Summary
Overview
Work History
Education
Skills
Disclaimer
Certification
Timeline
Generic
Majeti Siva ram

Majeti Siva ram

Security Analyst
Hyderabad

Summary

A Competent professional with 4+ years in Information Security as a Security Analyst. Hands-on experience with SIEM tools for logs monitoring and analysis on SOC (Security Monitoring and Operation) and SIEM (Security Information and Event Management) tools like Monitoring real-time events. I use Splunk, IBM Qradar, Azure Sentinel & Malware Analysis and have good hands-on experience with DLP, EDR, and Email security. Knowledge of McAfee and LogRhytm, Crowdstrike (EDR, Malware Hunting), DLP - (Symantec), Email -Proof point Microsoft Advanced Threat Protection - ATP Microsoft O365 Security. Good knowledge of networking concepts includes OSI layers, subnet, TCP/IP, ports, DNS, DHCP, firewall monitoring, content filtering, checkpoint, etc. Good understanding of security solutions like Anti-virus, DLP, Proxy, Firewall filtering/monitoring, IPS, Email Security, and Vulnerability Assessment Hands-on experience in endpoint security. Training: SIEM (Splunk, Qradar, Azure Sentinel) Malware Analysis, email security, DLP, Incident Lifecycle

Overview

5
5
years of professional experience
6
6
Certifications

Work History

Security Analyst

HCLTech
5 2023 - Current
  • Project: IR Team incident response team
  • SIEM Management: Proficiently utilizes Splunk, IBM Qradar, and Azure Sentinel for monitoring and analyzing security events
  • Network Security: Managed and configured firewalls, VPNs, IDS/IPS, and proxies to ensure robust network security
  • Incident Response: Led the investigation of security incidents, including the collection of additional information and partnership on containment strategies
  • Cyber Threat Analysis: Performed detailed cyber and technical threat analyses, assessing the extent and severity of security incidents
  • Vulnerability Scanning: Conducted regular vulnerability assessments using Qualys and Nexpose to identify and mitigate potential security risks
  • OS and Network Administration: Configured and managed network systems, ensuring optimal performance and security
  • Application Security: Implemented and managed web and email security measures, ensuring the safety of O365 environments
  • Networking Protocols: Utilized in-depth knowledge of TCP/IP and internet/network security to configure and maintain secure network environments
  • Endpoint Security: Deployed and managed Carbon Black to enhance endpoint protection
  • Accessed systems to collect additional information as needed and partnered on a strategy to enable containment (IP/Domain/System/User blocking)
  • Incident Response and Investigation: Helped determine logistical and demographic information to assess the extent and severity of damage or compromise
  • Creation of reports and dashboards and rules fine-tuning
  • Phishing Email Analysis: Conducted thorough analyses of phishing and spam emails, utilizing Check Point and Digital Garden tools to enhance email security
  • Identify, investigate, or resolve security breaches and incidents
  • Creating a Dashboard on Splunk to analyze the Data
  • Initial troubleshooting with respect to Log Source Communication issues
  • Working in GSOC (Global Security Operation Center) with multiple clients
  • Creating Report alerts and investigating issues identified while monitoring the live traffic
  • Preparing RCA documents and daily/weekly/monthly Reports
  • Handling multiple customers globally analyzing the customer networks for potential security attacks
  • Support security incident response processes in the event of a security breach by providing incident reporting
  • Integrating Symantec's advanced threat protection, DLP's sensitive data safeguards and McAfee's robust antivirus ensures comprehensive cybersecurity defense and data integrity.

Security Analyst

Accenture
07.2019 - 05.2023
  • Project: Security Monitoring and Operations
  • Serving as an Analyst in SOC operations for real-time monitoring, analyzing logs from various security/Industrial appliances
  • Administrating various incidents/security alerts triggered in the SIEM tool
  • Carrying out log monitoring and incident analysis for various devices such as Firewalls, IDS, IPS, databases, web servers, etc
  • Security event analysis and intrusion detection by review and analysis of events generated by various components including IDS/IPS, firewalls, Routers, DB, OS, and various types of security devices
  • Knowledge of Installation, Configuration, and upgradation of various connectors, and their troubleshooting
  • Application Security: Implemented and managed web and email security measures, ensuring the safety of O365 environments
  • Monitoring the customer network using IBM SIEM tool - Splunk, QRadar Performing Real-Time Monitoring, Investigation, Analysis, Reporting, and Escalations of Security Events from multiple log sources
  • Design, develop, and create correlation rules within the Security Information and Event Management SIEM platform
  • Maintain a keen understanding of evolving internet threats to ensure the security of client networks
  • Contacting customers directly during high-priority incidents and assisting them in mitigating attacks
  • Troubleshooting SIEM dashboard issues when no reports are being generated or no data is available
  • Determine the scope of a security incident and its potential impact on the Client network and recommend steps to handle the security incident with all information and supporting evidence of security events
  • Responsible for operational monitoring and investigating incidents up to the point of suspicion of a malicious action/security incident
  • Remediation and Recovery: Responsible for the remediation of any findings regarding security incidents and vulnerabilities
  • Symantec's advanced threat protection, DLP's sensitive data safeguards, and McAfee's robust antivirus solutions ensure comprehensive cybersecurity defense and data integrity
  • Ensured operational team members and other personnel were educated on how to report a cybersecurity incident and how to preserve evidence
  • Reported all incidents with potential breach notification requirements
  • Partnered with the GSO 'Central Playbook Team' (CPT) to help develop detections.

Education

BACHELOR OF TECHNOLOGY ENGINEERING -

KIET Engineering College
06.2018

Skills

SIEM

Splunk

IBM Qradar

Azure Sentinel

Application Security

Web Security

Email security O365

Endpoint-Security

Carbon Black

Symantec

DLP

MCAFEE

Vulnerability Assessment

Qualys

Nexpose

networking protocols

Internet/Network Security skills - firewalls, VPN, IDS, IPS, proxies, etc

Antivirus

McAfee

Phishing Email Analysis

Phishing Email Analysis, Spam-Mails, Checkpoint, (USB and Print Logs from Digital Garden) Email Logs from Force point)

Network Security

Palo Alto

Anti-Virus

Network Access Control

Encryption

Perform Cyber and Technical Threat Analyses

OS and network system administration

OS and network system administration skills and concepts around network configuration, segmentation, firewalls

Disclaimer

I do hereby confirm that the information given in this form is true to the best of my knowledge and belief.

Certification

Paloalto networks (Firewall)

Timeline

Paloalto networks (Firewall)

08-2024

Freedom with AI (AI)

08-2024

QRadar Security Information and Event Management (SIEM)

06-2024

Information security

05-2024

ML,AI,GEN AI And CHATGPT

05-2024

Ethical Hacking for Beginners

11-2022

Security Analyst

Accenture
07.2019 - 05.2023

Security Analyst

HCLTech
5 2023 - Current

BACHELOR OF TECHNOLOGY ENGINEERING -

KIET Engineering College

Similar Profiles

CREATE PROFILE
Majeti Siva ramSecurity Analyst