Summary
Overview
Work History
Education
Skills
Interests
Personal Details
Certification
Timeline
Generic

Ram Reddy

L2 SOC Analyst | Incident Response | SIEM (Splunk, QRadar) | EDR (CrowdStrike) | IDS/IPS | WAF | Proxy | Firewall | Email Security | NIST SP 800-61 | Vulnerability Mgmt | Cloud Security
Hyderabad

Summary

Detailed Cybersecurity Analyst with 4+ years of experience in L2 Security Operations Center (SOC) at
IVY Comptech. Extensive experience in utilizing Security Information and Event Management (SIEM) tools,
particularly Microsoft Defender and Azure Sentinel. Experience in alert monitoring, activity analysis,
advanced threat hunting using Kusto Query Language and incident management, which are crucial for
identifying and responding to security threats. understanding the log sources used for security
monitoring, especially from security and networking devices.


Overview

15
15
years of professional experience
1
1
Certification
1
1
Language

Work History

L2 SOC Analyst

Programming.com
05.2024 - 12.2024
  • Demonstrated hands-on expertise in analyzing and responding to real-time security alerts using Splunk SIEM.
  • Delivered L2 support, ensuring timely resolution of incidents, and adherence to SLAs.
  • Conducted log analysis across multiple security platforms to identify anomalies and threats.
  • Performed threat hunting using Microsoft Defender and Sentinel One.
  • Investigated indicators of compromise (IOCs) using open-source tools and recommended endpoint blocking strategies.
  • Strong familiarity with security technologies in general, both at the host and network levels.
  • Participated in cross-functional war room calls during critical security incidents, sharing live analysis and logs, and helped contain the incidents within defined impact thresholds.
  • Proficient in Splunk Search Processing Language (SPL) and Kusto Query Language (KQL) for log extraction and analysis.
  • Preparing daily/weekly incident summaries, threat reports, and SOC metrics.





Senior SOC Engineer

IVY-Comptech pvt ltd
05.2021 - 03.2024
  • Hands-on experience in threat analysis, security monitoring, and operations.
  • Experience with SIEM tools and monitoring real-time events using Chronicle.
  • Collaborating with cross-functional teams to streamline processes and improve efficiency.
  • Collecting logs from all the network devices and analyzing the logs to find suspicious activities.
  • Technical knowledge of security tools (anti-virus/malware, IDS/IPS, firewall, vulnerability, etc.). and infrastructure (Network, OS, Database).
  • Good understanding relating to event logs, system logs.
  • Good understanding of malware and its attack types, proxies, and firewalls.
  • Performing malware analysis using multiple open-source tools. Focusing on initial detection and triage, analyzing IOCs, thereby reducing false positives.
  • Experience and knowledge in investigating incidents, remediation, tracking, and follow-up for incident closure with the concerned team.
  • Strong understanding of the MITRE ATT&CK framework, OWASP Top 10, and common attack vectors like SQL injection, XSS, and man-in-the-middle attacks.
  • Experienced in writing and preparing detailed security reports, including daily, weekly, and monthly updates, security advisories, and RCA documents.
  • Familiarity with vulnerability scanning tools (Nmap), and incident remediation procedures.
  • Proficient in handling security incidents related to phishing, DDoS, ransomware, malware, and other cyber threats.
  • In-depth experience performing malware analysis, identifying indicators of compromise (IOCs), and conducting phishing email investigations.


NOC Engineer

Skill-mine Technology Consulting Pvt Ltd
08.2018 - 05.2021
  • ITCC is the SPOC for all the infra and application-related issues for the banking teams operating 24/7.
  • We are responsible for managing the complete infrastructure and escalations of all IT and application-related critical issues within the ICICI Bank network.
  • As a team lead with good experience in providing proper knowledge transfer to the team according to the ICICI standards.
  • Monitor the Global Incidents queue, follow up on all unassigned, and medium to high-impact incidents with the respective resolution groups, and have them attended to immediately.
  • As part of performance monitoring, having experience on both client-side and server-side metrics using App Dynamics, Appnomics, Dynatrace (one agent), Anabot, Riverbed, and BMS tools.
  • As part of various roles, I am also responsible for monitoring various applications 24/7.
  • Handling alerts, blocking issues, and reporting to the concerned team to avoid issues with application performance.
  • Identifying and monitoring memory usage, CPU utilization, and physical reads counters using the APPNOMICS monitor tool.
  • Responsible for monitoring various Infra tools, like OEM (Oracle Enterprise Manager), Ops Center, OMW, and SCOM (System Center Operations Manager), and escalating the critical alerts to their respective heads.
  • Generate the final performance test report with all performance metrics, including response times, hits per second, throughput, and transactions per second, etc., as per the business requirements.
  • Having experience in monitoring multiple applications and coordination with application owners, development, DBA, and business development teams.
  • Work closely with the incident managers as part of technical escalations, and work as an incident manager when there are multiple issues reported to ITCC.
  • Having experience in adding, removing, or updating user account information, and resetting the passwords with the help of the ARCOS tool.
  • Proactive monitoring of high-critical production servers, physical servers, virtual servers, and verifying the issues, and reporting to the respective application teams.
  • Participating in the bridge calls for internal discussions and also for major issues, and it ensures that high-impact incidents receive the right attention and resolution within the TAT by providing accurate and relevant updates with a proper timeline.
  • Call logging and ticket creation for unresolved issues, and escalating and following up through the raised tickets within the team.
  • Tracking of incidents from opening to closure, with timely communication to the business with the help of the ITSM ticketing tool.
  • Properly hand over the end-of-shift report and also the ongoing issues to the next shift engineers and managers.
  • Having experience in preparing daily, weekly, and monthly work status reports and sending them to the reporting authority or management.
  • Creating a runbook for future utilization and knowledge sharing.
  • Having experience in preparing correlation reports for the impacted applications that we have been monitoring and analyzing the issue.
  • Ability to learn new things, quick learner, team player, flexible, and versatile to adapt to any environment.
  • AppDynamics, Appnomics, Dynatrace Vu, Anabot, Riverbed, and BMS monitoring tools.
  • ITSM, Confluence.

Sr. Member Operations (Technical)

Tanla Platforms Ltd
05.2014 - 01.2018
  • Roles and responsibilities are to monitor the platform through tools like Nagios, which include networks.
  • Logging the customer’s issues according to severity in the ticketing tool, and sending prior notice when there is an outage.
  • Monitoring alerts using Nagios and Netcool tools, and following SLA.
  • Handling and responding to the emails, such as providing information to users.
  • Creating a ticket and escalating it to the concerned team.
  • File systems and process management.
  • Configuration of the master server, slave server, and integrating NFS and Autofs.
  • Managing User and Group Administration.
  • Installing and upgrading Linux using the Kickstart method.
  • Package Administration (RPM and YUM)
  • Performing Scheduled Jobs (At & Cron).
  • Processes, administration, and management, like monitoring, starting, stopping, and killing various processes.
  • Monitoring and managing swap space.
  • Working with open-source packages like SUDO, OpenSSH, and providing troubleshooting.
  • Configuration of remote access utilities, providing user access control on services like Telnet, FTP, and SSH.
  • Monitoring system resources, logs, disk usage, scheduling, and monitoring backups and restore.
  • Monitoring the queuing system using the RabbitMQ application.

Process Associate

United Health Group India pvt ltd(OPTUM)
05.2012 - 10.2013
  • Monitoring the calls and quotes sent by the account managers, and emailing appropriate feedback on the call structure, call profiling, areas of improvement, etc. On a regular basis.
  • Preparing MIS reports on a daily and weekly basis.
  • Resolving claims issues.
  • Providing KT for new joiners.


Network Security Administrator

Helios & Matheson (DXC technology Pvt ltd)
07.2011 - 04.2012
  • Worked as a Remote Technical Support.
  • User migration on different application like AD server, Lotus notes,etc.
  • Supported Coca-Cola employees across the globe
  • Client: COCA-COLA Atlanta (USA)

Technical Support Executive

Quess Corporation Limited (TBSS)
01.2010 - 05.2011
  • Troubleshoot hardware and network-related issues as per the clients' requirements.
  • Handled voice and email channels for client interaction.
  • Handled inbound calls and outbound calls.
  • Follow up on tickets on a regular basis to achieve client satisfaction and complete problem resolution.
  • Client: ISP service provider, Tata Photon.

Education

Master's in Computer Application

Osmania University
Hyderabad, India
04.2001 -

Skills

Having around 10 years of experience in desktop &Application Support technical & Customer support process for various software and hardware related issues in Global command center & Software industry

Good Knowledge in providing supports to heterogeneous operating systems environment like Windows, Linux and ITIL

Skilled at troubleshooting hardware/software issues related to laptops

ITIL Foundation Certified

NAGIOS Course Completed

Interests

Interested in traveling, reading, and cricket

Personal Details

Date of Birth : 10-06-1985 The information given above is true to the best of my knowledge.

Certification

ITIL foundation certified

Timeline

L2 SOC Analyst

Programming.com
05.2024 - 12.2024

Senior SOC Engineer

IVY-Comptech pvt ltd
05.2021 - 03.2024

NOC Engineer

Skill-mine Technology Consulting Pvt Ltd
08.2018 - 05.2021

Sr. Member Operations (Technical)

Tanla Platforms Ltd
05.2014 - 01.2018

Process Associate

United Health Group India pvt ltd(OPTUM)
05.2012 - 10.2013

Network Security Administrator

Helios & Matheson (DXC technology Pvt ltd)
07.2011 - 04.2012

Technical Support Executive

Quess Corporation Limited (TBSS)
01.2010 - 05.2011

Master's in Computer Application

Osmania University
04.2001 -

Similar Profiles

CREATE PROFILE
Ram ReddyL2 SOC Analyst | Incident Response | SIEM (Splunk, QRadar) | EDR (CrowdStrike) | IDS/IPS | WAF | Proxy | Firewall | Email Security | NIST SP 800-61 | Vulnerability Mgmt | Cloud Security