Gonaboina Siva Sai

Download CV

About Candidate

 3.6 Years of Hands-on Experience in securing the network environment using SIEM tools like Qradar and Splunk.  Experience on security operations, incident management, intrusion detection, and security event analysis through Qradar & Splunk SIEMs.  Experience in Monitoring & Investigating incoming Events in Qradar and Splunk.  Experience working in 24×7 operations ofthe SOC team, offering log monitoring, security information management, and global threat monitoring.  Good understanding of log formats of various devices such as Vulnerability Management Products, IDS/IPS, Firewalls, Routers, Switches, OS, DB Servers, and Antivirus.  Experience in generating Daily, Weekly & Monthly Reports fromQradar and Splunk.  Exposure to Ticketing tools like Service Now.  Strong knowledge ofthe Event Life Cycle and its Phases.  Strong knowledge ofIncident management life cycle.  Familiar with Networking Concepts.  Good communication, problem-solving skills, and the ability to acquire new skills in a timely manner.  Abilityto build successfulrapport with coworkers, employees, and Clients.  Conduct a thorough investigation ofsecurity events generated by our detection mechanisms such as SIEM, IDS/IPS, and AV.  Monitor and analyze Intrusion Detection Systems (IDS) to identify security issues for remediation.  Recognize potential, successful, and unsuccessful intrusion attempts and compromise thorough reviews and analyses of relevant event detail and summary information.  Evaluate firewall change requests and assess organizational risk.  Identifying and investigating/resolving data exfiltration and phishing event

Education

B
Bachelors of Technology
Vishnu Institute of Technology,

Work & Experience

S
SOC Analyst L2 JAN 2021 - Present
Web affinity Technologies Pvt Ltd

Regularincident handling,health check monitoring, log analysis and reporting.  Followed a detailed operational process and procedures to appropriately analyze,escalate, and assistin remediation of critical information security incidents.  Investigate Incidents using Channels/ Events/ Graphs/ Annotations/ Cases and Reports.  Monitoring and investigating informationand security logsfrom infrastructure layerand security device using Securonix and Splunk forlog analysis.  Analyze Threat Patterns on varioussecurity devices and Validation of False/ Truepositive Security Incidents.  Creation of Patch / Threat Advisories for customer based on attack trend and pattern.  Investigating malicious phishing emails, domains, and IPs using Open-source tools and recommend proper blocking based on analysis.  Handling end point alerts in CrowedStrike.  Proven desire and ability to self-educate in order to keep pace with the evolving information security landscape of yesterday and the ever-changing cyber threats oftoday, while maintaining an awareness of ever-increasing risk introduced by the complexities of future technology.  Evaluating Global CERTS in cert nvd.  Responding to computer security incidents by collecting, analyzing, providing details evidence (network log files) and ensure that incidents are recorded and tracked in accordance with its guideline and requirements.  Assist with the development of processes and procedures to improve incident response times, analysis of incidents, and overall SOC functions.  Document all activities during an incident and providing leadership with status updates during the life cycle of the incident.  Create andmaintainoperational reportsfor Key Performance Indicators andweeklyand Monthly Metrics.  Scheduling and scanning servers and generating vulnerability reportsinQualys.  Creating templates, policies and tagsfor Security Configuration Assessment inQualys.  Canwork ina challenging environment,good team player andcan work independently.  GivenProcess oriented training to new teammates

Related Candidates

Be the first to review “Gonaboina Siva Sai”