Surapelly Pranay
About Candidate
| Obtain a challenging and rewarding position as SOC Analyst with an organization this recognizes my true potential and provides me sufficient avenues for professional growth through nurturing my technical skills. • Having 2.4 years of experience as SOC analyst (Security Operation Centre). • Working experience in 24X7 operations. • Hands-on experience on SIEM tools like monitoring real-time events using ArcSight ESM. • Monitoring, investigation and mitigation of security incidents in pre-defined SLA. • Working experience on Endpoint Detection and Response. • Perform incident monitoring, response, triage and initiate investigations. • Good knowledge on Cyber kill chain and MITRE ATT@CK framework and TTPs. • Good knowledge of networking concepts including OSI layers, subnet, TCP/IP, and Ports. • Good knowledge of DNS, DHCP, firewall monitoring, content filtering, checkpoint, etc. • Good understanding of security solutions like Anti-virus, Firewall filtering/monitoring, IPS, VPN, Web security and Email Security. |
Education
Personal Attribute ➢ Strong interpersonal and communication skills, strong attitude towards teamwork and common goals achievement. ➢ Always try to think out of the box to finish the given task. ➢ Fast learner, able to catch new technologies
Work & Experience
Responsibilities: • Worked in 24X7 Operations. • Monitoring of real-time events using SEIM tools like ArcSight ESM, Splunk & Alienvault usm. • Collecting the logs of all the network devices and analyze the logs to find the suspicious activities. • Analyzing threats by taking the events from Firewalls, Endpoints, Servers, IDS/IPS etc. and identify whether it is true positive or false positive. • Performing Real Time Monitoring, Investigation, Analysis, Reporting and escalations of security events from multiple log sources. • Testing the use case to find whether the alert triggered for TP or FP. • Investigating Phishing, Malware & port scanning related security incidents and recommend blocking of IP's, domains, hash values on security devices & AV if found malicious. • Raising incident with concern teams, respond to the incidents and service requests and bring together additional information to either resolve or escalate the issue to the appropriate teams. • Analysis of SIEM alerts using SOP’s. • Raising the tickets only after basic analysis and close if it is false positive or escalate them when it is true positive. • Follow up of the tickets until it is closed. • Preparing the reports about the incidents. • Responsible to prepare the root cause analysis reports based on the analysis. • Work with various teams across the organization to improve security posture. • Preparation of SOP documents.
