BANDI NAVEEN KUMAR REDDY
About Candidate
| Ability to identify, investigate, and respond to security incidents using a variety of SIEM, SOAR, and EDR tools. Proficient in monitoring network traffic for suspicious activity. Ability to respond to network security incidents effectively and efficiently. Solid understanding of common network services and protocols. Good knowledge on cyberattacks and attack vectors. Working level knowledge on security solutions like Antivirus, Firewall, IPS, Email Gateway, Proxy, TI, VA Scanners, VPN etc. Basic knowledge on skills like Malware Analysis, Threat Hunting, Dark Web Monitoring. Exposure to using frameworks and compliances like MITRE ATT&CK. Good understanding of various SOC processes like monitoring, analysis, playbooks, escalation, incident documentation, SLAs, client meetings, report walk throughs, bridge calls etc. Keeping updated with the latest developments in the cyber security landscape. |
Education
Work & Experience
RESPONSIBILITIES: • Working in Security Operation Center (24x7), monitoring of SOC events, detecting, preventing & responding to various Intrusion attempts, threats, vulnerabilities using SIEM tools like Splunk, AISaac. • Acknowledging and closing false positives and raising tickets for validated incidents. • Monitoring security solutions like Firewalls (Palo Alto, checkpoint, Fortinet, Cisco), VPN (Checkpoint, Azure), DLP, Email Gateway, AD, UTM, Web server, Load Balancer, EDR, Proxy, Antivirus, IPS/IDS etc. • Detect and respond to security incidents, including malware infections, network intrusions, and unauthorized access attempts. • Investigate and analyze security incidents to determine the extent of the breach and recommend appropriate remediation actions. • Monitoring and troubleshooting Silent Log Sources which are in log stoppage to make sure no alert is missed on that log source. • Creation of playbooks for use cases to standardize and automate security tasks. • Track threat actors and associated tactics, techniques, and procedures (TTPs). • Responding to various security alerts for various clients and scanning for vulnerabilities using tools like Nessus. • Analyzing, Investigating, responding to Phishing and Spam Emails which have been reported. • Blocking of suspicious URLs in zscaler which users have tried to communicate to stop infecting the network. • Collecting IOCs, validating against our network and take appropriate action for incident monitoring. • Investigating the security logs, mitigation strategies and responsible for preparing security incident reports. • Interacting with customer for troubleshooting and resolving the respective tickets on confirmation. • Fine tuning of use cases and implementing triage rules for reducing false positives. • Creation of SOPs to achieve efficiency, quality output, and uniformity of performance, while reducing miscommunication and failure to comply with industry regulations. • Creation of daily, weekly and monthly reports. • Troubleshooting SIEM dashboard issues when there are no reports getting generated or no data available. • Acting as first level of support for all Security Issues. • Deep dive Investigation through Falcon EDR, MDE. • Coordinate responses to security incidents in a timely manner without breaching the SLA. • Handling the failed logins issues from the different systems. • Using Service now to handle & track all kind of incidents or Tickets. • Coordinates with the respective teams to Mitigate/Remediate the issues.
