Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

PAVAN BHOGIREDDI

Hyderabad

Summary

Security analyst with JIO over 4.4 years of experience in incident response, forensics. Proven ability to lead and manage investigations, identify and mitigate threats, and secure systems against attack. Experienced in collaborating with executive-level staff to develop and implement security strategy.

Overview

5
5
years of professional experience
1
1
Certification

Work History

Security Engineer

Jio Platforms Limited
Bhubaneswar, India
12.2025 - 04.2026
  • Creating the reports, maintaining the shift handover timings, and initiating the calls.
  • Made recommendations to improve security procedures and systems.
  • Implemented security measures to protect systems from malware, phishing, and other cyber threats.
  • Perform health checks for AV infrastructure and distribute reports regularly.
  • Provided technical support, resolving queries and issues raised by system users.
  • Experience in creating and maintaining the daily, weekly, and monthly reports of device health status using Defender ATP.
  • In-depth understanding of networking concepts, protocols, and knowledge of infrastructure, identity, and endpoint security technologies such as AD, Azure AD, Next Gen Firewall, IDS, AV, EDR, CASB, WAF, DLP, ATP, SIEM, and Proxy.
  • Experienced in identifying, detecting, and responding to security incidents and threats according to the defined policies and procedures in Security Operations.
  • Strong understanding of security tools and processes such as SIEM, IDS, XDR, SOAR, malware analysis, attack simulation tools, and vulnerability scanners.
  • Strong hands-on experience with cloud providers (AWS, GCP), virtual machines, and onboarding those instances into Defender 365.
  • Deploy, configure, and maintain EDR agents on Windows, macOS, and Linux endpoints.
  • Proactively perform monitoring, investigation, and analysis of SIEM alerts received from multiple devices, which include servers, firewalls, and Office 365.
  • Good hands-on experience in analysing risky user behaviour in Azure AD, revoking user sessions, and resetting passwords if required.
  • Good hands-on experience in troubleshooting agent connectivity issues and deploying onboarding packages on Defender.
  • Continuously monitoring and interpreting threats using the IDS and SIEM tools.
  • Taking the appropriate action based on advisories, IOCs, identifying threat actors using MITRE ATT&CK, and coordinating with the respective team to block the IOCs.
  • Experience in monitoring, responding to, and analysing trends in workstations and servers for security-related events.

Security Associate

IBM
Pune
11.2023 - 06.2025
  • Strong knowledge and professional experience in central logging, log management, and QRadar, Splunk SIEM architecture.
  • Strong experience in managing Endpoint Agents over Windows and Linux operating systems, Active Directory integrations, and Windows Event Logs.
  • Experience in working on host isolation and advanced threat analysis using the EDR, MS Defender ATP.
  • Prepare Endpoint Compliance reports and initiate the remediation activities wherever required.
  • Experience in adding and deploying a client onboarding configuration file; Configuration Manager can monitor deployment status, and Microsoft Defender ATP agent health.
  • Experienced in creating log-analytics rules based on the client's requirements by configuring different data tables using KQL language.
  • Experience in troubleshooting Zscaler client connector issues and ZIA website access.
  • Experience in Data Analytics, Advanced Data Analytics, Visualisation, Advanced Visualisation, Dashboard Customisation, and Advanced Dashboard Customisation in Splunk.
  • Strong knowledge and working experience in Office 365 email gateway solutions. Completely own, manage, monitor, and administer the email security stack and policies for both on-premises and cloud environments, including Office 365 email security solutions.
  • In-depth understanding of networking concepts, protocols, and knowledge of infrastructure, identity, and endpoint security technologies such as AD, Azure AD, Next Gen Firewall, IDS, AV, EDR, CASB, WAF, DLP, ATP, SIEM, and Proxy.
  • Experienced in identifying, detecting, and responding to security incidents and threats according to the defined policies and procedures in Security Operations.
  • Strong understanding of security tools and processes such as SIEM, IDS, XDR, SOAR, malware analysis, attack simulation tools, and vulnerability scanners.
  • Handling SPAM and phishing email submissions from end-users and taking containment steps by further investigating domains and IPs to recommend proper blocking, and creating SPF, DKIM, and DMARC records for the domains to protect against spoofing.
  • Investigate malicious phishing emails, domains, and IPs using open source tools, and recommend proper blocking based on analysis.
  • Perform daily, weekly, and monthly scheduled tasks for MS Defender ATP.
  • Implementation of use cases using KQL with complex correlation across different data sources in Azure Sentinel.
  • Experience in AIR (Automated Investigations and Remediation) policies and their implementation.

Security Analyst

BNP Paribas
Chennai
12.2022 - 11.2023
  • Analyse and investigate alerts in the SOC monitoring tool to report any abnormal behaviours, suspicious activities, or traffic anomalies.
  • Analyse malicious campaigns and evaluate the effectiveness of security technologies.
  • Analysing the phishing emails reported by the employees to the SOC team, and identifying whether the reported email is phishing, spam, or legitimate.
  • Monitoring the triage of insider threats and User Behavioural Analytics (UBA) via broadsheet by using the Tableau tool, creating reports and dashboards, and fine-tuning rules (alert fine-tuning).
  • Blocking and enabling the warning/unsecure Smart Screen alerts for end users regarding detected phishing URLs, malware files, and IPs on Defender.
  • Creating an incident ticketing system, analysing, managing, and tracking security incidents to closure by coordinating with different teams.
  • Leading operations and monitoring security components 24/7, identifying real-time alerts, events, log analysis, and investigating incidents on a daily basis for a better workflow environment.
  • Creating and fine-tuning conditional access policies, and ASR rules in Intune.
  • Hands-on experience in creating use cases and custom detection rules using the KQL and SPL languages.
  • Managing the PIM and PAM access using the Azure Entra admin centre.
  • Working experience in a SOC environment with hands-on experience using the SIEM Splunk tool, which includes log analysis, fine-tuning existing correlation rules to reduce false positives, and responding to incidents.
  • Monitor various security tools (Email Gateway, IDS/IPS, EDR, SIEM, etc.). For security events and triage, security incidents.
  • Knowledge of email security threats and security controls, including experience analysing email headers.
  • Monitoring the dashboards and assigning tickets using Splunk.
  • Creating the reports, maintaining the shift handover timings, and initiating the calls.
  • Made recommendations to improve security procedures and systems.
  • Implemented security measures to protect systems from malware, phishing, and other cyber threats.
  • Perform health checks for AV infrastructure and distribute reports regularly.
  • Provided technical support, resolving queries and issues raised by system users.
  • Experience in creating and maintaining the daily, weekly, and monthly reports of device health status using Defender ATP.
  • Expertise in building use cases around the NIST and MITRE ATT&CK frameworks to enable detection at various stages of a cyber-attack.
  • Implemented database management techniques to ensure data integrity, and security.

Security Analyst

incentaHEALTH
Hyderabad, India
07.2021 - 11.2022
  • Performed authenticated and unauthenticated scans to identify system, application, and network vulnerabilities, with accurate risk scoring.
  • Integrated Microsoft Purview with security tools such as Microsoft Sentinel to enhance threat detection, incident response, and compliance visibility.
  • Configured and managed scheduled vulnerability scans in Rapid7 InsightVM, including scan templates, scan engines, asset groups, and scan frequencies.
  • Analysis of Phish emails reported by users to identify the type of attack, and take immediate remediation.
  • Good understanding of Azure Active Directory, Azure MFA, and conditional access.
  • Experience in providing end-to-end support to enterprise counterparts, identifying the root cause of sophisticated enterprise initiatives, with endpoint security solutions such as Microsoft Defender ATP.
  • Monitor, respond to, and analyse trends in workstations, servers, and security related events.
  • Perform daily, weekly, and monthly scheduled tasks for Defender ATP. Experienced in writing correlation rules with respect to KQL and SPL languages.
  • Experienced in examining suspicious emails for malicious content, and providing recommendations on remediation actions using Office 365.
  • Experience in managing Defender firewall policies, device exceptions, and other security rules via the Defender Intune portal. File blocking, virus definition reporting, and endpoint reporting.

Education

B.Tech - E.E.E

DNR College of Engineering and Technology
Bhimavaram, AP
01-2021

Skills

  • EDR: Microsoft ATP Defender, Crowd strike
  • SIEM: Splunk, Qradar
  • Cloud Security: Azure Sentinel
  • SOAR : Azure Sentinel
  • WAF : MCAS ( cloud app security)
  • Email Security: office-365,Proofpoint
  • IDS/IPS : Alert investigation and remediation
  • Vulnerability Management: Rapid-7
  • ANTIVIRUS: Symantec
  • Incident response: Service now
  • End point security Administration

Certification

  • SC200- Security operational analyst.
  • SC300- Identity and access management administrator.
  • AZ900- Azure Fundamentals.

Timeline

Security Engineer

Jio Platforms Limited
12.2025 - 04.2026

Security Associate

IBM
11.2023 - 06.2025

Security Analyst

BNP Paribas
12.2022 - 11.2023

Security Analyst

incentaHEALTH
07.2021 - 11.2022

B.Tech - E.E.E

DNR College of Engineering and Technology
PAVAN BHOGIREDDI