As a professional, I have extensive experience in managing vulnerabilities in various systems and business software. My main responsibility in this role was to identify and prioritize vulnerabilities using advanced scanning tools and work closely with system owners and IS teams to remediate them in a timely manner.I developed and maintained a risk-based vulnerability management program that followed industry standards such as CVE, CVSS, CWE, and risk-based threat modeling. I collaborated with the threat intelligence team to ensure that all vulnerability management efforts were aligned with current threat intelligence and emerging cyber threats.I also conducted vulnerability assessments and testing to identify and validate vulnerabilities that were not detectable by automated scanning tools. Additionally, I monitored and reported on the status of vulnerability management activities, including metrics on vulnerability volume, severity, and resolution time. I developed and maintained strong relationships with internal stakeholders and external vendors to ensure that vulnerability management practices were well-understood and supported throughout the organization. Furthermore, I actively participated in incident response activities and analyzed vulnerabilities that may have contributed to security incidents. Overall, I successfully implemented and maintained a robust vulnerability management program that protected our systems and data from potential cyber threats. Cyber Security Analyst with proficient and thorough experience and a good understanding of information technology. Specialized in proactive network monitoring of SIEM (Rapid7). Have a deep knowledge of identifying and analyzing suspicious events. Performed Vulnerability Management using Rapid7 VM tool. Able to use various security tools to perform logs and packet analysis. Finally, can perform malware analysis with the overall objective to ensure confidentiality, integrity and availability of the systems, networks, and data.
Hi, I’m
Bharath Kapavarapu
CyberSecurity Analyst
Vancouver
Summary
Overview
2
years of professional experience
4
years of post-secondary education
2
Certifications
1
Language
Work History
AppnovationVancouver
Security Analyst
01.2022 - 02.2023
Job overview
- Conducted incident investigations, triaging and escalating alerts from various security systems and appliances
- Performed threat hunting to detect and isolate threats and provide recommendations to technical teams
- Worked on on-boarding infrastructure to ensure a successful transition to SOC for security monitoring services
- Provided proactive security investigation and searches to detect malicious activities
- Vulnerability, risk and compliance management activities
- Guiding Technology team on vulnerability remediation, patching, log collection
- Creating and updating system documentation, training materials, policies and procedures as needed
- Responded to security inquiries from employees, auditors, customers, and other stakeholders
- Maintain up-to-date understanding of security trends, threats, tools and countermeasures in Cloud Security and SaaS technologies
- Automated repetitive tasks.
SoftchoiceVancouver
Security Analyst
01.2021 - 01.2022
Job overview
- Worked in a 24x7 Security Operations Center
- Conduct proactive monitoring, investigation, and mitigation of security incidents
- Analyze security event data from the network using Bro/zeek logs
- Perform static malware analysis on isolated virtual servers using Procmon and Regshot
- Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information
- Ensure the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices like Rapid7
- Research new and evolving threats and vulnerabilities with the potential to impact the monitored environment
- Conduct log analysis using Splunk
- Identify suspicious/malicious activities or PowerShell codes
- Investigate malicious phishing emails, domains and IPs using Open-Source tools and recommend proper blocking based on analysis
- Worked on Proofpoint TAP fires
- Basic understanding of Autopsy and FTK forensic tools.
Education
Masters from Cybersecurity
01.2018 - 1 2020
University Overview
Gained knowledge in different domains of Cybersecurity like Operating system security,
Cryptography, Datacenter Security, Risk management, and Computer forensics.
JNTUKKakinada
BTECH from Electronics And Communications Engineering
09.2012 - 05.2016
University Overview
Skills
Regulatory Compliance Frameworks such as NIST, ISO 27001, CSF, CIS and GDPR
undefinedCertification
CSOCP
Timeline
CEH
02-2023
CSOCP
08-2022
Security Analyst
Appnovation
01.2022 - 02.2023
Security Analyst
Softchoice
01.2021 - 01.2022
Masters from Cybersecurity
01.2018 - 1 2020
JNTUK
BTECH from Electronics And Communications Engineering
09.2012 - 05.2016
Similar Profiles
Marinelida OliveiraMarinelida Oliveira
Senior Associate Technology at AppnovationSenior Associate Technology at Appnovation
Navdeep KaurNavdeep Kaur
Full Stack Developer at AppnovationFull Stack Developer at Appnovation
Zeynab AlizadehZeynab Alizadeh
Senior Full Stack Developer at AppnovationSenior Full Stack Developer at Appnovation
Nola ChaseNola Chase
Front of House Employee at Merci Boulangerie BakeryFront of House Employee at Merci Boulangerie Bakery
ANDRES BLANCOANDRES BLANCO
Civil Engineer at AG CIVILCivil Engineer at AG CIVIL