S VENKAT SAIKIRAN
About Candidate
Having total 4.3 years of experience in Information Security and Security Analyst with various projects
(Security Operation Center team). Experience on (Security Information and Event Management) SIEM tools like monitoring real-time events
using QRadar. Email analysis through Ticketing tool Live time. Strong knowledge on Incident management life cycle. Preparing daily, weekly and monthly report as per client requirement. Successfully implemented and configured Forcepoint DLP to align with organizational data protection
requirements
Devices health analysis and reporting the outdated workstations to update the virus definitions. Phishing and
Spam
IDS/IPS – Check Point, HP Tipping Point, Check Point IPS. Conducted real-time monitoring of data movements to detect and address potential security incidents promptly
Successfully implemented and configured Forcepoint DLP to align with organizational data protection
requirements
Take immediate remediation on the Bad Threat Intel IOCs includes IP’S, URLs, etc., Demonstrated experience in Blacklisting the required countries and IOC in the firewalls, Email Security, EDR, etc., Identify and prioritize current vulnerabilities in client environments based on analysis from security
instrumentation. Created and managed effective DLP policies to prevent unauthorized access and data leaks. Ensured that DLP implementations complied with relevant regulatory and industry standards. activity. Maintain state on current cyber threat actor techniques, tactics, and procedures. Handling alerts from Crowd strike EDR and investigation. Correlating the incoming events by creating rules
based on specific set of conditions and logical operations. Responded to and resolved DLP incidents, ensuring minimal impact on business operations and safeguarding
sensitive information
Having excellent knowledge of Intrusion Detection (deep TCP/IP knowledge, and Cyber security), various
operating systems (Windows/UNIX), and web technologies (focusing on Internet security). Investigating and creating case for the security threats and forwarding it to Onsite SOC team by using SIEM for
further investigation and action. Hands on experience on Leveraged Forcepoint’s advanced features, such as machine learning and analytics, to
enhance data loss prevention capabilities. Proficient in utilizing Forcepoint’s advanced features to provide robust data loss prevention solutions. Leveraged Forcepoint’s advanced features, such as machine learning and analytics, to enhance data loss
prevention capabilities. Implemented and managed antivirus solutions to protect endpoints from malware and other threats. Good Knowledge on OSI Models, Protocols, security concepts, WAN and LAN concepts, Routing protocols. Having ability to read and understand packet level data Intrusion detection and prevention and Network Security
Monitored and responded to security incidents using EDR tools, ensuring rapid identification and mitigation of
threats. Experience on performing log analysis and analyzing the crucial alerts at immediate basis through SIE
Education
Work & Experience
Management and administration of IBM QRadar, Splunk SIEM. Creating Security Alerts, Reports, Dashboards, Reference sets, managing and integrating new log sources in SIEM. Enhancing SIEM capability by integrating threat feeds or IOC feeds (using API’s or tokens). Threat hunting- Finding suspicious events and anomalies in the environment. Creating and managing SOC documentations and SOP’s. Creating monthly review report for management review. Deployment, configuration, maintenance, troubleshooting, and management of Forcepoint DLP. Managing incident handling and performing both L1 and L2 tasks for DLP and Microsoft Pure view DLP. Understanding and managing DLP activities including monitoring, triage, investigation, and incident management. Knowledge of components such as DLP, SIEM, SOAR, CASB, and Proxy, and how they interconnect Utilized real-time monitoring capabilities of AV and EDR solutions to ensure continuous protection and quick response to potential threats. Successfully drove the Data Privacy program end-to-end under the guidance of the AVP-Data Privacy and directions from the DPO and CISO. Hands on experience on Threat Analysis and Security Monitoring and operation. Experience on SIEM (Security Information and Event Management) tools like Splunk, QRadar Creating and managing SOC documentations and SOP’s. Leveraged threat intelligence feeds to enhance the effectiveness of AV and EDR solutions in detecting and preventing advanced threats. Support in Implementation of global best practices like ISO 27701:2019 PIMS (Privacy Championed a culture of data protection, privacy, and compliance throughout the organization, ensuring awareness and adherence to best practices. Understanding on Information Security & SOC Operation or GRC function ITIL framework, Working on security incidents and escalating them to respective teams for resolution. Working on security alerts or incidents forwarded from L1 SOC team. KPI & metrics to senior management Log analysis/ Packet analysis/ Malware analysis. Security compliance management Automating SIEM alerts and processes. Responsible for vendor management in procuring tools and technologies and management. Develop an achievable set of security performance objectives and then measure and report. Strong understanding of data protection principles and practices, ensuring compliance and security of organizational data. Support in implementing ISO 27001:2013 ISMS and IS policy to build ISO 27701 PIMS. Co-ordinate and support external audits and assessments agile project management and leadership. Closely work with Information Security - GRC team for driving the privacy program. Email Phishing- Initiating campaigns within organization for awareness of the employees. Conducted regular risk assessments and vulnerability assessments to identify and mitigate potential security threats. Regularly update the status and progress to CISO/DPO, ISSC, SCT and the Board, (Information Security Management System) standard &. Proficient in using EDR tools for monitoring, detecting, and responding to endpoint security incidents. Information Management System) standard & certification on top of ISO 27001:2022 ISMS. Handle budget planning and payments as per Dept requirements. Coordinate and participate in on-call duties as per security and privacy initiatives and new projects. Actively served as a team member of the data privacy division, liaising with staff, regulators, and relevant authorities on issues pertaining to data protection and compliance with DPDPA 2023 Expertise in integrating AV and EDR solutions with broader security infrastructure to enhance overall protection. Collaborated with audit teams to address findings and implement corrective actions. Managing Report phishing DL and investigating suspicious mails reported from users. Application testing (using Sandbox). Policy creation and incident handling in Forcepoint DLP and McAfee Sky-high. Security incidents monitoring Ensured compliance with DPDPA 2023 requirements, SEBI, NCIIPC, and other regulatory guidelines issued periodically on data protection and privacy. Helping in day-to-day security process improvement
