Shankar Reddy

Worked in a 24x7 ● Security Operations Center Conduct log analysis using SIEM Tools like splunk and azure sentinel. ● ● Expert in kusto query language. ● Validate the submitted information through use of Microsoft KQL Utilize Firewall, Windows & Antivirus Logs to monitor malicious activities on the network, IPS/IDS logs to uncover malicious activity going on within network. ● Identify and ingest indicators of compromise (IOCs), e.g. malicious IPs/URLs Hands-on experience with Threat Hunting and Investigation. ● Perform Static and dynamic malware analysis (aware of file structure like, PE, PDF, etc...) ● Analyzing PE files (Dynamic and static analysis) and providing detection for malicious PE files. ● Analyzing non-PE files (like PDF / DOC/ETC..) and providing detection for malicious files. ● Investigate malicious phishing emails, domains and IPs using Open-Source tools and recommend. ● Hands on experience on the Incident Response activities like malware analysis, phishing analysis. ● Investigate incidents using Active Dashboards/Events/Graphs /Annotations and reports. Escalating issues to senior soc analyst and management when necessary. ● Conduct vulnerability assessments to identify cyber security risks and critical flaws within the company's networks, applications and operating systems. ● Evaluate vulnerability scan findings and prioritize vulnerability resolution based on their severity and potential impact. ● ● Monitor and oversee the progress of vulnerability remediation efforts,ensuring that identified issues are promptly resolved and closed. Familiarity with enterprise security tools such as IDS/IPS, Anti-Virus, Malware, Gateway, Messaging Servers, Firewalls and Proxy. ● ● Knowledge of Sophos Intercept X with EDR. Good knowledge on networking concepts including OSI layers and TCP/IP Model