KOLLI BHEEMESWARA REDDY
About Candidate
| Analytical, dedicated and detail-oriented Security Analyst with over 1.8 + years of experience in monitoring and Analyzing the security of critical systems such as e-mail servers, database servers, web servers and implementing changes to highly sensitive computer security controls to ensure appropriate system administrative actions, investigation, and preparation of reports on noted irregularities. Skilled in performing real-time monitoring, security incident handling, investigation, analysis, reporting, and escalation of security events from multiple log sources Experienced in information security strategy, risk assessments, security architecture and governance, penetration testing (Web & Infra), regulatory audits, code reviews, malware analysis and forensics, threat management and so on Expertise in conceptualizing & implementing security fundamentals, application protocols. Gained industry experience in integrating of new Data Sources such as Windows, Linux and networking devices like Firewall, IPS/IDS, DNS, Active Directory (AD), DLP to Splunk (SIEM) and decommissioning. Splunk Certified professional and Azure Certified professional Staying up to date on latest trends, issues and news related to information security. Highly skilled in conducting vulnerability testing and risk analyses to assess security and performing internal and external security audits |
Education
Work & Experience
Monitoring computer networks carefully, recognizing any suspicious activity and quickly responding to security threats and a wide variety of security tools directly and via the SPLUNK ES as necessary, to detect cyber-attacks and other unauthorised activity. Ensuring all the Indexers, receiving logs from all the forwarders Managing Splunk knowledge objects such as Apps, Dashboards, Saved Searches, Scheduled Searches, Alerts Creating incidents and logging monitoring for different severity if required Resolving escalated tickets and perform deep-dive incident analysis with advance tools and techniques, including open-source tools and approach not limited to only SOPs. Experience on Distributed Splunk architecture and components including search heads, indexers, forwarders. Installing and configuring Splunk Universal forwarders on both linux and windows servers. Mobile: +91 9182323393 E-Mail: [email protected] Writing SPL Queries for the use cases for the monitoring and visualizing the logs from various data sources. Creating scheduled alerts and reports as per the use cases. Enriching the log data through integrating various Threat intel data feeds Onboarding the data to Splunk Stay current on the ability to predict, detect, and respond to the latest security risks, threats, and technology trends. Experience in auditing and implementing the HITRUST CSF. Execute day-to-day activities of HITRUST assessments and validate evidences for the HITRUST audits. Experience working with security control frameworks such as NIST 800-53, CIS Critical Security Controls, SOC 2, HIPAA and HITRUST. Work with the third-party application to integrate data from various data feeds to centralized Splunk platform Mapping the custom use cases to MITRE ATT& CK Framework Following up with respective teams on raised incidents and give necessary inputs on remediation action to be taken. Executing root cause analyses, recommend process improvements, and write final post-incident reports
