DEEPAK S RAYANADE
Security Analyst
Bengaluru
Summary
Experienced Security Analyst with 3.10 years of working in Incident Response and SIEM, IDS/IPS, Firewall Log Analysis, Monitor System and Network Inspection tools, Administering and monitoring security profiles, and Threat analysis. Skilled in investigating Security Incidents and coordinating with teams to contain a compromise situation, finding the root cause for incidents, and making/suggesting changes to improve Security measures in an organization.
Overview
4
4
years of professional experience
6
6
Certifications
5
5
Languages
Work History
Security Analyst
Siliconbricks Technologies Pvt Ltd.
01.2021 - Current
- Analyzing the incidents which gets triggered in Azure sentinel and respond to the incidents along with Microsoft defender for cloud, office 365 security and compliance, azure AD, CloudApp Security(CASB)
- Perform incident response analysis to uncover attack vectors involving a variety, of malware, data exposure, phishing, and social engineering methods
- Monitor security alerts received from SIEM or other security tools like EDR, DLP, email gateway, proxy, IDS/IPS, firewall, threat intelligence, etc
- Carry out Level 2 triage of incoming incidents (initial IR assessment of the priority of the event, initial determination of incident nature to determine risk and damage, or appropriate routing of a security or privacy data request)
- Performing threat analysis in Crowdstrike by deep diving for threats, anomalies, IOC, and cyber-related disruptions on endpoints based on the tactic and technique
- Working on CrowdStrike by evaluating them to identify risks and track findings for mitigating risk and remediation of threats and malware by analysing the detections with the help of hashes, executed applications, file behaviour, the purpose of the file, and network information of the file, and then blacklisting the hash of the file based on the reputation
- Performing vulnerability assessment and management through Qualys of complete assets of the customer and coordinating with various teams to mitigate the risk associated with the assets based on CVSS score and other factors, ensure timely remediation of identified vulnerabilities, and perform trend analysis to capture and highlight repetitive critical vulnerabilities in the environment
- Expert in identifying and handling phishing attacks and Spam Emails by analyzing the message headers, Attachments and URLs to identify the different email attack surfaces
- Performing the malware analysis for the files that were found to be suspicious
- Preparing the metric reports for events generated by each tool and appropriate statistics and sending them to the client on a weekly, monthly, and quarterly basis
- Performing the daily health check of the SIEM to ensure all the devices are reporting the logs into the SIEM
- Determining IOCs while threat hunting by correlating and analysing a variety of application, network, and host-based security logs and determining the correct remediation actions and escalation paths for each incident
- Creating and regularly updating the Standard Operating Procedure (SOP) documents as per the security incident investigation
- Handling DLP and data exfiltration incidents on Symantec DLP and closing them with appropriate categorization for different policies
- Carrying out log monitoring and incident analysis for various devices such as firewalls, IDS, IPS, databases, web servers, IDS/IPS, network devices, authentication devices, endpoints, email gateways, and other cloud-hosted devices to make sure all the company assets are free from external attacks
- Create, modify, and tune the SIEM rules to adjust the specifications of alerts and incidents
- Coordinating with the GRC team to provide the required audit reports from the SOC side
- Investigating new security attacks, threats, and vulnerabilities and providing security advisories responsively by collecting IOCs and necessary recommendations
- Performing an effective phishing analysis and performing a phishing campaign using Knowbe4
- Maintain the assigned ticket queue in Jira and ServiceNow
- Having good understanding of Mitre Attack, Cyber Kill chain, NIST incident Response
- Experience in Information Security with emphasis on security operations, Log monitoring, Log management, incident management, and security event analysis through QRadar & Splunk SIEMs
Education
BE - Bachelor of Engineering
VTU University
BelgaumSkills
Incident Response
Certification
CHE
Timeline
Security Analyst
Siliconbricks Technologies Pvt Ltd.
01.2021 - Current
BE - Bachelor of Engineering
VTU University
Similar Profiles
SRINIVASA VSRINIVASA V
DevOps Engineer at Siliconbricks Technologies Pvt LtdDevOps Engineer at Siliconbricks Technologies Pvt Ltd
Sudha InamatiSudha Inamati
Software Test Engineer at Siliconbricks Technologies Pvt LtdSoftware Test Engineer at Siliconbricks Technologies Pvt Ltd
Venkata Nagaraju InakolluVenkata Nagaraju Inakollu
Technical Lead(System Design) at Relysys Technologies Pvt Ltd (now Invendis Technologies pvt ltd)Technical Lead(System Design) at Relysys Technologies Pvt Ltd (now Invendis Technologies pvt ltd)
Kamakya Sharma VinnakotaKamakya Sharma Vinnakota
Network Operations Analyst at AccentureNetwork Operations Analyst at Accenture
Ashmeet Singh SalujaAshmeet Singh Saluja
Senior Specialist, Customer Experience at Multiplier Technologies India Pvt LtdSenior Specialist, Customer Experience at Multiplier Technologies India Pvt Ltd