Sandeep Goparaju
Summary
Cybersecurity Analyst with 4+ years of experience protecting enterprise environments through effective threat detection, incident response, and risk mitigation. Adept at utilizing SIEM tools like Microsoft Sentinel and Splunk, along with EDR solutions, and cloud security platforms, to investigate and respond to security events. Known for strong analytical thinking, attention to detail, and a proactive approach to identifying and mitigating security risks.
Overview
5
5
years of professional experience
1
1
Certification
Work History
Associate Security Analyst
Lennox India Technology Centre Pvt Ltd
12.2022 - Current
- Conducted investigations into phishing emails via Microsoft O365 and Abnormal Security, partnering with Incident Response Team to minimize false positives.
- Leveraged Azure Active Directory alerts to detect suspicious login activities, employing Kount for enhanced fraud detection.
- Utilized CrowdStrike Falcon to detect and remediate endpoint threats, including malware and PUPs, and managed host response based on asset sensitivity.
- Managed responses to alerts in Microsoft Defender concerning anomalous login behavior, enriching investigations through Microsoft Sentinel logs.
- Employed Splunk for comprehensive event monitoring, creating advanced queries to streamline threat investigations.
- Engaged in proactive threat hunting across various tools, targeting early indicators of data breaches and insider threats.
- Updated SIEM watchlists regularly with current Indicators of Compromise, ensuring prompt access to critical attack patterns.
- Provided mentorship to junior security analysts, reinforcing best practices and knowledge transfer.
- Conducted network traffic analysis on Palo Alto firewalls, detecting anomalies across internal and external interfaces.
SOC Analyst
Tata Consultancy Services
11.2020 - 10.2022
- Analyzed over 1,000 security incidents monthly with McAfee Nitro SIEM, reducing response time by 30%.
- Assessed and remediated malware threats via CrowdStrike Falcon and McAfee ePolicy Orchestrator, enhancing endpoint defense.
- Conducted vulnerability scans and risk assessments using Rapid7 Nexpose, prioritizing critical vulnerabilities for remediation.
- Tracked alerts from Microsoft Defender for Endpoint, ensuring rapid containment of identified threats.
- Investigated phishing incidents in Microsoft O365 Security & Compliance Center, tracing attack vectors through audit logs.
- Boosted incident response efficiency by 25% through proactive threat hunting and rule optimization in McAfee Nitro SIEM.
Education
Bachelor of Technology - Electronics and Communication Engineering
Vignan's University
01.2020
Skills
- Splunk
- Microsoft Sentinel
- McAfee Nitro
- CrowdStrike Falcon
- Microsoft Defender for Endpoint
- SentinelOne
- Recorded Future
- VirusTotal
- AlienVault OTX
- Rapid7 Nexpose
- O365 Security & Compliance
- Abnormal Security
- Kount
- Palo Alto
- Firewalls
- IDS/IPS
- Wireshark
- Windows Event Logs
- DNS/DHCP logs
- Proxy logs
- Azure Security Center
- CASB tools
- ServiceNow, Remedy
- MITRE ATT&CK Framework
- NIST Cybersecurity Framework
- OWASP Top 10
- SQL
- Strong analytical and investigative skills
- Attention to detail in threat detection
- Malware Analysis
- Security Scorecard
- Reverse Engineering
- Static & Dynamic Analysis
- Malware Analysis & Detection
Certification
- Azure Fundamentals (AZ - 900)
- Microsoft Security Operations Analyst (SC-200)
- Splunk Fundamentals , Splunk Enterprises
- National Level Chess and Football Player
Projects
Security coverage enhancement: sensitive, huge data upload activity
- Monitored user upload activities to external cloud services, identifying and flagging potential data exfiltration attempts.
- Developed and optimized Splunk queries to improve detection accuracy and collaborated on new Standard Operating Procedures (SOPs) to reduce false positives.
- Designed and implemented a real-time Splunk dashboard for detecting suspicious upload activities, improving response time and threat visibility.
- Partnered with the Incident Response Team (IRT) to automate incident creation processes and ensure accurate alert triage based on defined use cases.
- Improved incident resolution efficiency by reducing false positives and developing standardized email templates and a structured escalation protocol.
- Played a key role in preventing data leakage by enhancing security coverage around sensitive and high-volume data transfers, reinforcing organizational data protection.
Suspicious Outbound Communications
- Investigated suspicious outbound network communications and performed root cause analysis by correlating proxy logs to identify the source of activity.
- Utilized threat intelligence integrations to assess and categorize URLs involved in potentially malicious or unauthorized behavior.
- Developed and implemented custom SPL queries in Splunk with defined scenarios and thresholds to automate incident generation and enhance detection accuracy.
- Authored and proposed a comprehensive Standard Operating Procedure (SOP) to streamline and standardize the incident detection and response process across the team.
Business-to-customer risky sign-ins
- Monitored Azure B2C risky sign-in logs, optimized alert rules, and helped reduce fraudulent orders by 30%.
- Automated incident creation workflows, streamlining processes and significantly improving response times.
- Developed and implemented Standard Operating Procedures (SOPs), enhancing operational efficiency and reducing response time by 25%.
Accomplishments
- Azure Fundamentals (AZ - 900)
- Microsoft Security Operations Analyst (SC-200)
- Splunk Fundamentals , Splunk Enterprises
- National Level Chess and Football Player
Timeline
Associate Security Analyst
Lennox India Technology Centre Pvt Ltd
12.2022 - Current
SOC Analyst
Tata Consultancy Services
11.2020 - 10.2022
Bachelor of Technology - Electronics and Communication Engineering
Vignan's University
Similar Profiles
Rajesh RavishankarRajesh Ravishankar
Senior Analyst at Randstad (Lennox India Technology Centre)Senior Analyst at Randstad (Lennox India Technology Centre)
Kirubakaran ThaithiyagarajanKirubakaran Thaithiyagarajan
Master Data Administrator at Lennox India Technology CentreMaster Data Administrator at Lennox India Technology Centre
Saran RSaran R
Analyst at Lennox India Technology CentreAnalyst at Lennox India Technology Centre
Sai Venkat YSai Venkat Y
Associate Security Analyst at Tech Mahindra Pvt. LtdAssociate Security Analyst at Tech Mahindra Pvt. Ltd
Krishna MoorthyKrishna Moorthy
Associate Security Analyst at CyberSRC ConsultancyAssociate Security Analyst at CyberSRC Consultancy