Recharla Umesh

Seasoned SOC Analyst with 5 years of expertise in cybersecurity operations, specializing in threat detection, incident response, and security monitoring. Proficient in utilizing Azure Sentinel and other advanced tools to analyze security events, mitigate risks, and ensure the integrity of organizational systems. Proven track record of implementing robust security measures and collaborating across teams to fortify defenses against evolving cyber threats. A results-oriented professional committed to safeguarding assets and maintaining a proactive stance in the face of emerging security challenges.

Azure Sentinel & Securonix

• Monitor security events and alerts generated by various security tools and systems, including SIEM (Security Information and Event Management) platforms like Azure Sentinel. Respond promptly to security incidents, investigating and analyzing alerts to determine the nature and severity of potential threats.
• Conduct thorough analysis of security logs, network traffic, and system activity to detect potential security threats, intrusions, or vulnerabilities. Utilize tools and techniques to identify patterns, anomalies, or indicators of compromise (IoCs) that may indicate malicious activities.
• Take immediate action upon identifying security incidents, including containment, mitigation, and resolution of security breaches. Perform in-depth investigations, root cause analysis, and documentation of security incidents to prevent recurrence and improve incident response procedures.
• Conduct regular assessments of system vulnerabilities and weaknesses. Collaborate with teams to implement patches, configurations, or other security measures to mitigate vulnerabilities and reduce potential attack surfaces.
• Manage and optimize security tools and technologies such as intrusion detection systems (IDS), endpoint protection, firewalls, and SIEM platforms. Regularly review and fine-tune configurations, rules, and policies to enhance threat detection and prevention capabilities.
• Generate reports on security incidents, trends, and findings for management and stakeholders. Maintain detailed documentation of security procedures, incident response plans, and actions taken during security incidents to ensure compliance and facilitate continuous improvement.

• Azure Active Directory (Entra ID)
• Microsoft Defender for endpoint
• Microsoft Defender for Cloud
• Symantec email Gateway Symantec EDR
• Microsoft defender