Summary
Overview
Work History
Education
Skills
Certification
Interests
Timeline
Hi, I’m

Saran Manoharan

Senior Security Analyst
Saran Manoharan

Summary

Senior Security Analyst with 7+ years of experience in Incident Response, MxDR, Endpoint Detection & Response (EDR), Threat Hunting, Digital Forensics, SIEM, SOC Operations, Security Monitoring.


Certified Cyberdefender (CCD) well versed and experienced in handling high severity Cyber Security Incidents and driving them towards closure by following Incident Response process. Experienced in dealing with security breaches, accessing, and mitigating security risks / threats and proficient in degrading the capabilities of adversaries by removing their presence from the environment using EDR solutions. Deep understanding on how to onboard various security device for log collection, extract security value from those logs using SIEM correlation and identify actionable critical security incidents. Team player, highly self-motivated and able to work in full autonomy, prioritize and execute tasks. Knowledge of Industry standards such as PCI-DSS and privacy standards such as GDPR.

Overview

7
years of professional experience
4
Certifications
2
Languages

Work History

Accenture Solutions Pvt.Ltd

Senior Security Analyst
05.2021 - Current

Job overview

  • Analyze log data, network traffic and alerts generated by a variety of security technologies in real-time, and send enriched, contextualized, and actionable security incidents to customers with detailed information including but not limited to Initial vector, TTPs, Attack progression and scope the attack across the organization.
  • Investigate attacks against customer network .Supported these investigations utilizing OSINT sources like VirusTotal, Alientvault etc., query additional client log data stored in SQL DB, AWS, Elastic, and EDR platforms.
  • As part of MxDR, I manage and investigate alerts on multiple EDR platforms such as Crowdstrike Falcon, Elastic, Endgame, Microsoft Defender for Endpoint, Carbon Black & Symantec EDR.
  • Perform hunt based on IOAs, TTPs and Threat Intelligence. Investigate ad-hoc retro-hunt requests from customers by leveraging internal/publicly available Threat Intelligence reports.
  • Focus on Emerging / Significant threats such as Human Operated Ransomware, Credential Theft, Lateral Movement, Cobalt Strike activity, Targeted attacks on AD / DNS / Exchange / Other Standard Applications.
  • Create Detection rules within the Elastic stack (ELK), Google Chronicle SOAR(YARA -L) to identify the latest threats and generate alerts wherever possible Created Traps (detection rules) to identify advanced attacks and Build and maintain the life cycle of detection rules.
  • Investigate security alerts generated by Elastic security, Google Chronicle SOAR,Assessment of a High Alert and identify tuning opportunities to reduce False Positive.
  • Write up security incident reports detailing the threat, its characteristics, and possible remediation activities.
  • Perform RCA for Critical severity incidents and document the lessons learned. Identify the root cause for higher MTTA/MTTR (Time to Alert / Time to Resolution) of Incident.
  • Routinely review security incidents and other customer deliverables for adherence to the established procedures and guidelines. Document, rectify, and provide feedback to other analysts as necessary.
  • I identified opportunities for automating incidents and assisted the team in automation efforts.
  • Research new threats and ensure appropriate detection capabilities are in place to identify and respond to these threats.
  • I was part of Service Quality Assurance, and my responsibility was to audit the Incidents to identify and improve the quality of Incident handling and Alert Write up.
  • Provided mentoring, training, and extensive guidance & support for other security analysts within the MDR team.

Symantec Software Solutions Private Limited

ASSO. MSS Security Engineer
01.2017 - 04.2021

Job overview

  • Proficient in Symantec Log collection platform, adept at analyzing System logs and Security logs, and proficient in troubleshooting and configuring logs across various security devices, log collectors, and Agents.
  • Well-versed in IDP concepts (Snort/Sourcefire/Cisco) and firewall technologies (Cisco/Check Point/Juniper), with hands-on administration skills in Unix/Linux environments.
  • Skilled in managing Security devices and Servers, including onboarding Security devices to MSS.
  • Provided mentorship, training, and extensive support to fellow security engineers, fostering a collaborative team environment.
  • Conducted research to understand and analyze log sources for security monitoring, ensuring comprehensive coverage of security and networking devices.
  • Enabled logging for customer network devices, applications, and operating systems, aligning with ITIL framework for customer relationship management.
  • Delivered log analytics value to customers by enabling them to leverage logs collected from their network devices, applications, and operating systems.
  • Managed EMEA and NAM customer inquiries via email and phone, ensuring prompt and effective resolution.
  • Remotely administered the log collection platform on RHEL 5.5 or RHEL 6.6, including installation and configuration of SSIM collectors, facilitating log gathering for SOC analysis.
  • Provided assistance to clients in troubleshooting API device setup and connectivity issues with AWS and Azure cloud platforms.
  • Prioritized customer needs, including handling priority customers and proof of concept initiatives to deliver timely solutions.
  • Created comprehensive knowledge base articles to document solutions and shared expertise within the team during regular huddles.

Education

J.N.N Institute of Engineering
Chennai, India

Bachelor of Engineering from Electrical, Electronics And Communications Engineering
04.2001

University Overview

Skills

Operating Systems : Windows, Unix, MacOS

undefined

Certification

CompTIA Security+

Interests

Reading Cybersecurity related Content

Trekking

Watching and Playing Volleyball

Timeline

Certified Cyber Defender(CCD)

04-2024

Microsoft Certified: Security Operations Analyst Associate(SC-200)

08-2022

Certified Ethical Hacker

06-2021
Senior Security Analyst
Accenture Solutions Pvt.Ltd
05.2021 - Current

CompTIA Security+

11-2019
ASSO. MSS Security Engineer
Symantec Software Solutions Private Limited
01.2017 - 04.2021
J.N.N Institute of Engineering
Bachelor of Engineering from Electrical, Electronics And Communications Engineering
04.2001

Similar Profiles

CREATE PROFILE
Saran ManoharanSenior Security Analyst