Tangudu Saikiran
Summary
Security analyst with experience in monitoring and responding to cyber threats across a variety of industries. Proven ability to effectively manage and triage incidents, as well as develop and implement incident response plans. seeks to secure a position in a fast-paced and challenging environment.
Overview
4
4
years of professional experience
Work History
Security Analyst L2
Knila IT Solutions
Coimbatore
03.2021 - Current
- Proficiency with SIEM/XDR tools like LogRhythm and Redcloak(Taegis XDR)
- Continuous monitoring of tools like Defender 365, Tripwire, DUO, Imperva, Rapid7, Symantec Endpoint, Symantec Cloud, Symantec DLP, Coalfire, KACE, ADAudit plus, Paloalto, Defender for cloud apps, Microsoft Azure, Firemon, Solarwinds, Graylog, Logrhythm, Taegis XDR etc.
- Have experience in working on ticketing tools like Servicenow, Trackit, Footprints.
- Working on phishing emails created by users and assisting Security Engineers on running phishing campaigns and trainings in Knowbe4 tool.
- Monitoring of inbound and outbound email DLPs and making sure no sensitive data is going in or out with out encrypting. Doing weekly reviews with Security Engineers on email DLP rules and suggesting changes.
- Continuous monitoring of alerts/incidents in Defender 365.
- Working on user requested quarantine emails and releasing them after investigation.
- Running Antivirus scans on user machines. Quarantining infected machines investigating by connecting the machines through Defender live response.
- Making a list of weekly top 10 riskiest assets and escalating those to helpdesk to remediate those by providing recommendations.
- Doing weekly review with Security Engineers on Imperva WAF. Suggesting changes in alert thresholds. Making sure all the attacks are blocked. Making a list of IPs to be blocked and sendign them for review. Updating custom SSL certs.
- Providing VPN and MFA access to the users for the tools like DUO, Microsoft Authenticator etc.
- Managing security related Active directory memberships in Azure
- Working on server decommissions.
- Weekly review of user terminations and removing user access and providing required security related access to new users.
- Sending out monthly patch awareness notices to all the teams in onshore and ensuring all the patches are done.
- Doing user access review on a monthly basis for the Active directory groups and applications for SOX and creating tickets with helpdesk to review their accounts
Security Analyst L1
Grapple Info Solutions
Hyderabad
06.2018 - 02.2021
- Provide optimization of data flow using aggregation, filters, etc.
- Develop and deploy content for a complex and growing SIEM infrastructure; including use cases that involve Dashboards, Active Channels, filters, rules and customized reports for Loggers.
- Responding to day-to-day security requests relating to ArcSight Operations.
- Tunes performance and event data quality to maximized system efficiency.
- Help maintain up to date documentation.
- Perform routine equipment checks and preventative maintenance. Troubleshoot and conduct system health checks.
- Identifies security risks, threats and vulnerabilities of networks, systems, applications.
- Prepare, mentor, and train client and team members to SIEM-related Standard Operating Procedures (SOPs).
- Finetuning of alerts to reduce false positive alarms.
- Sound Experience in generating Daily, Weekly & Monthly Reports from ArcSight, DLP and Sourcefire IPS.
- Having good knowledge in Log Management by administering Arc-Sight Logger.
- Exposure to Ticketing tool like Service Now.
- Strong knowledge on Incident management life cycle.
- Monitoring of SOC events, detecting and preventing the Intrusion attempts.
- Investigating the events based on particular criteria by creating an Active Channel.
- Created backup policies for required retention periods and disaster recovery
- Involved in Identify, investigate, or resolve security breaches and incidents
- Experience in security device management and SIEM (ArcSight)• Proficient in preparation of reports, dashboards and documentation
Education
B.Tech -
Gitam University
Visakhapatnam, Andhra Pradesh, India04.2018
Skills
- Continuous monitoring of tools
- Good knowledge on networking concepts including OSI layers, subnet, TCP/IP, ports, WAN and LAN concepts, Routing protocols, DNS, DHCP etc
- Good understanding of security solutions like Anti-virus, DLP, proxy, Firewall, IPS, Email Security etc
- Good knowledge on analyzing attacks and malware
- Working on incidents and reviewing the alerts and do detailed analysis on alerts
- Hands on experience on Tools like WIreshark, Burp Suite etc
- Knowledge in DOS, DDOS, MIM, XSRF and XSS
- Knowledge of security concepts such as cyber-attacks and techniques, risk management, incident management etc
Accomplishments
- Awarded Employee of the month and Employee of the year.
Languages
Telugu
Native language
English
Proficient
C2
Hindi
Advanced
C1
Timeline
Security Analyst L2
Knila IT Solutions
03.2021 - Current
Security Analyst L1
Grapple Info Solutions
06.2018 - 02.2021
B.Tech -
Gitam University
Similar Profiles
Ana Giselle Javelly TovarAna Giselle Javelly Tovar
Marketing Consultant I at ONIS Solutions / Innova SolutionsMarketing Consultant I at ONIS Solutions / Innova Solutions
KIRUBAKARAN NKIRUBAKARAN N
Deputy Sales Manager at Blue Mach Solutions (Godrej Storage Solutions)Deputy Sales Manager at Blue Mach Solutions (Godrej Storage Solutions)
CRYSTAL HOLLOWAYCRYSTAL HOLLOWAY
New York Life at Customer Solutions III, Life SolutionsNew York Life at Customer Solutions III, Life Solutions
Parshad KikaniParshad Kikani
SOC Security Analyst L2 at PwC Czech RepublicSOC Security Analyst L2 at PwC Czech Republic
Pooja NavalePooja Navale
Cyber Security Analyst- L2(SailpointIIq) at WiproCyber Security Analyst- L2(SailpointIIq) at Wipro