MALLESH DONTHAMSETTY

Real Time Log analysis from different network security devices such as Firewalls, IDS/ IPS, Operating Systems like Windows, UNIX, Proxy Servers, Windows Servers, System Application, Databases, Web Servers and responding to intrusion. • Escalates and hands off to team members and leadership based on defined threat and priority determination. • Creating an incident ticket with device owners and Tracking Security incidents to closer by coordinating with different teams. • Create and run search queries in SIEM tool to help with identifying and troubleshooting security issues. • Conducts technical analysis on impacted systems to determine impact, scope, and recovery from active and potential cyber incidents. • Documents results of cyber threat analysis and subsequent remediation and recovery in an effective and consistent manner. • Develop and maintain clear and concise documentation during an event or incident. • Ensure software is patched and able to protect from threats. • Develop use cases for some security devices with correlation rule. • Provide threat analysis and security logs for security device • Utilize Threat intelligence tools. • Ability to interact effectively with different infrastructure teams like network, systems, compliance, database, Firewall etc. • Preparing daily/Weekly/Monthly reports and security advisory covering both management and compliance specific devices. • Prioritized the alert based on log generated device and its impact if required assign the tickets with L2 and L2 team of information Security.