Mallikarjuna Vandavagali
Summary
Working as a Security Analyst with 6+ years of expertise in conducting investigations of diverse incidents such as Ransomware, Malware, Exploits, BEC, and additional cyber-attacks, effectively determining the appropriate course of action to mitigate risks and safeguard against potential threats. Performed advanced threat hunting to proactively identify and mitigate potential risks, while formulating hypotheses for detecting previously undetected alerts.
Overview
7
7
years of professional experience
Work History
Security Analyst
Arete IR
09.2021 - Current
- Conduct thorough investigations into suspicious and malicious activities utilizing SentinelOne, performing in-depth triage analysis to identify attacker footholds, active malware, compromised user accounts, and other indicators of compromise.
- Perform comprehensive analysis of diverse incidents such as Ransomware, Malware, Exploits, BEC, and additional cyber-attacks, effectively determining appropriate course of action to mitigate risks and safeguard against potential threats.
- Deployment of Arisnal Storyline Active-Response (STAR) rules, utilizing advanced Threat Hunting techniques to proactively detect and neutralize threats linked to threat actor activities and breaches.
- Conduct detailed host investigations using Windows event logs, Netstat analysis, remote endpoint access and perform Forensics.
- Maintain comprehensive documentation for SOC procedures, S1 deployment, support, and troubleshooting, while generating daily progress reports for S1 deployment during engagements.
- Formed part of security team that embedded ransomware response plans which lowered impact of cyber-attacks by 60%.
- Increased internal/external customer satisfaction by 40% due to creating detection rules in Sentinel One EDR.
- Enhanced security process efficiencies by 35% through detecting anomalous activity by providing 24/7/265 detection support, and driving response capabilities.
Consultant
Ernst & Young
10.2019 - 08.2021
- Performing cyber defense incident response, analyze security alerts, and performing analysis with various technologies such as QRadar, Sumologic, Dark Trace, TrapX, PhishMe, Azure AD, Azure, ATP, AWS Guard duty. Identify risks, apply threat hunting principles, and create hypotheses for undetected alerts.
- Investigate hosts based on Windows event logs and Netstat to identify executing processes and detect fileless malware.
- Utilize tools like Volatility, Eric Zimmerman's Registry Explorer, and Shell Bag Explorer, as well as Redline.
- Perform analysis and investigations of phishing emails, spam, and security advisories for emerging threats in client infrastructure.
- Proactively gather threat intelligence from global feeds and work with Microsoft Azure cloud security platforms.
- Worked on data breach incidents involving PII, sensitive data, employee-centric information, and consumer data.
- Address incidents belongs to cybersquatting, domain fluxing, and domain impersonation.
System Engineer
Tata Consultancy Services Pvt. Ltd
12.2016 - 10.2019
- Handled administration activities such as rule creation, dashboard development, and integration of log sources into SIEM.
- Proficient in Falcon Insight Endpoint Detection and Response, including understanding its architecture and technical fundamentals.
- Create and modify prevention policies, update sensors and USB device policies, implement whitelisting and prevention hashes.
- Conduct monthly map scans and weekly vulnerability scans using Qualys.
- Collaborate with Qualys team to ensure timely scanner and signature updates.
- Perform vulnerability assessments and assign vulnerabilities to respective teams for remediation.
- Manage Symantec endpoint security operations, including USB exceptions, application whitelisting, GUP policy modification, and malware incident troubleshooting.
- Develop policies based on project team requirement and review threat intelligence and investigate indicators of compromise (IOCs).
- Conduct real-time monitoring and analysis of security events for operational security purposes.
Skills
- Incident Response & Digital Forensics
- Threat Hunting
- Endpoint Detection and Response (EDR): SentinelOne, Falcon Crowdstrike, Windows Defender
- Advanced Threat Protection (ATP)
- SIEM: QRadar, Sumo Logic, Alien Vault
- AI for Cyber Defense: Dark Trace, TrapX
- Business Email Compromise
- Proxy: McAfee, Forcepoint
- Antivirus: Symantec, Cylance Protect
Accomplishments
- Certified in SentinelOne Core Workshop
- Network Security Specialist (ICSI)
- Vulnerability Management (Qualys)
- Certified in Sumo Logic Fundamentals and Administration
Timeline
Security Analyst
Arete IR
09.2021 - Current
Consultant
Ernst & Young
10.2019 - 08.2021
System Engineer
Tata Consultancy Services Pvt. Ltd
12.2016 - 10.2019
Similar Profiles
Ratika GoenkaRatika Goenka
Legal Analyst (Document Review) at Arete IR LLPLegal Analyst (Document Review) at Arete IR LLP
Ashmita MathewAshmita Mathew
Digital Forensic Analyst at Arete IR LLPDigital Forensic Analyst at Arete IR LLP
Kaustubh KashyapKaustubh Kashyap
Billing Engineer and Quantity Surveyor at DKS Constructions-GSU (IR)Billing Engineer and Quantity Surveyor at DKS Constructions-GSU (IR)
Ciaran WalshCiaran Walsh
Security Analyst at CRHSecurity Analyst at CRH
Anush S PatangeAnush S Patange
Security Analyst at Ernst & YoungSecurity Analyst at Ernst & Young