Sivaram Ganesan
Bengaluru
Summary
Knowledgeable it security professional with several years of experience designing and implementing security solutions in high-availability environments. Skilled in threat detection and incident response, as well as adept at delivering strong risk management practices to safeguard sensitive information and systems integrity.
Overview
11
11
years of professional experience
1
1
Certification
Work History
Senior Security Analyst
Opentext
07.2024 - Current
- Triaged security threats, investigating incidents from initial detection through full mitigation, and performing root cause analysis to ensure comprehensive resolution and future prevention.
- Discuss true-positive incident cases and next steps with top management daily, providing regular status updates and leading the resolution strategy.
- Document case timelines and detailed write-ups for all handled cases, ensuring transparent tracking and audit readiness.
- Fine-tune and optimize false-positive detections using SentinelOne EDR, LogRhythm, and ArcSight, delivering improvements in threat identification accuracy.
- Monitor the security reporting mailbox, managing submissions from employees, threat intelligence, and detection teams (IOCs, threat actor TTPs).
- Drive process improvement by creating and updating SOC runbooks, facilitating standardized incident response procedures.
- Mentor junior analysts through monthly technical and process training, fostering continuous development and operational excellence.
- Lead shift operations for the SOC team, ensuring effective handover, threat response, and team coordination each day.
Tier2 analyst
IBM
11.2021 - 07.2024
- Validated and analyzed investigations within the SOC, ensuring prompt and accurate threat identification.
- Led rapid response and mitigation efforts for high-priority cases, minimizing impact on customer environments.
- Fine-tuned rules and thresholds, significantly improving the accuracy of alert mechanisms.
- Provided comprehensive technical and functional support to L1 Team, offering valuable analytical feedback.
- Successfully managed shifts and led teams, fostering a collaborative environment and optimizing daily operations.
- Skillfully handled client escalations, implementing effective strategies to promptly resolve concerns.
- Conducted thorough incident investigations, proficiently collecting evidence, diagnosing issues, and ensuring timely recovery within SLA.
- Contributed significantly to the enhancement of SOC monitoring and incident management processes.
- Provide malware analysis (executables, scripts, documents) to determine indicators of compromise.
Senior Security Analysis Associate
NTT DATA
03.2020 - 11.2021
- Utilized ScienceLogic platform to monitor and analyze the health, performance, and availability of a diverse range of devices including servers, network equipment, and cloud resources.
- Providing Device management services to clients by monitoring health and availability & backup and restore of client network devices.
- Triaging all tickets and ability to troubleshoot device reachability issues, Log restoration.
Information Security Analyst
Artech
06.2016 - 12.2018
- Served as a vital team member within a 24x7 Security Operations Center (SOC).
- Reviewed, analyzed, escalated, and responded to security events triggered by control and alerting tools.
- Conducted analysis and response to previously undisclosed software and hardware vulnerabilities.
- Monitored and analyzed alerts through dashboard interfaces.
- Developed filters and correlated event rules to enhance security event detection.
- Fine-tuned rules to decrease the occurrence of false-positive alerts.
- Utilized the SIEM Platform (Splunk) to export reports for in-depth analysis.
- Provided expert analysis on malware and phishing campaigns, along with delivering security advisory services.
- Extended Incident Response (IR) support in confirmed actionable incidents.
- Educated and clarified clients on identifying phishing and spam emails.
- Analyzed security controls and provided trends for Machine Learning projects.
- Monitored network traffic on snort IDS and Palo Alto IPS/FW for potential suspicious activities.
Information Security Analyst
Nihon Technology
01.2015 - 06.2016
- Utilized the ArcSight SIEM tool to actively monitor and detect potential security threats and risks within the organization.
- Conducted daily health check monitoring of ArcSight appliances and applications to ensure uninterrupted performance.
- Prepared and submitted weekly and monthly reports in compliance with specific requirements.
- Held weekly meetings with clients to discuss recent issues, progress, and the closure of existing cases.
- Developed, implemented, and monitored dashboards, filters, rules, and reports tailored to emerging threats and vulnerabilities.
- Established and followed a well-defined incident response procedure, encompassing concrete threat and attack use cases.
- Reported malicious behaviors to customers in alignment with each Service Level Agreement (SLA).
- Created cases for identified events based on client requests, ensuring comprehensive incident documentation.
- Improved security monitoring by effectively managing false positive alerts.
Education
M.Tech - Computers
Anna University Regional Campus
TirunelveliSkills
- Phishing analysis and email security
- Log and threat analysis
- Endpoint detection and response (EDR)
- Security operations and monitoring
- Threat intelligence and detection
- Security information and event management (SIEM)
- Incident response management
- Malware analysis
- Team leadership
- Process improvement
- Scripting with Python
Certification
CompTIA CySA+
Timeline
Senior Security Analyst
Opentext
07.2024 - Current
Tier2 analyst
IBM
11.2021 - 07.2024
Senior Security Analysis Associate
NTT DATA
03.2020 - 11.2021
Information Security Analyst
Artech
06.2016 - 12.2018
Information Security Analyst
Nihon Technology
01.2015 - 06.2016
M.Tech - Computers
Anna University Regional Campus