SYAMALA A - Security Analyst - Crisil Limited

Summary

Security Analyst with 4+ years of experience in security operations and threat detection across hybrid cloud environments. Proficient in using SIEM and SOAR platforms for event correlation and automated response. Specialized in email threat protection, endpoint security, vulnerability management, and identity access governance. Hands-on with Microsoft Defender suite, cloud playbook posture tools, and network-level protections. Focused on strengthening security controls and reducing organizational risk through real-time threat mitigation.

Overview

4

years of professional experience

2

Certifications

Work History

Security Analyst

Crisil Limited

06.2021 - Current

Developed customized security policies and protocols, ensuring compliance with industry standards and best practices.
Designed and configured log ingestion architecture across multiple Log Analytics Workspaces for Microsoft Sentinel SIEM.
Developed custom analytics rules, detection logic, and KQL hunting queries to detect advanced threats and reduce false positives.
Built and automated SOAR playbooks using Azure Logic Apps for phishing response, endpoint isolation, malicious IP blocking, and ticket creation in JIRA.
Performed end-to-end incident investigations using Microsoft Defender XDR across endpoint, identity, email, and cloud telemetry.
Conducted threat hunting using KQL and the Defender evidence graph to identify lateral movement and attacker behavior.
Implemented and managed Microsoft Purview DLP policies, including sensitive data classification, labeling, and alert investigation.
Strengthened data governance and compliance posture using Microsoft Purview, aligned with GDPR, HIPAA, and ISO standards.
Enforced identity governance using Entra ID, RBAC, Conditional Access, and MFA to prevent unauthorized access. Implemented MFA measures, strengthening overall network defenses against unauthorized access attempts.
Tuned SIEM correlation rules and DLP policies, significantly reducing false positives and improving alert quality.
Managed the vulnerability lifecycle using Qualys, Nessus, Wiz, and Defender VM; prioritized remediation based on CVSS, and threat intelligence.
Monitored cloud security posture using Defender for Cloud and Wiz to detect misconfigurations and cloud-native threats.
Investigated phishing emails, malicious domains, and IPs, recommending appropriate blocking actions.
Created dashboards, reports, and KPI metrics for SOC monitoring and management reporting.
Documented incident response procedures, SOPs, and playbooks for consistent alert handling.
Mentored junior SOC analysts in alert triage, investigation techniques, and vulnerability workflows.
Ensured security operations alignment with MITRE ATT&CK, NIST, CIS Benchmarks, and OWASP standards.
Analyzed log files for anomalies, identifying potential intrusions or malicious activity before significant damage occurred.
Streamlined incident response procedures for quicker threat mitigation and improved system uptime.
Collaborated with IT teams to develop comprehensive cybersecurity strategies, reducing risks from external attacks.

Education

MCA -

D N R PG Courses

Bhimavaram

Skills

SIEM & SOAR: Microsoft Sentinel, Splunk

EDR: MS Defender Endpoint EDR, Cortex XDR, CrowdStrike

Email Security: Proofpoint, O365

Cloud Security: Defender for Cloud CSPM, CWP

Cloud Service: Azure AWS(Basics)

Vulnerability Management: Nessus Qualys, WIZ

Identity Management: IAM, RBAC, MFA, Conditional Access Policies

Ticketing tool: JIRA

Network Security: Akamai WAF,

DLP: MS Purview, CASB, GDPR, ISO27001, HIPPA

Certification

AZ-500: Azure Security Engineer Associate

Timeline

Security Analyst

Crisil Limited

06.2021 - Current

MCA -

D N R PG Courses