Hareesh GM
Senior Consultant, Cyber Threat Security Ops
Bangalore,Karnataka
Summary
Cybersecurity Enthusiast: Driving Digital Resilience & Safeguarding Assets and Resources. Dynamic and results-oriented with proven track record in proactively identifying and adopting new skills and technologies.
Overview
7
7
years of professional experience
4
4
Certifications
Work History
Senior Consultant, Cybersecurity
NielsenIQ
08.2023 - Current
- Acting as Security Advisor and leading Team of Junior Consultants, Security Engineers, Forensics Specialists
- Being Threat Hunter, actively looking for zero days, IOCs; creating detection rules in Defender XDR and sharing signals with Microsoft to reduce True Positives
- Monitoring Security Researchers blogs, checking any active vulnerabilities related to current organization, gather IOCs and hunt (Threat Hunting) for them leveraging Defender XDR (Kusto Query Language), Sentinel One (XDR), Sentinel (SIEM)
- Proactively designing playbooks to handle incident response and operational enhancements
- Leading MDR-Incidence Response and helping MDR to fine tune alerts based on escalation trends
- Working on C-suite level escalations and monitoring their custom configured mailbox rules/detections to prevent BEC attacks
- Expertise with Defender M365 suite - MDE/MDO/MDI/MCAS (E5 part) has always been exceptional potential in implementing effective IR and digital forensics
- Actively monitoring Cyberworld to look out for zero-day vulnerabilities and manage Vulnerability Threat Management Operations (VTMO) in CTSO team
- Conducting periodical Active Directory Penetration Assessments to identify whether users have any exposed credentials in the wild.
- Designing SOAR automation to help reducing SOC/Junior Consultants workload, reducing false positives, and regulating manual repetitive tasks
- Writing executive level summary, situational reports for any high-level malware incidents / breaches occurred such as Insider Threat, customer data theft, etc
- As a result of Incident response activities stored, analyzing large data sets to understand and get them mapped to the ATT&CK framework and provide insights to CISO & VP/Director of Cybersecurity
- Architecting & Implementing Microsoft security products, usually the Defender E5 stack that includes, Microsoft Defender XDR, MCAS-CASB, Defender for Cloud (Azure Security Center), sentinel (SIEM) & AAD features like PIM/PAM, Conditional Access, JIT, Identity Management
- Leveraging KAPE for Browser Forensics, Disc Imaging and DFIR - Digital forensics for Incident Response
- Successfully completed Season -1 Kusto detective agency and acquired Senior Detective badge
- Leveraged Ability to Articulate for effectively communicating security strategies, remediation measures and security process improvements business stakeholders.
Support Engineer
Microsoft Corporation
05.2022 - 07.2023
- Experience as Support Escalation Engineer on SOC tickets that require high importance/visibility on Microsoft Security Products like Microsoft 365 Defender XDR, Microsoft Threat, and Vulnerability Management (TVM), Defender for Cloud (Hybrid Cloud Resource Protection)
- Incident Response using Defender XDR: Alert Investigation and Incident Response, handling products issues on device inventory, discovery, KQL execution issues, API connectivity, Onboarding/Offboarding issues, Sensor connectivity status and checking vitals from backend
- Based on comprehensive analysis, Investigated Endpoints from Live Response using PowerShell script executions and cmdlets, reducing customer efforts on various response and log collection activities
- Incident Analysis and Response using Industry standard frameworks such as MITRE ATT&CK, NIST, cyber kill chain
- Developing custom detection rules using XDR, Sentinel (SIEM) for find more correlations and tighter security
- Worked with Product Group, EEEs and Global TAs to resolve customer's issue faster based on priority and business impact
- Demonstrated exceptional interpersonal skills in building and leading team of Microsoft Aspires to deliver high-quality solutions
- Nominated by multiple clients on their VOC (Voice of customer) based on Care Behavior, Growth Mindset and Prompt resolutions.
Technical Support Engineer
Teamware Solutions for Microsoft Corporation
03.2021 - 05.2022
- Part of break-fix team for Microsoft Defender XDR Operations
- Taking Accountability, troubleshoot and solving technical issues, using collaboration, best practices with transparency.
- Worked on enhancing Security Operations using Microsoft Security tools.
- Collaborate with PG in case of product related issues on Incident Management portal.
- Incident Response and workflow management concentrating on CRITSIT issues.
- Performed root cause analysis of reported issues to enact corrections.
- Consistently met or exceeded performance metrics, contributing to overall team success.
Technical Support Advisor
Concentrix Technologies
05.2019 - 08.2020
- Supporting B2B Enterprises with Symantec Endpoint Protection and Email Security technical tickets
- Assisting peers on escalations and connecting with developers for product enhancements
- Collaborating with Mentors and SMEs to learn more as part of continuous engagements and improvements.
- Understanding product Architecture and understanding technologies lying behind
- Part of SOC, doing L1/L2 incident responses and enhancing security operations incidents, threat intelligence and hunting using Symantec EP
- Delivering Phishing Simulations in org to improvise posture and educate organization.
Customer Service Representative
HCL Technologies
07.2017 - 02.2019
- Intern, Front line incident monitoring and response.
- Tech talks, conduct training and triages on security alerts for HCL clients.
- Analyzed customer service trends to discover areas of opportunity and provide feedback to management.
- Developed strong product knowledge to provide informed recommendations based on individual customer needs
Education
B. Tech - Information Technology
Rajiv Gandhi College of Engineering and Technology
Pondicherry 05.2013 - 05.2017
Skills
Malware Analysis
Threat Hunting
Incident Response
Digital Forensics
Microsoft Security Stack
Disclaimer
I hereby declare that the above information provided is true and correct to the best of knowledge.
Certification
Kusto Senior Detective
Timeline
Kusto Senior Detective
03-2024
SC-300 Microsoft Identity and Access Administrator Associate
09-2023
Senior Consultant, Cybersecurity
NielsenIQ
08.2023 - Current
Microsoft Defender for XDR Ninja
08-2022
MITRE ATT&CK Fundamentals & SOC Assessments
07-2022
Support Engineer
Microsoft Corporation
05.2022 - 07.2023
Technical Support Engineer
Teamware Solutions for Microsoft Corporation
03.2021 - 05.2022
Technical Support Advisor
Concentrix Technologies
05.2019 - 08.2020
Customer Service Representative
HCL Technologies
07.2017 - 02.2019
B. Tech - Information Technology
Rajiv Gandhi College of Engineering and Technology
05.2013 - 05.2017