Siranjivi Raju
Summary
Experienced Security Consultant with a demonstrated history of working in the information technology and services industry and validate cyber defences and hardening of critical systems to mitigate future cyber risk.
Coordinating and conducting event collection, log management, event management, compliance automation, and identity monitoring activities using the SIEM Research, analyze and understand log sources utilized for the purpose of security monitoring, particularly security and networking devices (such as firewalls, routers, anti-virus products, proxies, and operating systems)Develop, implement, and execute standard procedures for the administration, content management, change management, version/patch management, and lifecycle management of the SIEM/Log Management platforms support day to day event parsing and repairing of events that have missing or incorrect information, create log source extensions, and flow management Performs all administration, management, configuration, testing, and integration tasks related to the SIEM and associated platforms to include content creation, maintenance, and administration tasks
Creates and develops correlation and detection rules, utilizing Regex, to support alerting capabilities within the Threat Management Center Creation of technically detailed reports on the status of the SIEM to include metrics on items such as number of logging sources; log collection rate and server performance
Overview
10
10
years of professional experience
1
1
Certification
Work History
Senior Security Consultant
WIPRO
07.2022 - Current
- Identify and remediate suspicious/malicious activities by proactively analyzing security events and threats.
- Develop and implement use cases and analytics to detect and respond to security incidents, ensuring comprehensive MITRE ATT&CK framework coverage.
- Continuously monitor and analyze security events using EDR, SIEM, and threat intelligence tools, including Microsoft Sentinel, M365 Defender, and CrowdStrike , to detect and mitigate intrusions.
- Utilize InsightVM, Defender TVM, and other vulnerability assessment tools to assess the threat landscape and prioritize remediation efforts.
- Conduct risk assessments aligned with ISO 27001 to ensure compliance with security best practices and mitigate potential threats.
- Investigate malicious binaries, files, phishing emails, domains, and IPs using open-source intelligence tools; recommend blocking actions based on findings.
- Conduct forensic analysis and rescans on remediated systems to ensure complete eradication of threats before reinstating them to the network.
- Research and analyze emerging threats, vulnerabilities, and attack techniques through security blogs and threat intelligence feeds, recommending proactive mitigations.
- Perform log source analysis and health checks in Microsoft Sentinel and QRadar to ensure the integrity, availability, and confidentiality of security assets.
- Develop and refine security processes, procedures, and playbooks to enhance security operations and incident response effectiveness.
- Research, evaluate, and recommend improvements to security solutions, tools, and technologies such as Microsoft Defender for Endpoint, Microsoft Defender for Office 365, and CrowdStrike for enhanced protection and threat detection.
Security Consultant SME
Capgemini
03.2021 - 07.2022
- Primarily working as Cybel Angel SME (Digital risk protection) monitoring for data leaks across every layer of the web and integration of keywords base on the customer request.
- Proactively hunt for and research potential malicious activity and incidents across multiple platforms using tools like sentinel , edr and casb, advanced threat network and host-based tools.
- Build indicators of compromise into monitoring tools using internal and external sources to integrate these tools with one another to provide data enrichment
- Strong TCP/IP networking skills used in performing network analysis. Also isolate and diagnose potential threats and anomalous network behavior
- Conduct senior level log analysis, proactive monitoring, mitigation, and response to network and security incidents
- Analyze traffic, review logs and identify potential security threats.
- Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
- Assessed software and networks for cyber vulnerabilities, recommending and installing enhanced security solutions.
- Mitigated risk by providing immediate and effective emergency response to varied security breaches.
Associate Consultant
PWC
05.2020 - 03.2021
- Conduct proactive monitoring, investigation, and mitigation of security incidents and works closely with the Security Operation Center, Legal and Loss Prevention teams to support tier 1 and 2 security incident management Provide investigation findings to relevant business units to help improve information security posture.
- Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
- Ensure the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.
- Proactively manage incidents to minimize customer impact and meet SLA's Compile and analyze data for management reporting and metrics Use threat intelligence to initiate investigations and identify malicious activity not otherwise identified by Managed Security Services
- Perform system and network analysis of suspected or potential security incidents
- Provide leadership/mentorship to junior analysts and serve as the "escalation" point for them to assist with performing a detailed analysis of potential threats
- Investigate malicious phishing emails, domains and IPs using Open Source tools and recommend proper blocking based on analysis.
- Prepared range of written communications, documents and reports.
Technical Security Analyst
MST Solutions Private Limited
09.2019 - 03.2020
- Establish guidelines for monitoring and controlling all access to data andnetwork devices.
- Develop processes within the IT organization to address the collection of information, review of information, and subsequent actions to address security threats across the enterprise.
- Recommend, coordinate, and conduct risk assessment activities including, security audits, attack and penetration test, network security assessments and vulnerability scans on Network and Web application. Develop a mitigation approach to mitigate identified risks.
- Monitor gather and report on IT Security and DR related incidents and provide regular activity reports.
- Researches, prepares and writes security and privacy policies, SOPs, validation and implementation protocols that comply with regulatory, industry and MST standards. As directed, monitors on-site evaluations and testing. Acts as a resource
Security Engineer
Happiest minds Technologies
03.2017 - 08.2019
- Work on IBM Qradar and monitoring the end device and Security devices. Monitor all systems for functionality and status and conducts basic troubleshooting and Manually identify, investigate & recognizes critical security incidents based on their signature, behavior & coordinate with the respective teams to get to a resolution for the issue and createusecases to identify that in advance phase in future.
- Integrate multiple threat intelligence and configure usecases using them and keep updating them periodically. Threat Intelligence includes Reputation Security Manager and threat intelligence onTOR nodes, phishing sites, CnC servers, malicious URLs, domains and IPs etc.
- Take backup of configuration and complete system table periodically. Integrate new devices to ESM as per the client's requirement.
- Identify, investigates & recognizes security incident based on their signature, behavior and escalate respective teams.
- Suggest new use case to reduce false positive and for new rules in Qradar and Aware the client by New IOC and advice to block the signature at endpoint level .
Security Analyst
SATTRIX Information Security Pvt. Ltd
08.2016 - 02.2017
- Deployed to Mphasis pvt limited Bangalore at SOC (Security Operation Centre).
- Work on Arc sight Esm and logger monitoring the end device and Securitydevices. Log Investigation and perform vulnerability assessment, Incident response and handling the security device and end device analysis.
- Log management and consolidation the trades of a CERT Team member. Daily task performing device and event analysis and generate report end of the day.
Information Security Trainer
Ctg security solutions
06.2015 - 07.2016
- Worked with various organizations as Security Trainer provided many seminars and workshops in the field of cyber security.
- Taught material from approved curriculum and developed daily lesson plans to include instructional aids.
- Inspired students to actively participate in all aspects of the educational process. Completed professional development and in-service activities in accordance with company standards.
- Maintained expertise in subject area and recommended improvements in curriculum design.
- Instructed students in laboratory safety procedures if applicable. Performed duties in the Learning Resource Centre as assigned. When possible, participated in core course academic support programs, certification programs, and student professional association
- Protect computers, networks, software, data and information systems against any possible attacks. Provide technical supervision for (and guidance to) a security team define, implement, and maintain corporate security policies. Respond immediately to security
- related incidents and provide a thorough post-event analysis.
Education
MCA - Computer Application
kumaraguru collage of Technology
2016
BCA - Computer Application
Jamal Mohammed collage
2013
Skills
- Incident Detection, Analysis, and Response
- Security Monitoring & Log Analysis (SIEM)
- Threat Intelligence & Hunting
- Digital Forensics & Malware Analysis
- Cloud Security & Application Security
- SIEM: IBM QRadar, Microsoft Sentinel
Security Operations & Threat Detection
✅ Security Tools & Platforms
- EDR/XDR: CrowdStrike Falcon, Microsoft Defender for Endpoint (MDE)
- Threat Intelligence: OSINT, VirusTotal, Hybrid Analysis, AlienVault OTX
- Vulnerability Management: InsightVM, Defender TVM
- Cloud Security: Microsoft Defender for Cloud Apps (MCAS), M365 Defender
- MITRE ATT&CK Framework
- ISO 27001 Risk Assessment & Compliance
- NIST Cybersecurity Framework (CSF)
✅ Frameworks & Compliance
Certification
- SC-200
- AZ-500
- SC-100
- ISO27001
- CEH
- CHFI
- OSCP
Education
other,other
Additional Information
AI-Driven Threat Detection & Incident Response
- AI-Based Threat Detection & Behavioral Analysis ( UEBA )
- Machine Learning for Anomaly Detection & Insider Threat Identification
- AI-Powered Incident Detection, Prioritization & Response
- Automated Threat Intelligence Enrichment & Correlation
Timeline
Senior Security Consultant
WIPRO
07.2022 - Current
Security Consultant SME
Capgemini
03.2021 - 07.2022
Associate Consultant
PWC
05.2020 - 03.2021
Technical Security Analyst
MST Solutions Private Limited
09.2019 - 03.2020
Security Engineer
Happiest minds Technologies
03.2017 - 08.2019
Security Analyst
SATTRIX Information Security Pvt. Ltd
08.2016 - 02.2017
Information Security Trainer
Ctg security solutions
06.2015 - 07.2016
BCA - Computer Application
Jamal Mohammed collage
MCA - Computer Application
kumaraguru collage of Technology
Similar Profiles
Nedunchezhian SundaramoorthyNedunchezhian Sundaramoorthy
Architect at WiproArchitect at Wipro
Rajesh JoshiRajesh Joshi
Us mortgage Underwriter at WiproUs mortgage Underwriter at Wipro
Vaibhav VashisthaVaibhav Vashistha
Senior Analyst at WiproSenior Analyst at Wipro
Brogan DohertyBrogan Doherty
Executive Assistant at WiproExecutive Assistant at Wipro
Suraj PandeySuraj Pandey
Senior Security Consultant at CTG Security Solutions Pvt. Ltd.Senior Security Consultant at CTG Security Solutions Pvt. Ltd.