Hemanth Kumar Reddy Vennapusa
About Candidate
| Having 2 .7 years of experience in Security Operations Center(SOC) and currently working as C y b e r Security Analyst in Virtusa Consulting Services Pvt Ltd. Hands-on experience in Threat analysis and Security Monitoring and Operations. Experience with SIEM (Security Information and Event Management) tools like Microsoft Sentinel, Darktrace, MS cloud , MS defender, DLP tool. Preparing daily, weekly and monthly reports as per client requirements. Investigating and creating a case for the security threats and forwarding it to the Onsite SOC team for further investigation and action. Experience in performing log analysis and analyzing crucial alerts on an immediate basis. |
Education
Work & Experience
Roles & Responsibilities: Served as Security Analyst in SOC operations for real-time monitoring, analyzing logs from various security/Industrial appliances by using SIEM tool , and troubleshooting of logging issues. Administrating various incidents/security alerts triggered in the SIEM tool. Incident Analysis on Malware attacks and different types of attacks such as DOS,DDOS,DNS Poisoning and Phishing attacks. SIEM consultant for log & event analysis, incident investigation, reporting, remediation for incident detection. Performing Real Time log Monitoring, Investigation, and Reporting on Security Events from Various log sources in the SIEM Tool. Auditing the rules based on security standards and refining it. Carrying out log monitoring and incident analysis for various devices such as Firewalls, IDS, IPS, databases, web servers, and so forth. Monitoring 24x7 for Security Alerts and targeted phishing sites by using SIEM, t o o l s with the help of technologies such as Watermark, Referrer, Abuse mailbox, and similar-sounding domains. Maintain a keen understanding of evolving internet threats to ensure the security of client networks. Escalating the security incidents based on the client's SLA and providing meaningful information related to security incidents by doing an in-depth analysis of event payload, providing recommendations regarding security incidents mitigation which in turn makes the customer business safe and secure. Co-ordinate extensively with networking teams to maintain and establish communication with remote Microsoft sentinel Collectors/Processors. Determine the scope of a security incident and its potential impact on the Client network recommend steps to handle the security incident with all information and supporting evidence of security events. Creation of reports and dashboards and rules fine-tuning. Detection: Expertise and knowledge in hunting, as well as automated event detection of services, to identify any suspicious or malicious activity across the enterprise. Continuous improvement of all detection processes and corresponding technology components. Investigation: will be expected to take ownership and investigate events and incidents to determine scope, risk, and severity will be expected to perform forensics as part of the investigation to help determine the scope, risk, and severity. Remediation: As the Incident Response Coordinator you take ownership of remediation activities and work closely with various departments in the organization to remove suspicious and malicious activity and traffic, and where required restore services. Make appropriate changes to guarantee that such security events and incidents do not reoccur. Working knowledge of TCP/IP model and co-relating with real-life scenarios Good communication and collaboration skills. Good understanding of ITIL processes including Change Management, Incident Management, and Problem Management.
