Vinod Kumar Inumarthy
About Candidate
| Having total 3.8 years of experience in Information Security and currently working as Security Analyst (Security Operation Center team). Experience on SIEM (Security Information and Event Management) tools like monitoring real-time events using Qradar. Prepared daily, weekly and monthly report as per client requirements. Investigating and creating case for the security threats and forwarding it to Onsite SOC team for further investigation and action. Good Knowledge on OSI Models, Protocols, security concepts, WAN and LAN concepts, Routing protocols, Firewall security policies, VPN. IDS/IPS – CheckPoint, HP Tipping Point, Check Point IPS. Have excellent knowledge of Intrusion Detection (deep TCP/IP knowledge, and Cybersecurity), various operating systems (Windows/UNIX), and web technologies (focusing on Internet security). Have ability to read and understand packet level data Intrusion detection and prevention and Network Security Products (IDS/IPS, firewalls, etc.) Host Security Products (HIPS, AV, scanners, etc.). Experience on performing log analysis and analyzing the crucial alerts at immediate basis through SIEM. Experience in handling critical alerts from Symantec Endpoint Protection and working for resolution. Experience in handling alerts from Crowdstrike EDR and investigation. Correlating the incoming events by creating rules based on specific set of conditions and logical operations. Hands on experience on Threat Investigation analysis and Security Monitoring and Operation. Identify malicious URLʼs and suspicious IPʼs from IDS events generated and block the malicious website on proxies to prevent future download of the virus. Analysis of virus alerts triggered by the Symantec (SEPM) and provides the remediation steps. SEP health analysis and reporting the outdated workstations to update the virus definitions. Phishing and Spam Email analysis through Ticketing tool Live time. Prepared Vulnerability Assessment reports and remediation steps post assessment using Tenable Nessus and QualysGuard. Have knowledge on vulnerability management. Exposure to Ticketing tool like ServiceNow. Strong knowledge on Incident management lifecycle. Good communication, problem solving skills and the ability to acquire new skills in a timely manner. |
Education
Work & Experience
Key Roles: - Working in Security Operation Center (24x7), monitoring of SOC events, detecting and preventing the Intrusion attempts. Good understanding of security solutions like Firewalls (Palo Alto, checkpoint, Fortinet) DLP, Anti-virus, IPS, Email Security etc. Responding to various security alerts for various client and scanning for vulnerabilities using tools like Qualys. Monitoring real-time events using SEIM tools like Splunk. Handling Alerts from multiple Security Log sources such as Proxy, Anti-Virus and EDR. Deep dive Investigation through Falcon EDR. Monitoring, analyzing, and responding to infrastructure threats and vulnerabilities. Phishing and Spam Email Analysis. Investigate the security logs, mitigation strategies and responsible for preparing generic security incident reports. Having excellent knowledge of Intrusion Detection (deep TCP/IP knowledge, and Cyber security), various operating systems (Windows/UNIX), and web technologies (focusing on Internet security). Monitoring packet level data Intrusion Detection and Intrusion Prevention and Network Security Products (IDS/IPS, firewalls, etc.) Host Security Products (HIPS, AV, scanners, etc.). Responsible to preparing the Root Cause Analysis (RCA) reports based on the analysis. Analyzing daily, weekly, and monthly reports. Creating case for the suspicious issue and forwarding it to Onsite SOC team for further investigation. Website Anti-Malware and Defacement monitoring and real-time alerting based on anomalies detected. Troubleshooting SIEM dashboard issues when there are no reports getting generated or no data available. Act as first level support for all Security Issues. Monitor SIEM alerts, analyze events in SIEM and raise Security incidents in Ticketing tool ManageEngine. Experience in Monitoring & Investigating the incoming Events in the MacAfee DLP. Monitoring security systems and networks for anomalies. Investigating security violations, attempts to gain unauthorized access, virus infections, etc. Coordinate responses to security incidents in a timely manner. Work with various teams across the organization to improve security posture.
