Umesh Varma Dandu
Threat Intelligence-Cyber Security
Hyderabad,TG
Summary
Cybersecurity Specialist with proven expertise in Threat Intelligence, SOC operations, and detection engineering. Skilled in IOC enrichment, adversary profiling, and APT campaign tracking, delivering actionable insights aligned with the MITRE ATT&CK framework. Proficient in the Microsoft security stack (Sentinel, Microsoft 365 Defender, Defender for Cloud, Entra ID), with hands-on experience creating custom KQL hunting queries, detection rules, dashboards, and SOAR playbooks to automate response and reduce incident resolution time. Experienced in OSINT collection, dark web monitoring, malware analysis (static and dynamic), and phishing investigations, integrating intelligence feeds from platforms such as MISP, VirusTotal, and AbuseIPDB. Recognized for enhancing enterprise detection coverage, reducing false positives, and enabling proactive defense strategies to protect critical client environments.
Overview
5
5
years of professional experience
Work History
Senior Analyst
Cloud4C
Hyderabad
12.2024 - Current
- Operated within a 24/7 Security Operations Center, performing log analysis and threat detection using Microsoft Sentinel and Microsoft 365 Defender.
- Led a cybersecurity team to protect client infrastructure, achieving zero SLA breaches.
- Developed and deployed custom analytical rules and dashboards in Microsoft Sentinel for advanced threat detection.
- Designed SOAR playbooks and automated response runbooks, reducing false positives and improving remediation speed.
- Investigated phishing, malware, and endpoint incidents, executing IOC analysis and malware reverse engineering to mitigate threats.
- Integrated threat intelligence into SOC workflows by correlating IOCs from CTI platforms and watchlists for proactive detection.
- Conducted OSINT and dark web monitoring to track APT campaigns and develop threat actor profiles aligned with MITRE ATT&CK framework.
- Produced weekly and monthly SOC reports detailing incidents, threat trends, and mitigation strategies.
Information Security Specialist
LTI Mindtree
Navi Mumbai
05.2024 - 07.2024
- Engineered custom SIEM detection rules and ATT&CK-aligned correlation logic to enhance incident response.
- Developed automated SOAR playbooks, reducing response time by 40% for phishing, malware, and insider threats.
- Executed enterprise-wide vulnerability assessments, prioritizing remediation based on CVSS scores and threat intelligence feeds.
- Integrated IOC feeds and adversary TTP mapping into threat intelligence workflows to strengthen detection engineering.
- Conducted risk assessments to identify vulnerabilities in information systems.
- Implemented security policies and procedures to safeguard sensitive data.
SOC Analyst
Reserve Bank Information Technology Pvt Ltd
Navi Mumbai
05.2021 - 05.2024
- Monitored alerts through IBM QRadar SIEM, correlating anomalies with threat intelligence feeds and EDR telemetry to detect malicious activity.
- Conducted incident triage and root cause analysis, enhancing investigations with Indicators of Compromise, adversary TTPs, and MITRE ATT&CK mappings.
- Streamlined vulnerability remediation for Windows and Linux servers, aligning prioritized CVE patches with threat intelligence risk scoring to reduce mean time to remediate.
- Led security awareness programs and compliance reporting, incorporating real-world threat intel into employee training and regulatory documentation.
Cyber Security Intern
Sanus Software Solutions
Hyderabad
11.2020 - 05.2021
- Monitored network security for potential threats and vulnerabilities.
- Executed malware analysis and threat investigations in sandbox environments, enriching Indicators of Compromise (IOCs) for threat-hunting teams.
- Performed vulnerability assessments with Nessus, validating high-risk CVEs and collaborating on remediation efforts.
- Integrated endpoint telemetry into SIEM using Microsoft Sentinel/Defender ATP, supporting log ingestion and alert tuning to reduce false positives.
- Analyzed network packets through Wireshark and tcpdump, correlating SIEM logs to enhance detection workflows during phishing simulations.
Education
Master of Science - Information Technology
Charles Sturt University
Melbourne, Australia07-2020
Bachelor of Science - Computer Science Engineering
Saveetha School Of Engineering
Chennai07-2013
Skills
- Threat Intelligence & Hunting: IOC Enrichment APT Campaign Tracking OSINT Collection Dark Web Monitoring Adversary Profiling MITRE ATT&CK Mapping Threat Actor TTP Analysis
- Security Operations (SOC): Log Analysis Incident Response Phishing & Malware Investigations Endpoint Detection & Response (EDR) SIEM Correlation SLA Management
- Microsoft Security Stack: Microsoft Sentinel Microsoft 365 Defender Defender for Cloud Microsoft Entra ID Microsoft Cloud App Security KQL Query Development SOAR Playbooks Custom Detection Rules Dashboards & Workbooks
- Vulnerability & Risk Management: Nessus Scanning CVE/CVSS Prioritization Risk-Based Patching Windows/Linux Infrastructure Security Vulnerability Remediation Tracking
- Malware & Network Analysis: Static & Dynamic Malware Analysis Packet Analysis (Wireshark, tcpdump) Firewall, IDS/IPS & Antivirus Log Analysis Sandbox Investigations
- Threat Intelligence Tools: MISP VirusTotal AbuseIPDB Threat Intelligence Platforms (TIP) Custom CTI Rule Creation
- Additional Skills: Security Policy Implementation SOC Reporting (Weekly/Monthly) Playbook & SOP Development False Positive Tuning Cyber Kill Chain & Incident Lifecycle
Timeline
Senior Analyst
Cloud4C
12.2024 - Current
Information Security Specialist
LTI Mindtree
05.2024 - 07.2024
SOC Analyst
Reserve Bank Information Technology Pvt Ltd
05.2021 - 05.2024
Cyber Security Intern
Sanus Software Solutions
11.2020 - 05.2021
Master of Science - Information Technology
Charles Sturt University
Bachelor of Science - Computer Science Engineering
Saveetha School Of Engineering
Similar Profiles
VAMSI KRISHNA NELLOREVAMSI KRISHNA NELLORE
Principal Engineer at CLOUD4CPrincipal Engineer at CLOUD4C
Saurabh KumarSaurabh Kumar
Assistant Manager at Cloud4CAssistant Manager at Cloud4C
SHASHIKIRAN B KSHASHIKIRAN B K
Associate Engineer - SAP Basis at Cloud4CAssociate Engineer - SAP Basis at Cloud4C
Divyendu KashyapDivyendu Kashyap
Regional Head Sales at ICICI Bank LtdRegional Head Sales at ICICI Bank Ltd
Manoj GuduguntlaManoj Guduguntla
Principal Consultant at NgSupplyChain Solutions Pvt LtdPrincipal Consultant at NgSupplyChain Solutions Pvt Ltd