GOPI KRISHNA
About Candidate
Proficient in SIEM tools like Qradar for real-time event monitoring.
Strong grasp of OSI Models, Protocols, WAN/LAN concepts, Routing protocols, and VPN.
Expertise in preparing and delivering reports tailored to client requirements.
Skilled in IDS/IPS systems including Check Point, HP Tipping Point, and Check Point IPS.
Experienced in investigating security threats and collaborating with onsite SOC teams for resolution.
Capable of identifying and blocking malicious URLs and IPs to prevent potential threats.
Proficient in log analysis and addressing critical alerts promptly through SIEM.
Ability to understand packet-level data for Intrusion Detection and Prevention, and Network Security.
Familiarity with various security products and host security measures.
Competent in phishing and spam email analysis using Ticketing tools like Live time.
Experienced in handling alerts from Symantec Endpoint Protection and CrowdStrike EDR.
Knowledgeable about Intrusion Detection, operating systems, and web technologies.
Exposure to Ticketing tools like ServiceNow for incident tracking.
Skilled in correlating events and creating rules for effective threat investigation.
Proficient in Incident Management lifecycle and virus alert analysis.
Education
Work & Experience
Act as first level support for all Security Issues Log Analysis Email Analysis and deep investigation reports Monitor SIEM alerts, analyze events in SIEM and raise Security incidents in Ticketing Tool Service Now. Monitoring security systems and networks for anomalies. Investigating security violations, attempts to gain unauthorized access, virus infections, etc. Coordinate responses to security incidents in a timely manner. Work with various teams across the organization to improve security posture. Exposure to Documentation and Reporting. Escalating the security incidents based on the SLA and providing meaningful information related to security incidents by doing in-depth analysis of event payload, providing recommendations regarding security incidents mitigation which in turn makes the customer business safe and secure. Creation of reports and dashboards and rules Maintain & Document the application support strategy. Coordinate with network team, platform team,Firewall team, application team to complete the task. Monitoring the customer network using IBM SIEM tool – QRadar, Splunk, Azure Sentinel. Review of SOC incidents, remediation, SLA. Good Knowledge on Splunk Enterprise for log collection and Data Analytics. QRadar Administration, QRadar upgrades and patching, Active management of Log source Health, EPS license and System performance. Implementation and managing of QRadar applications. Use case creation, Fine tuning, and Use case gap assessments. Responsible for Weekly, Monthly and Quarterly Customer calls, Governance calls, and account management. Enhancement to SOC operation, Tracking operational issues, risks
