Summary
Overview
Work History
Education
Skills
Certification
Languages
Additional Information
Timeline
Generic
Murugaiah Raghuvaran

Murugaiah Raghuvaran

Hyderabad

Summary

Cybersecurity professional with over 10 years of experience leading security operations and incident response. Skilled in building and managing SOC teams, orchestrating 24/7 security monitoring, and developing robust workflows to mitigate cyber threats. Proficient in leveraging tools like Splunk, Crowd Strike, and Cisco Umbrella to enhance threat detection capabilities. Adept at aligning security operations with business objectives, fostering team development, and maintaining industry-standard SLAs and KPIs.

Overview

12
12
years of professional experience
1
1
Certification

Work History

Security Manager Cyber Defense

Veradigm
04.2024 - Current
  • Successfully established a SOC team from scratch, hiring and training analysts to manage 24/7 operations while fostering a collaborative and high-performance work culture.
  • Developed and implemented SOC processes, workflows, and customized playbooks to ensure efficient incident detection, response, and remediation.
  • Leveraged SIEM tools (Splunk and Azure Sentinel) and EDR solutions to monitor, detect, and respond to sophisticated cyber threats, ensuring compliance with SLAs and KPIs.
  • Facilitated effective incident handling by coordinating between technical teams, stakeholders, and senior leadership, providing timely and accurate updates on incident status.
  • Organized knowledge transfer sessions and comprehensive training programs for analysts to ensure the team is well-versed in using tools like Splunk, Cisco AMP, Crowd Strike, and SentinelOne.
  • Ensured balanced resource allocation across shifts, enabling uninterrupted monitoring and incident response.
  • Ensured all SOC activities adhered to industry regulations and internal policies, improving audit readiness and risk management.
  • Monitored and optimized key performance indicators, including Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR), ensuring SOC efficiency.
  • Partnered with cross-functional teams for smooth operations during Veradigm’s SOC separation process, maintaining operational integrity and readiness for 24/7 operations.
  • Maintained detailed documentation for SOC operations, tool usage, and incident handling to promote consistency and clarity across the team.

Senior SME SOC

Microland Limited
11.2022 - 04.2024
  • Security Operation Center – Lead Responsibilities:
  • Led a dedicated team of12 professionals, guaranteeing24/7 monitoring of security events, incident management, and cyber intelligence to mitigate potential threats
  • Provides support for complex computer/network exploitation and defense techniques to include identifying and investigating computer and network intrusions
  • Performs research into emerging threat sources and develops threat profiles
  • Keep updated on the latest cybersecurity threats
  • Orchestrated SOC Operations implementation from scratch, leveraging SIEM tools like Splunk and Securonix, and integrated log sources, and major device types like DLP, Qualys, and Sentinel one for enhanced threat detection
  • Expert level understanding of common and emerging security threats and vulnerabilities
  • Ensures that all Incidents are handled appropriately, timely and documented comprehensively as per incident management process and playbooks
  • Managed and executed Security Operations projects, including process improvement and technology investments, and effectively communicated the successes and progress of the security operations center to senior management
  • Provided technical and functional guidance to the team members regarding event monitoring and incident analysis and response, ensuring staff are cross trained on the various tools and technologies used in the SOC
  • Ensure SOC function is delivering the core monitoring, threat detection and response activities adhering to the defined SLAs and SOPs
  • Define and Develop and Implement the Use cases for Security Information Event Management SIEM and other Security Tools based on standard methodologies such as Cyber Kill Chain
  • Ensured maintenance of SLAs and KPIs such as MTTD, MTTR, and Average Response Time within the industry standards, managing daily administration & maintenance of security devices for optimal performance
  • Self-motivated and proven ability to deliver end-to-end solutions in a high-tech and fast-moving industry

Senior Project Engineer

Wipro Technology
12.2021 - 10.2022
  • Security Operation Center – Incident Response Lead Responsibilities:
  • Monitoring, investigating, and identifying threats in client network, analyzing alerts on centralized XSOAR tool and taking further mitigation steps to mitigate risk involved with in assigned SLA
  • Providing incident response/investigation and remediation support for escalated security alerts/incidents
  • Exposure to different Use cases and fine-tuning use cases to reduce false positives
  • Security Incident Monitoring and Response with Securonix SIEM tool and Cortex XSOAR
  • Continuous monitoring, analysis of security alerts and event information from all approved security feeds to include investigation of incidents using system logs, event correlation between Intrusion Detection/ Prevention Systems (IDS/ IPS), Symantec Data Loss Prevention (DLP), firewalls and other means of detection
  • Experience working extensively with technologies such as IDS/IPS, NGFW, EDR, SIEM, HIDS/HIPS, AV, and Vulnerability Scanners
  • Working on threat IOCs received from client threat intel team and taking necessary steps along with blocking them in EDR
  • Guiding L1 analyst during analysis of alerts and follow up with other teams for any security related alerts mitigation
  • Provide weekly summary reports based on security event analysis
  • Knowledge of anatomy of Malware, types of malwares and ability to deal with malware
  • Knowledge of Security technologies like Firewall, IPS/IDS, Proxy, DLP, Antivirus
  • Good knowledge of Networking concepts such as IP, OSI Layers, TCP/UDP, Router, Switch, Network architecture, VPN

Senior Cyber Security Associate

HSBC Software Development Private Limited
11.2015 - 09.2021
  • Threat & Incident Management (SOC) Responsibilities:
  • Working in Security Operation Centre (24x7), monitoring of SOC events, detecting, and preventing Intrusion attempts
  • Good understanding of security solutions like Firewalls, DLP, Anti-virus, IPS, Email Security etc
  • Security Incident Monitoring and Response with Splunk SIEM tool
  • Monitoring, analyzing, and responding to infrastructure threats and vulnerabilities
  • Phishing and Spam Email Analysis
  • Alerts from multiple Security Log sources such as Proxy, Anti-Virus, and EDR
  • Deep dive Investigation through Falcon Crowd Strike EDR
  • Coordinate responses to security incidents in a timely manner
  • Work with various teams across the organization to improve security posture
  • Identity and Access Management Responsibilities:
  • Identification and authentication - Enable users to establish and validate their identity to the system
  • Access control - Restrict user access to protected resources
  • Data confidentiality - Avoid disclosure of sensitive data to unauthorized parties
  • Creation/Deletion/Modification of user profiles on production, testing and development of Lpar's for mainframes/AS400
  • Creating test & production libraries/object as per requirement and object maintenance granting authorities on files as per group standards
  • Deleting unused ids/libraries as per audit standards

Analyst

Serco Group plc
06.2013 - 06.2014
  • Project name: Footprint Google Maps
  • Project Description: Footprint Google Maps Street view is an non-voice process where in we verify and enter the business details collected by the field walker which would get published on maps

Education

Bachelor of Technology -

Jawaharlal Nehru Technological University
Hyderabad
05.2013

Skills

  • SIEM (Securonix & Splunk)
  • EDR
  • Incident Response
  • Malware Analysis
  • Vulnerability Assessment
  • Threat Hunting
  • Identity and Access Management
  • Security operations
  • Staff training and development
  • Team leadership

Certification

  • CEH V9
  • CompTIA Security Plus

Languages

Tamil
English
Hindi
Telugu

Additional Information

Advanced Program in Cyber Security and Cyber Defense (IIT-Kanpur) Cohort7

Timeline

Security Manager Cyber Defense

Veradigm
04.2024 - Current

Senior SME SOC

Microland Limited
11.2022 - 04.2024

Senior Project Engineer

Wipro Technology
12.2021 - 10.2022

Senior Cyber Security Associate

HSBC Software Development Private Limited
11.2015 - 09.2021

Analyst

Serco Group plc
06.2013 - 06.2014

Bachelor of Technology -

Jawaharlal Nehru Technological University

Similar Profiles

CREATE PROFILE
Murugaiah Raghuvaran