Majeti Siva ram
Security Analyst
Hyderabad
Summary
A Competent professional with 4+ years in Information Security as a Security Analyst. Hands-on experience with SIEM tools for logs monitoring and analysis on SOC (Security Monitoring and Operation) and SIEM (Security Information and Event Management) tools like Monitoring real-time events. I use Splunk, IBM Qradar, Azure Sentinel & Malware Analysis and have good hands-on experience with DLP, EDR, and Email security. Knowledge of McAfee and LogRhytm, Crowdstrike (EDR, Malware Hunting), DLP - (Symantec), Email -Proof point Microsoft Advanced Threat Protection - ATP Microsoft O365 Security. Good knowledge of networking concepts includes OSI layers, subnet, TCP/IP, ports, DNS, DHCP, firewall monitoring, content filtering, checkpoint, etc. Good understanding of security solutions like Anti-virus, DLP, Proxy, Firewall filtering/monitoring, IPS, Email Security, and Vulnerability Assessment Hands-on experience in endpoint security. Training: SIEM (Splunk, Qradar, Azure Sentinel) Malware Analysis, email security, DLP, Incident Lifecycle
Overview
5
5
years of professional experience
6
6
Certifications
Work History
Security Analyst
HCLTech
5 2023 - Current
- Project: IR Team incident response team
- SIEM Management: Proficiently utilizes Splunk, IBM Qradar, and Azure Sentinel for monitoring and analyzing security events
- Network Security: Managed and configured firewalls, VPNs, IDS/IPS, and proxies to ensure robust network security
- Incident Response: Led the investigation of security incidents, including the collection of additional information and partnership on containment strategies
- Cyber Threat Analysis: Performed detailed cyber and technical threat analyses, assessing the extent and severity of security incidents
- Vulnerability Scanning: Conducted regular vulnerability assessments using Qualys and Nexpose to identify and mitigate potential security risks
- OS and Network Administration: Configured and managed network systems, ensuring optimal performance and security
- Application Security: Implemented and managed web and email security measures, ensuring the safety of O365 environments
- Networking Protocols: Utilized in-depth knowledge of TCP/IP and internet/network security to configure and maintain secure network environments
- Endpoint Security: Deployed and managed Carbon Black to enhance endpoint protection
- Accessed systems to collect additional information as needed and partnered on a strategy to enable containment (IP/Domain/System/User blocking)
- Incident Response and Investigation: Helped determine logistical and demographic information to assess the extent and severity of damage or compromise
- Creation of reports and dashboards and rules fine-tuning
- Phishing Email Analysis: Conducted thorough analyses of phishing and spam emails, utilizing Check Point and Digital Garden tools to enhance email security
- Identify, investigate, or resolve security breaches and incidents
- Creating a Dashboard on Splunk to analyze the Data
- Initial troubleshooting with respect to Log Source Communication issues
- Working in GSOC (Global Security Operation Center) with multiple clients
- Creating Report alerts and investigating issues identified while monitoring the live traffic
- Preparing RCA documents and daily/weekly/monthly Reports
- Handling multiple customers globally analyzing the customer networks for potential security attacks
- Support security incident response processes in the event of a security breach by providing incident reporting
- Integrating Symantec's advanced threat protection, DLP's sensitive data safeguards and McAfee's robust antivirus ensures comprehensive cybersecurity defense and data integrity.
Security Analyst
Accenture
07.2019 - 05.2023
- Project: Security Monitoring and Operations
- Serving as an Analyst in SOC operations for real-time monitoring, analyzing logs from various security/Industrial appliances
- Administrating various incidents/security alerts triggered in the SIEM tool
- Carrying out log monitoring and incident analysis for various devices such as Firewalls, IDS, IPS, databases, web servers, etc
- Security event analysis and intrusion detection by review and analysis of events generated by various components including IDS/IPS, firewalls, Routers, DB, OS, and various types of security devices
- Knowledge of Installation, Configuration, and upgradation of various connectors, and their troubleshooting
- Application Security: Implemented and managed web and email security measures, ensuring the safety of O365 environments
- Monitoring the customer network using IBM SIEM tool - Splunk, QRadar Performing Real-Time Monitoring, Investigation, Analysis, Reporting, and Escalations of Security Events from multiple log sources
- Design, develop, and create correlation rules within the Security Information and Event Management SIEM platform
- Maintain a keen understanding of evolving internet threats to ensure the security of client networks
- Contacting customers directly during high-priority incidents and assisting them in mitigating attacks
- Troubleshooting SIEM dashboard issues when no reports are being generated or no data is available
- Determine the scope of a security incident and its potential impact on the Client network and recommend steps to handle the security incident with all information and supporting evidence of security events
- Responsible for operational monitoring and investigating incidents up to the point of suspicion of a malicious action/security incident
- Remediation and Recovery: Responsible for the remediation of any findings regarding security incidents and vulnerabilities
- Symantec's advanced threat protection, DLP's sensitive data safeguards, and McAfee's robust antivirus solutions ensure comprehensive cybersecurity defense and data integrity
- Ensured operational team members and other personnel were educated on how to report a cybersecurity incident and how to preserve evidence
- Reported all incidents with potential breach notification requirements
- Partnered with the GSO 'Central Playbook Team' (CPT) to help develop detections.
Education
BACHELOR OF TECHNOLOGY ENGINEERING -
KIET Engineering College
06.2018
Skills
SIEM
Disclaimer
I do hereby confirm that the information given in this form is true to the best of my knowledge and belief.
Certification
Paloalto networks (Firewall)
Timeline
Paloalto networks (Firewall)
08-2024
Freedom with AI (AI)
08-2024
QRadar Security Information and Event Management (SIEM)
06-2024
Information security
05-2024
ML,AI,GEN AI And CHATGPT
05-2024
Ethical Hacking for Beginners
11-2022
Security Analyst
Accenture
07.2019 - 05.2023
Security Analyst
HCLTech
5 2023 - Current
BACHELOR OF TECHNOLOGY ENGINEERING -
KIET Engineering College
Similar Profiles
Arnold PattenArnold Patten
Developer at HCLTechDeveloper at HCLTech
Nivetha BNivetha B
Linux Administrator at HCLTechLinux Administrator at HCLTech
NEHA SHARMANEHA SHARMA
PMO-CIO (Deputy Manager) at HCLTechPMO-CIO (Deputy Manager) at HCLTech
Brajendra KumarBrajendra Kumar
Cloud Consultant at HCLTechCloud Consultant at HCLTech
V V V SATYA NAVEENV V V SATYA NAVEEN
SAP Basis Consultant at Tata Consultancy ServicesSAP Basis Consultant at Tata Consultancy Services