Komala Kalla

Actively involved in monitoring Microsoft Azure console in order to identify any potential security breaches across the network by monitoring active channels and dashboards. • Worked on SNOW incidents creation to closing • Handling client calls • Handling the different issues like Phishing, Spam, Scam and Malicious email. • Participating in the incident response and investigation process. • knowledge in understanding MITRE Framework Attack Tactics and Techniques. • Monitoring 24x7 for Security Alerts and targeted phishing sites by using SIEM tool with the Help of technologies such as Abuse mailbox (Abnormal Security). • Good Knowledge on OSI Models, Protocols, security concepts • Hands on experience in SIEM Platform (Sentinel, Splunk) • Having experience on SIEM, SOAR, EDR, Sandbox etc. • EDR Falcon Monitoring & Deep dive Investigation • Developing Standard Operating Procedure (SOP) for all the use cases created and providing Manual Investigation Guidelines for the engaged clients • Providing recommendations for azure security centre for better security score • Monitoring alerts triggered from sentinel and by analysing logs and by taking necessary actions with respect to alerts and remediate the alerts by meeting SLA • Identifying and understanding the incident based on to determine whether it's false or true positive, ruling out false positive and fine tuning the rules • Filling the Daily health checklist • Preparing weekly, fortnight and monthly report as per client requirement. • Responsible to investigate the health check-up and if any Tables are not responding, Investigate the RCA and take necessary actions • Will document the tickets fully with all the action taken for the incident and update it on frequent basis and maintain ticket quality by documenting it with all the required comments.