Summary
Overview
Work History
Education
Skills
Disclaimer
Timeline
Generic

BHANU PRASAD

Security Analyst
Tuni

Summary

Dedicated and proactive cybersecurity professional with extensive experience in investigating and analyzing security incidents, performing incident management and response, and leading L1 Operations teams. Proficient in identifying root causes of security incidents, implementing remediation actions, and continuously improving processes to minimize risk and enhance operational efficiency. Expertise in enterprise endpoint security products, SIEM platforms including IBM Qradar and Splunk. Skilled in threat hunting analysis, detection engineering, and collaborating with SOC teams and internal stakeholders to address cybersecurity challenges effectively.

Overview

5
5
years of professional experience

Work History

Security Analyst

Real Time Data Services
Gurugram
07.2024 - 10.2024
  • Monitored and triaged security alerts from SIEM tools such as IBM QRadar, Splunk, and Sentinel to identify suspicious activity and potential security incidents.
  • Conducted in-depth incident investigations using EDR platforms like Sentinel One, Carbon Black, and Falcon CrowdStrike to identify root causes, malware analysis, and remediation steps.
  • Managed and escalated critical security incidents by coordinating with SOC L1 and L3 teams to ensure timely resolution and thorough incident documentation.
  • Utilized firewall technologies such as Palo Alto, Fortinet, Cisco ASA, and Zscaler to analyze network traffic and identify malicious behavior.
  • Performed phishing and email security analysis using Proofpoint, Mimecast, Cofense, and Symantec to detect and prevent email-based threats.
  • Monitored and assessed vulnerability reports from tools like Qualys and Nessus to ensure continuous risk mitigation and system hardening.
  • Analyzed malicious files and network traffic using sandboxing solutions and threat intelligence platforms to validate security alerts and reduce false positives.
  • Enhanced incident response processes by creating and fine-tuning playbooks and runbooks, streamlining investigation and remediation workflows.
  • Collaborated with the L1 team to mentor and train junior analysts, providing feedback on best practices and improving triaging methods for security incidents.
  • Supported DLP efforts with technologies like Symantec to prevent data leakage and protect sensitive corporate information.
  • Conducted forensic analysis on compromised systems, collecting evidence from network logs, endpoint data, and event records for deeper investigation and legal action.
  • Integrated new devices and services into SIEM and EDR platforms, ensuring accurate logging, monitoring, and alerting for security events.
  • Responded to client security requests, offering customized solutions and reporting using tools like ServiceNow and Jira for incident management.
  • Led incident response efforts during high-severity security events, coordinating with internal and external stakeholders to mitigate risks.
  • Developed and maintained detection use cases within SIEM tools to adapt to evolving threat landscapes and optimize alerting capabilities.
  • Participated in threat hunting exercises to proactively detect security gaps and vulnerabilities, leveraging tools like CrowdStrike Falcon and Splunk.
  • Reviewed and improved endpoint protection configurations using Symantec Endpoint Protection, Sophos, and TrendMicro to enhance overall security posture.
  • Utilized email gateways such as IronPort, Mimecast, and O365 to protect against email-borne threats like spam, phishing, and malware.
  • Contributed to security research and threat intelligence efforts by staying updated on the latest threat trends, vulnerabilities, and mitigation strategies.

Cyber Security Analyst

Accenture
Bangalore
04.2020 - 06.2024
  • Led investigations into security incidents, conducting comprehensive analyses to determine the root cause and impact on organizational assets.
  • Applied advanced forensic techniques and tools to gather evidence, identify attack vectors, and assess the severity of security breaches.
  • Collaborated with cross-functional teams to gather and analyze relevant data from various sources, including network logs, endpoint telemetry, and security intelligence feeds.
  • Directed and mentored the L1 Operations team, providing guidance on incident handling procedures, best practices, and technical skills development.
  • Established clear objectives aligned with the Cybersecurity Operations Manager's goals and facilitated regular performance reviews and feedback sessions to drive continuous improvement.
  • Demonstrated proficiency in a wide range of information security technologies, including enterprise endpoint security products (e.g., McAfee e-Policy Orchestrator, Virus Scan, Endpoint Encryption), SIEM platforms (e.g., QRadar, Splunk), firewalls, web proxies, and email and web gateways.
  • Leveraged deep technical knowledge to assess the effectiveness of security controls, identify gaps in defense mechanisms, and recommend enhancements to strengthen the overall security posture.
  • Implemented proactive measures to minimize the risk posed by security incidents, such as implementing security controls, and conducting security awareness training for end-users.
  • Spearheaded initiatives to streamline incident response processes, identify bottlenecks, and reduce manual tasks through the implementation of workflow automation and orchestration tools.
  • Facilitated daily collaboration with SOC teams, internal stakeholders, and support teams to coordinate incident response activities, share threat intelligence, and align response efforts with business priorities.
  • Acted as a central point of contact for cybersecurity issues, communicating potential threats, suspicious activity, and malware findings to the Security SOC provider and relevant stakeholders in a clear and concise manner.
  • Implemented and maintained metrics and reporting mechanisms to track incident progress, measure key performance indicators (KPIs), and provide insights into incident trends and patterns. Regularly reviewed incident metrics and performance data, identifying areas for improvement and recommending remediation actions to enhance incident response effectiveness and efficiency.
  • Adapted to working in multi-vendor environments, collaborating with vendors, third-party service providers, and internal teams to address security challenges, integrate security solutions, and ensure interoperability across diverse technology stacks.
  • Successfully worked across different cultures and organizations, demonstrating cultural sensitivity, effective communication skills, and the ability to navigate complex interpersonal dynamics to achieve common cybersecurity goals.
  • Identified monitoring gaps across IT, IoT, and OT environments, conducting thorough assessments of existing security controls and proposing enhancements to strengthen threat detection and response capabilities.

Education

Bachelor's Degree -

Pacific Institute of Engineering And Management
06.2019

Skills

SIEM: IBM Qradar, Splunk & Arc sight

Firewalls: Palo Alto, Zscaler

Vulnerability management Tool: Nessus, Qualys

EDR: Sentinelone, Carbon Black, falcon crowdstrike, defender for endpoint, Cybereason

Email Security: Proofpoint & Symantec

Ticketing Tool: Service Now & Jira

undefined

Disclaimer

I hereby Bhanu declare that the above-mentioned information is correct up to my knowledge and I bear that responsibility for the correctness of the above-mentioned.

Timeline

Security Analyst

Real Time Data Services
07.2024 - 10.2024

Cyber Security Analyst

Accenture
04.2020 - 06.2024

Bachelor's Degree -

Pacific Institute of Engineering And Management

Similar Profiles

CREATE PROFILE
BHANU PRASADSecurity Analyst