Sananth R
Bangalore
Summary
Experienced Senior Threat Analyst with 9+ years of expertise in incident response, threat analysis, and cybersecurity. Proven track record in managing and mitigating complex security threats, leading incident response teams, and enhancing security posture through proactive measures. Certified in AZ-900, AZ-500, CEH, and Qualys VM.
Overview
10
10
years of professional experience
Work History
SENIOR THREAT ANALYST
SOPHOS TECHNOLOGIES
Bangalore
06.2022 - Current
- Collaborated with team members to execute the Sophos MDR Active Incident procedure encompassing Triage, Contain, Neutralize, and Recover for prompt resolution of active adversary activity
- Investigated and analyzed logs and security-related events using Sophos tooling, 3rd party vendors, and parsing mechanisms for comprehensive threat detection and mitigation.
- Spearheaded investigations into cyber attacks initiated by prominent Ransomware groups, APTs, Banking Trojans, Info stealer's, and coin-miners
- Mitigated threats by tracing persistence across estates and identifying RCA, providing clients with proactive measures to prevent recurrence
- Identify and respond to cyber threats and Active/Critical incidents within customer environments
- Worked alongside cross-functional teams, such as the Intel/Detection team, to develop strategies for addressing emerging threats and collaborated with the automation team on innovative product ideas
- Prepared cybersecurity technical reports and delivered presentations to technical executive teams and customers, ensuring alignment with MITRE ATT&CK.
- Conducted Threat Hunt for emerging threats, posture improvement, low severity malware, and active threats across multi-customer estates using dynamically refined OSQuery queries
SENIOR ASSOCIATE
PWC INDIA LLP
Bangalore
02.2020 - 06.2022
- Handled and monitored LogRhythm/Helix SIEM's, involving log analysis, threat mitigation, and event analysis for diverse infrastructures.
- Collaborated with the Security Incident Response Team (SIRT) to clarify and derive false positive detections from the tools, enhancing incident response capabilities.
- Utilized long tail analysis to detect anomalies and conducted proactive log analysis for identifying malware threats
- Conducted Diamond Model Analysis on relevant TI Feeds from OSINT to assess impact on Client Infrastructure.
- Developed and implemented SOP documents tailored to client specifications using the ATTACK Tree and Graph Thinking Methodology.
- Honed expertise in Antivirus and EDR tools such as Cortex XDR and Fireeye HX, providing comprehensive knowledge of Host Forensic Analysis, Malware Analysis, and File Write Events.
- Proficient in Data Forensics, analyzing and preventing sensitive data from leaving the organization through investigation of Data Exfiltration events.
- Enhanced overall Security Posture through the review of Security Configurations in alignment with the latest TTP's and Threat Intel Advisories.
ANALYST
OPTIV SECURITY INDIA PVT LTD
Bangalore
08.2019 - 02.2020
- Security event analysis and intrusion detection by review and analysis of events generated by various components including IDS/IPS, firewalls, WAF, Proxies, Crowd Strike and Symantec EPP
- Creation of Playbook Logic in reducing False Positive
- Creating the Use cases based on the available OSINT threat intelligence
- Manual Hunting of Logs to find the anomalies in the infrastructure
- Working with Exabeam UEBA SIEM and Splunk
- Working with finetuning to reduce false positives
- Spam Email detection and investigation.
DEPUTY MANAGER
VODAFONE INDIA SERVICES PVT LTD
Bangalore
08.2016 - 07.2019
- Utilized various components such as IDS/IPS systems, firewalls, WAF, Proxies, and Symantec EPP to perform comprehensive security event analysis and identify potential intrusions.
- Perform Data Hunting based on external Threat intelligence feeds and identify potential threat actors in our managed infrastructure
- Customize the DDoS detection policies based on customer bandwidth & traffic patterns learned
- Create Threat intelligence & build a repository of bad reputation IP/URL based on various attacks towards Vodafone
DESKTOP SUPPORT ENGINEER
TRIGENT SOFTWARE
Bangalore
12.2014 - 07.2015
- Providing Advanced Troubleshooting of Virus Infected Systems without loss of User data
- Conducting Random Quality Audit of Customer's PC
- Training New Hire's with Process and Process related Windows Components
- Able to Fix any kind of issues related to Client OS (Windows XP, Vista, Windows 7) by using SFC scan, TDS killer, system analyser scan, system readiness tool, SUBNICLE, windows package manager, Microsoft fix it
- Registry level fixes
- Fixing issue with Device manager, start-up errors, firewall issues, restore point issue.
Education
BACHELORS OF ENGINEERING -
Sai Vidya Institute of Technology
Bangalore, India06.2013
Skills
- SOAR & EDR Firewall (Fortinet, Sophos, Checkpoint)
- Vulnerability Assessment
- Email Security
- Incident Response
- Linux
- Malware Analysis
- Endpoint Security
- Security Monitoring
- Security Engineering
- Antivirus and EDR tools (Cortex XDR, Fireeye HX)
- Data Forensics
- Security Configurations
Personal Information
- Date of Birth: 08/06/1991
Timeline
SENIOR THREAT ANALYST
SOPHOS TECHNOLOGIES
06.2022 - Current
SENIOR ASSOCIATE
PWC INDIA LLP
02.2020 - 06.2022
ANALYST
OPTIV SECURITY INDIA PVT LTD
08.2019 - 02.2020
DEPUTY MANAGER
VODAFONE INDIA SERVICES PVT LTD
08.2016 - 07.2019
DESKTOP SUPPORT ENGINEER
TRIGENT SOFTWARE
12.2014 - 07.2015
BACHELORS OF ENGINEERING -
Sai Vidya Institute of Technology
Similar Profiles
Shubhankar SinghShubhankar Singh
Procurement Specialist || SAP MM Consultant at Sophos TechnologiesProcurement Specialist || SAP MM Consultant at Sophos Technologies
Arghadeep LahiriArghadeep Lahiri
Global Escalation Specialist 3 at SOPHOS TechnologiesGlobal Escalation Specialist 3 at SOPHOS Technologies
Binoy JacobBinoy Jacob
Technical Support Engineer at Sophos Technologies Pvt Ltd, AhmedabadTechnical Support Engineer at Sophos Technologies Pvt Ltd, Ahmedabad