N. Kishore Kumar Reddy

• Extensive experience of supporting and configuring Endpoint detection and response (EDR) tools. Extensive experience of supporting and configuring Security information and event management (SIEM) tools.
• Implementation of next-generation Intrusion Prevention solutions based on Palo Alto technologies Extensive experience of supporting and configuring Endpoint detection and response (EDR) tools.
• Proficient in network security protocols and technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), VPNs, and SIEM solutions.
• Extensive experience in conducting security assessments, vulnerability scanning, and penetration testing.
• Deep understanding of cryptographic protocols and encryption algorithms.
• Skilled in incident response and digital forensics, including evidence gathering, analysis, and reporting.
• Monitor network traffic for suspicious activities and investigate security incidents to determine the root cause and implement appropriate remediation actions.
• Collaborate with cross-functional teams to design and deploy secure IT solutions and infrastructure.
• Familiarity with cloud security principles and architectures (AWS, Azure, Google Cloud).
• Familiarity with cloud security principles and architectures (AWS, Azure, Google Cloud). Monitored and analysed security events using SIEM tools to identify potential threats and vulnerabilities.
• Conducted regular security assessments and penetration tests to evaluate the effectiveness of existing security measures.
• Monitored security logs and alerts to detect and investigate potential security breaches. Conduct regular vulnerability assessments and penetration tests to identify and mitigate potential security risks.
• Working on AWS Guard Duty Incidents
• Working on Crowdstrike EDR Alerts
• Working on EXtrahop Alerts for
• Continuous failed connection through RDP to servers
• Worked on Active Directory
• Working on DNS Txt Alerts
• Working on CertStram Alerts , consisting of blocking malicious domains
• Working on MFA(Multi Factor Authentication) and Account Take Over (ATO) Incidents
• Working on Credential Stuffing
• Working on ProofPoint for Phishing, SPAM emails

Tools: Crowdstrike, Splunk, Devo, DivvyCloud, Palo Allto, Cortex SOAR, Proofpoint Trap,

ProofPoint TAP, ProofPoint MTA, BlueCat, Airwatch, JamF, JoeSandbox, Active Directory,Office 365,Service Now

• Analyzed network traffic and system logs to detect malicious activities.
• Investigated and resolved incidents of unauthorized access to sensitive information.
• Educated and trained users on information security policies and procedures.
• Hands-on experience on QRadar Integration from all Towers ( Windows and Linux and Network devices).
• Manage day-to-day operations of QRadar system, including patching, tuning, and monitoring.
• Creating and fine-tuning correlation rules, alerts, and use cases within the SIEM to detect and respond to security incidents effectively.
• Developed automated reports to facilitate better insights into EPS (Events Per Second) and error log data from diverse source devices. Additionally, generated reports to identify the top contributing logs to the SIEM and the most frequent offenses detected.
• To collect, normalize, and aggregate log source data from various sources, such as firewalls, IDS/IPS, endpoints, servers, applications, etc., into the SIEM platform.
  
  

• Working on Arc Sight SIEM Tool for Providing the SOC (Security Operation Centre) Operations.
• Monitor real-time security events on Arc sight console and Event Analysis and Investigating.
• Working on incidents, reviewing the alerts, and doing a detailed analysis of alerts.
• Investigate incidents using Active Channels/Dashboards/Events/Graphs/Annotations and reports.
• Regular health checks monitoring, log analysis, and reporting.
• Creating and submitting daily, weekly, and monthly reports without errors using query viewers.
• Providing 24*7 support and coordinating with required team to resolve the issues.

• Researched billing and invoice problems and resolved issues in compliance with established standards.
• Analyzed trends and monitored customer behaviors to serve as predictors for future marketplace actions.
• Identified system errors and applied established company policies and procedures to resolve issues.
• Invoiced customers for purchases of goods and services to adhere to accounting standards and generate revenues.