Manikanta Akula
About Candidate
| To leverage my strong analytical skills and extensive knowledge of cybersecurity in a Security Analyst role within a SOC team. I aim to contribute to real-time monitoring, incident response, and threat intelligence analysis, while ensuring the protection of critical assets and infrastructure. With a proactive approach, I will actively identify and mitigate security risks, conduct thorough investigations, and implement effective security measures. I am dedicated to maintaining a strong security posture and staying updated with the latest threats and technologies, in order to provide robust defense and support to the organization |
Education
Work & Experience
Over all 1 year of experience in information Technology with Mindtree • Having 1 year of relevant experience in Information security and currently working as Security Analyst • Experienced in analyzing, researching Window/Unix Security Logs as well as logs from DLP (Netskope) tools, Anti-Virus/Malware, Vulnerability Assessment (Qualys), EDR (Falcon Crowd strike), Web application firewall (akamai), Phishing (Proofpoint), Firewall (Palo Alto), Ticketing tool (Service Now Splunk SOAR) Roles & Responsibilities • Worked in a 24x7 Security Operation Center • Monitoring the customer network using ArcSight, Splunk SIEM • Act as a first level support for all Security issues • Analyzing Realtime security incidents and checking whether its true Positive or false positive • Performing Real-Time Monitoring, Investigation, Analysis, Reporting and Escalations of Security Events from Multiple log sources. • Raising true positive incidents to the respective team for further sources. • Creating tickets on service now and assigning it to respective team and taking the follow-up until closer • Escalating the security incidents based on the clients SLA providing meaningful information related to security incidents by doing-in-depth analysis of event payload, providing recommendations regarding security incidents mitigation which in turn makes the customer business safe and secure. • Contacting the customers directly in case of high priority incidents and helping the customer in the process of mitigating the attack. • Determine the scope of security incident and its potential impact to client network, recommend steps to handle the security incident with all information and supporting evidence of security events. • Monitoring security systems and networks for anomalies • Work closely with business units to ensure that they know what and how to feed data into the Splunk SIEM • Co-ordinate with networking teams to maintain and establish communication to remote Splunk Connectors • Investigate malicious phishing emails, domain, and Ips using OpenSource tools and recommend proper blocking based on analysis • Integration of new devices with Splunk such as Windows, Linux, CISCO Firewall, Routers, Switches etc. • Doing the troubleshooting if any device is not sending the logs to the
