SIVAKRISNA BHUPATHI

Using SIEM tool Exabeam and EDR tools Crowdtrike to detect possible signs of security breaches and perform detailed investigation to confirm successful breach. Perform root cause analysis (RCA) and appropriately handle the incident as per defined Incident Management Framework.

• Scanning the environment using Nessus tool and finding the vulnerabilities based on the business units and sending the report to respective business owners
• Finding the Critical servers and application inventory from respective business owners and scheduling the scan weekly, monthly and Quarterly basis.
• Following end to end Incident Investigation and Incident Response process, ensuring to close the investigation within defined SLA
• Escalation of security incidents to concerned teams and their management and follow-up for closure.
• Analysis of daily and monthly reports for incident management and compliance.
• Coordinating with Network team, Server team regarding activities and technical issues.
• Creating vulnerability and remedy reports and reporting them to users.
• Phishing emails Investigation and Blocking Malicious URLs and Bad senders by using tools MS Office 365 Defender and Cisco Umbrella

.

• Using SIEM tool Splunk and EDR tool Crowdstrike to detect possible signs of security breaches and perform detailed investigation to confirm successful breach. Perform root cause analysis (RCA) and appropriately handle the incident as per defined Incident
• Following end to end Incident Investigation and Incident Response process, ensuring to close the investigation within defined SLA Escalation of security incidents to concerned teams and their management and follow-up for closure
• Coordinating with Network team, Server team regarding activities and technical issue
• Scanning the environment using Nessus tool and finding the vulnerabilities based on the business units and sending the report to respective business owners Monitoring and analysis of events generated by various security and network tools like Firewalls, Proxy servers,AV, IPS/IDS, load balancer’s database , System Application, Cloud (Amazon, Azure and Google) Windows and Linux servers e.t.c…
• Security Incident Response: Responsible for monitoring of security alerts Analysis of logs generated by appliances, investigation, and assessment on whether the incident is False positive or False Negative.