Mahesh Gugulothu

SOC Specialist: 10/2024 - Present.

• Strengthened defenses against Distributed Denial of Service (DDoS) attacks at Deliveroo. Implemented robust controls in Cloudflare's WAF to detect and mitigate DDoS attempts. Achieved zero successful DDoS attacks since February 2025 due to strategic measures.
• Served as the Technical SME from the SOC team for the Email Security project, focused on addressing the rising threat of targeted phishing attacks. Successfully led the onboarding of an email security tool, Abnormal, mitigating existing challenges, and enhancing the organization’s overall defense.
• Worked closely with the Security Operations and Automation (SOA) team to refine Data Loss Prevention (DLP) processes. By deploying Netskope RTP controls, we boosted DLP efficiency and accuracy. Also, minimized the analyst's manual workload by enhancing automation stories in Tines.

• Investigating and triaging security alerts ranging from phishing, malware, network attacks, policy violations, security breaches, unauthorized access, misconfiguration, and privacy-related incidents, primarily affecting end-user devices and in AWS cloud infrastructure.
• Supporting wider security incident investigations involving threat intelligence, digital forensics stakeholders, and engineering teams.
• Performed proactive Threat Hunts across Windows, Mac, and AWS environments to identify and analyze malware instances, and implemented corresponding detection rules.
• As part of the Security team's initiative to move toward a passwordless environment, I played a key role in the project that implemented Google Passkeys for employees.
• Handling critical security incidents, including the implementation of rules on WAF via Terraform and CloudFlare UI to prevent live DDoS attacks from disrupting operations.
• Effectively utilizing security solutions like SIEM, EDR, SWG, etc. for log analysis and correlation to identify security incidents, and determine their root causes.
• Consistently enhancing and upkeeping security operations playbooks.
• Addressing user inquiries regarding security matters and directing them to the relevant security teams for resolution, as well as conducting security awareness training sessions for employees from different regions, and orienting new hires on security protocols.

• An analyst of Wipro's Global SOC team, overseeing internal security logs across the globe.
• Monitoring and analyzing security alerts in real-time, and resolving incidents promptly according to SLA requirements.
• Handling Phishing emails and identifying misconfigured policies.