Janani M
Chennai
Summary
Cybersecurity professional specializing in SIEM engineering and Incident Response, with expertise in Splunk, Sentinel, SOAR, EDR, UEBA, and log analytics. Skilled in detection engineering, threat hunting, playbook automation, MITRE ATT&CK mapping, and rapid containment of phishing, malware, and endpoint incidents.
Overview
5
5
years of professional experience
2
2
Certifications
Work History
Incident Response Analyst
Comcast
Chennai
09.2023 - Current
- Monitored and triaged alerts across SIEM (Exabeam SIEM), EDR, UEBA, NDR, and email security platforms.
- Investigated phishing attacks using header analysis, URL checks, and threat intelligence enrichment.
- Performed endpoint investigations to identify malicious processes, persistence, and lateral movement.
- Correlated multi-source logs to detect attack patterns and reduce false positives.
- Mapped threats to MITRE ATT&CK techniques for structured analysis.
- Executed end-to-end incident response: detection, analysis, containment, eradication, and recovery.
- Responded to macOS malware (AMOS infostealer) involving trojanized application and multi-stage execution.
- Performed forensic triage: process analysis, command-line review, file hash validation, and network investigation.
- Contained threats via host isolation, IOC blocking, and credential resets.
- Documented incidents and collaborated with IT/Risk teams for remediation and compliance.
- Built and optimized SOAR playbooks using Cortex XSOAR for phishing triage and automated response.
- Integrated threat intelligence and automation workflows to reduce manual effort and improve MTTR.
- Leveraged tools like Darktrace for anomaly detection and behavioral analysis.
- Conducted RCA and improved detection rules, playbooks, and response processes.
- Reduced MTTR (~40%) and phishing triage effort (~60%) through automation and tuning.
Cybersecurity Analyst
Ernst & Young
Chennai
07.2021 - 09.2023
- Engineered and tuned SIEM detections in Splunk across Firewall, IDS/IPS, EDR, and endpoint telemetry.
- Investigated and triaged security alerts, performing in-depth log analysis to identify anomalies and support incident response.
- Developed and maintained playbooks to standardize alert triage and response workflows.
- Built advanced SPL queries, dashboards, and reports to enhance threat visibility and stakeholder reporting.
- Managed Splunk components (indexers, forwarders, search heads), monitoring ingestion, licensing, and platform performance.
- Integrated new log sources and expanded detection coverage across ELK Stack environments.
- Conducted proactive threat hunting using MITRE ATT&CK and Cyber Kill Chain methodologies.
- Collaborated with engineering teams to refine use cases, data models, and improve overall detection accuracy.
Education
Bachelors in Engineering - Computer Science And Engineering
Sri Venkateswara College of Engineering
Chennai05-2021
Skills
- Incident Response (Detection, Analysis, Containment, Recovery)
- Threat Hunting & Threat Intelligence Integration
- SIEM Engineering & Use Case Development (Splunk, Microsoft Sentinel)
- SOAR Automation & Playbook Development (Cortex XSOAR)
- Endpoint Detection & Response (CrowdStrike Falcon, MS Defender)
- Email Security & Phishing Analysis (Proofpoint, Mimecast)
- UEBA & Network Detection (Exabeam, Darktrace)
- MITRE ATT&CK Framework & TTP Mapping
- Digital Forensics & Evidence Collection
- Scripting & Automation (Python, PowerShell)
- AI-driven Security Automation (Microsoft Copilot, ChatGPT)
- SOC Operations & Incident Management (MTTD / MTTR Optimization)
Certification
CHFI
Accomplishments
Spotlight - Comcast
Timeline
Incident Response Analyst
Comcast
09.2023 - Current
Cybersecurity Analyst
Ernst & Young
07.2021 - 09.2023
Bachelors in Engineering - Computer Science And Engineering
Sri Venkateswara College of Engineering