Durga Raja Raviteja Gunnam
About Candidate
| Having 4years 6 months relevant experience in Cyber Security/Information Security and currently working as Threat Specialist (Cyber security team) Overall 6years 8 months of experience in Information Technology. Responsible for Operating and maintaining Symantec Endpoint Security Manager. Reduce Risk by providing and maintaining Data Leakage Protection tools. Hands on experience on Threat analysis and Security Monitoring various security applications. Having hands on experience in investigating, analysis and mitigating the security events triggered in SIEM, EDR, O365 etc. Preparing daily, weekly and monthly reports as per requirement. Experience on performing Log analysis, Malware Analysis, Phishing Mail Analysis, Incident Analysis and analyzing the crucial alerts on an immediate basis. Good knowledge on networking concepts including OSI layers, Subnet, TCP/IP, Ports, DNS, etc. Good understanding of security solutions like Firewalls, DLP, Anti-virus, IPS, Email Security etc. Hands-on experience with Splunk SIEM tool for logs monitoring and analysis. Experience working in 24x7x365 security monitoring and incident response activities, on-call rotations and shift rotations as need. |
Education
Work & Experience
Responsibilities: • Monitoring the user network using SIEM tool. • Monitoring and collecting active data from end points that could indicate a threat and analyze this data to identify threat patterns. • Performing Real-Time Monitoring, Investigation, Analysis, Reporting and Escalations of Security Events from Multiple log sources. • Having keen understanding of evolving internet threats to ensure the security of client networks. • Escalating the security incidents based on the client's SLA and providingmeaningful information related to security incidents by doing in-depth analysis of event payload. • Providing recommendations regarding security incidents mitigation. • Working in Security Operation Center (24x7), monitoring of SOC events, detecting and preventing the Intrusion attempts. • Monitoring, analyzing and responding to infrastructure threats and vulnerabilities. • Collecting the logs of all the network devices and analyzing the logs to find the suspicious activities. • Responsible for preparing the root cause analysis reports based on the analysis. • Analyzing daily, weekly, and monthly reports.
Responsibilities: • I’m part of the internal Cyber Defense Centre team. • Monitoring the internal users for the whole organization. • Monitoring and working in the SNC tool and also part of resolving the tickets. • Monitoring the SIEM tool Splunk will work and resolve the notables based on priority. • Connecting with the users to investigate further for root cause analysis. • Works on all the priority level incidents. • Monitoring, analyzing, and collecting the logs for all the suspicious threats from the available tools • Providing all the recommended analyses and steps to create the ARPs • Works in 24*7, rotational shifts. • Creating daily reports.
