling.