Sameeranandan Karra

• Worked to strengthen the security posture across GoDaddy Infrastructure
• Experienced with vulnerability management and XDR solutions Qualys, SentinelOne & Microsoft Defender.
• Carried out various administrative tasks in Qualys such as patching vulnerable applications, Integrating Qualys with SIEM tools, running scans, troubleshooting of the Qualys agents, managing roles.
• Managed daily operations on SeninelOne- Configuring policies, mitigating threats and addressing FPs, adding of exclusions, upgrading agent and troubleshooting of the agent across Windows, MACs and Linux environments.
• Additionally gathered some knowledge on creation and configuring VMs on Openstack.
• Worked on Microsoft purview DLP solution, created various sensitivity labels, auto-labeling policies, tested the DLP on Endpoints as well as for sharepoint, OneDrive and Outlook. Worked on POC for MAM and MDM on devices.
• Experienced With Intunes and SCCM.
• Integrated various 3rd party apps like SNOW, Workday, Salesforce etc with Microsoft Defender for Cloud Apps to ingest and monitor the data.
• Experienced working in agile methodology in sprints with JIRA as the managing tool.
• Experienced with Change Management process,SNOW ticketing tool and participated in incident response activities and familiar with SLAs.

• Experience in Endpoint Security stack- Microsoft Defender ATP, Intunes, SCCM, Tanium, SentinelOne EDR, CrowdStrike EDR and ObserveIT, PaloAlto Cortex XDR.
• Strong experience with Microsoft security suite-Windows Defender Exploit Guard, SCCM, Windows Defender for Endpoint, Intunes, Azure Security Center, Microsoft Threat and Vulnerability management (TIMNA), Deploying and configuring of defender ATP client.
• Experience in Windows Defender Exploit Guard and deployment of Attack Surface Reduction rules to critical infrastructure through SCCM and Intunes.
• Experience in creating packages and sensors in Tanium for Windows and MAC operating systems using powershell and python for multiple purposes, proactively creating ongoing deployments of Defender ATP onboarding script and ObserveIT agents across the estate.
• Experience in performing investigation on isolated machines by connecting them through Tanium live response.
• Experience in working with SentinelOne EDR for proactively hunting suspicious events, analyzing alerts and deployment of agents and onboarding.
• Experience in performing threat intelligence signals ingestion into the estate and monitoring alerts generated by them and fine tuning.
• Experience in ObserveIT Insider Threat Intelligence. Monitor file activities in order to identify and alert on instances of data exfiltration. Replay user sessions. Perform configuration tasks required by business design criteria and operational needs.
• Experience with working in agile model with creation and updating of tasks in JIRA and planning sprints.
• Strong understanding of change management process and experienced with Remedy tool.
• Worked on building OS images with EDR agents packed onto the image.

• Strong understanding in Endpoint security with experience in carrying out migration of endpoints across the estate to Microsoft Defender.
• Worked on installation and troubleshooting of Trend micro.
• Experienced in Microsoft security suite- Defender ATP-Onboaring, device Tagging, addressing incidents and alerts, Azure ATP, Azure AIP, O365 email security- addressing email threats, identifying and analyzing mail headers and remediating spam and phishing campaigns.
• Strong understanding of SLA's and change management process and experienced with ServiceNow tool for creating change requests and performing analysis and resolving incidents within SLA.

Experience in Data Security with skills on following -

• Data at rest encryption, Data in motion encryption, tools- Key Secure, HSM, IBM Guardium.
• Experience in AWS- configured vpc flow logs, policies, installed and managed instances using AMI. performed rollback of instances using EBS screenshot. Worked on BYOK concept of encryption in AWS.

Familiar with Network security- IDS/IPS, firewall, WAF(Web Application Firewall), DNS,Proxy, reverse proxy, http, https, SSL, TLS, OWASP top 10, cyber kill chain process