GIRIJA DONDAPATI
Weir Views, Melton
Summary
Over 3+ years of professional experience as a SOC Analyst-Proven ability in monitoring, analyzing, and responding to security events, specializing in the deployment, configuration, and management of Splunk and Sentinel environment. Proficient in designing and implementing Splunk solutions to enhance security monitoring capabilities. Extensive experience in developing and optimizing data, custom dashboards, and complex queries to provide actionable insights and real-time visibility into security threats. Dedicated to continuous learning and staying updated on the latest security trends and advancements.
Overview
8
8
years of professional experience
1
1
Certification
Work History
SOC Analyst II
UST Global
10.2024 - Current
- Monitor and audit: Monitor systems and network activity for suspicious activity
- Incident response: Investigate and respond to incidents, and contain and mitigate threats
- Alert triage: Assess the validity and severity of alerts from security tools
- Implement and manage security tools: Use tools like SIEM, EDR, and SOAR to identify and repel threats
- Compliance: Ensure that security procedures and practices comply with industry regulations
- Threat analysis: Analyze threats, vulnerabilities, and incidents to recommend remediation steps
- Collaborate: Work with other departments to ensure that systems are secure
- Incident investigation and escalation: first triage required to determinant of the triggered incident is a true or false positive and understand the received information
- During this phase analyst perform review on received information in CDC
- The review includes but not limited: Review the automation status, Review the result of the automation, Focus on involved entities, such as source IP, source user, destination IP, destination user, involved hosts, activity, detection, system action and etc, Review enrichment on each involved entity, Recognize critical assets (hosts, IPs, users) and reviewing all involved entity (enriched data and connection between entity) analyst decided is that incident False positive or True positive
- First Investigation: first investigation is get better picture on triggered incident and by using automations, and pre-defined playbooks and template reduce incident investigation time monitor incoming security alerts and assess whether they require further investigation by a higher-level analyst
- Good understanding on various tools and technologies, including security information and event management (SIEM) systems, intrusion prevention/detection systems (IPS/IDS), and endpoint detection and response (EDR) tools, to monitor network traffic and identify potential security incidents
SOC Analyst
IBM India Pvt Ltd (Alchemy Techsol)
06.2021 - 05.2022
- Installing and configuring Splunk Enterprise and Sentinel environments
- Setting up and Splunk indexers, search heads, and forwarders
- Configuring data inputs from various sources and develop and manage data parsers, field extractions, and indexes
- Monitored security alerts and events using SIEM tools to identify potential security incidents
- Worked on SIEM tools like Splunk and Sentinel to analyze and respond to security incidents in real time
- Administered role-based access controls across the Search Head cluster, ensuring secure and appropriate user permissions
- Analyzing security incidents and providing incident response and escalating to higher teams when needed
- Collaborated with teams and participated in security monitoring processes and procedures
- Create and manage saved searches, alerts, and reports and Writing and optimizing complex queries using Search Processing Language
System Administrator
Kurela Cognisive
11.2017 - 09.2018
- Server Monitoring and Database Monitoring
- Batch job processing
- Fine tuning of alerts
SYSTEM ADMINISTRATOR
IBM India Pvt Ltd (Collabera Technologies)
11.2016 - 06.2017
- Following ITIL methodology in creating Incidents, Request and Service Request in ITSM ticketing tool (Maximo)
- Providing technical support via telephone, email, and face-to-face to users
- Creating profiles and allocating resources for new onboarding members
- Processing Generic email and network drive access requests
- Hands on experience Office -10, 13, 16
- Support for Network Drive related issues and requests
- Support to Network Printers, Scanners remotely and On-site
- Troubleshooting Outlook issues
- Troubleshooting Internal Applications
Education
Bachelor of Technology - Electronics and Communication Engineering
JNT University
06-2016
Master of Science - Telecommunications
Riga Technical University
02.2021
Skills
- Security Operations Center Analyst
- Proficient in Splunk
- Sentinel Operations
- SIEM Tool Administration
- Dashboard Data Analysis
- Threat Identification
- Incident Management
- Log Analysis
- Network Security
- Intrusion prevention
- EDR tools-Cybereason
- Cyberproof Detection Center(CDC)
- ServiceNow
- Intrusion detection
- Network security
- Network monitoring
- DDoS prevention
Certification
- CompTIA Certification
- Splunk Enterprise Certified Admin
Timeline
SOC Analyst II
UST Global
10.2024 - Current
SOC Analyst
IBM India Pvt Ltd (Alchemy Techsol)
06.2021 - 05.2022
System Administrator
Kurela Cognisive
11.2017 - 09.2018
SYSTEM ADMINISTRATOR
IBM India Pvt Ltd (Collabera Technologies)
11.2016 - 06.2017
Master of Science - Telecommunications
Riga Technical University
Bachelor of Technology - Electronics and Communication Engineering
JNT University
Similar Profiles
MADHAVI CHENGATUMADHAVI CHENGATU
Business Analyst at Carelon Global Solutions: Summitworks Technologies and UST GLOBALBusiness Analyst at Carelon Global Solutions: Summitworks Technologies and UST GLOBAL
Sulvin VargheseSulvin Varghese
Software Engineer at UST GlobalSoftware Engineer at UST Global
Priyanka GoelPriyanka Goel
Test Lead at UST GlobalTest Lead at UST Global