Prasadh Kuppala

-

• Monitored System logs, user activities on the network for suspicious behavior or malicious activity using by SIEM tool.
• Investigate network traffic logs, firewall logs, intrusion detection system alerts, and antivirus reports to identify potential threats.
• Analyzed system risk to identify and implement appropriate security countermeasures security incidents and breaches, as appropriate.
• Responded promptly to cyber incidents by analyzing attack signatures, isolating affected systems, and restoring normal operations.
• Perform Incident investigation, Remediation, Resolution and follow up for incident closure with concerned team.
• Co-operate with SIEM team for the fine tuning of use cases if required, with full details of false positive events.
• Analyzing phishing and spam-related activities and notifying the client.
• Interacting with the client during the meeting and responsible for the entire shift as lead.
• Fetching and providing the logs to the client/partners and other teams on request.
• Monitoring the group mail inbox for any other security breaches information from client and other partners.
• Collaborated with stakeholders to implement and update disaster recovery plans.
• Maintained up-to-date knowledge of evolving cybersecurity trends and technologies.
• Made recommendations to improve security procedures and systems.
• Worked closely with fellow security personnel to remedy and alleviate technology issues.
• Analyzed security procedure violations and developed plans to prevent recurrence.
• Updated existing processes and procedures related to cybersecurity best practices regularly.
• Learned about latest security threats from blogs and online publications.
• Provided training on various topics related to cybersecurity awareness and best practices.
• Mentored junior employees in departmental activities and procedures.
• Assisted with developing strategies for responding to potential cyber-attacks such as malware outbreaks, phishing campaigns, ransomware attacks.
• Promoted security awareness among employees and clients to alleviate risks and breaches.
• Reviewed security bulletins and vulnerability patch releases.
• Collaborated closely with team members to achieve project objectives and meet deadlines.
• Completed day-to-day duties accurately and efficiently.
• Utilized various software and tools to streamline processes and optimize performance.
• Provided excellent service and attention to customers when face-to-face or through phone conversations.
• Preparing daily, weekly and monthly reports.

• Monitoring, Investigating, and analyzing the real-time security events in SIEM Software.
• Working on incidents for detailed analysis and providing mitigation actions on alerts.
• Analyzing the real time events for both network and security devices like Firewall, IDS, IPS, Proxy using SIEM tool
• Malware incidents were monitoring Cylance End point Manager and creating Ticket for Malicious alerts.
• Checking user reported email whether its real phishing or spam email and reply to user according to the investigation and actions
• Good understanding on different types of attacks.
• Follow up the tickets either TP/FP until closure by ticketing tool.
• Working on assign ticket queue and understanding and exceeding expectations on all tasked SLA commitments and Track and report on closure of tickets as per SLA
• Attending client meetings and escalating the issues if necessary

• Monitor the Security alerts for suspicious activity using by SIEM tool.
• Responding to and managing security incidents and breaches as appropriate.
• Detail investigation of incidents with remediation.
• Tracking of incident to resolution and follow-up for incident closure with concerned team.
• Advise incident responders on the steps to take to investigate and resolve security incidents.
• Checking the group mail inbox for any other security breaches information from client and other partners.
• Working on incident reviews before assigning to the client/partners.
• Analyzing Phishing emails related activities and notifying to the client.
• Responsible for interacting with client during the meeting.
• Responsible for taking handover at the starting of the shift and passing the proper updated handover information to the next shift.
• Fetching and providing the logs to the client/partners and other teams on request.
• Providing the quick information with all the details of investigation in case of high severity incident and some time helping to the team in quick resolution.
• Working on assign ticket queue and understanding and exceeding expectations on all tasked SLA commitments.
• Good Knowledge on preparing reports like Daily, Weekly reports as per client requirements.
• Escalating issues to level2 (or) level3 and management when necessary

• Investigating, and analyzing the real-time security events in Arcsight console
• Working on incidents and reviewing the alerts and do detailed analysis on alerts
• Analyzing the real time events for both network and security device as triggered in SIEM
• Monitoring of incidents in Symantec Endpoint protection manager (SEPM)
• Providing deep investigation for IPS alerts by doing packet analyzing
• Good understanding on different types of attacks
• Expert in understanding TCP/IP and traffic flow
• Working on assign ticket queue and Understanding and exceeding expectations on all tasked SLA commitments and Track and report on closure of tickets as per SLA
• Attending client meetings twice in week and escalating the issues if necessary

• Monitoring, Investigating, and analyzing the real-time security events in SIEM tools.
• Having Experience on SIEM tool such as IBM Q-Radar
• Regular health checks monitoring, log analysis and reporting
• Investigate incidents using Active Channels /Dashboards/ Events/ Graphs/ Annotations and reports
• Perform security SIEM operational task- Rules, Filters, Active channels, Reports, Field sets and Analysis
• Working on assign ticket queue and understanding and exceeding expectations on all tasked SLA commitments
• Good Knowledge on preparing reports like Daily, Weekly and Monthly reports as per client requirements
• Escalating issues to level2 (or) level3 and management when necessary