PRAVEEN CHAND BANDI

• Working as a Security Analyst, Performing Real-Time Monitoring, Investigation, Log Analysis, Reporting and Escalations of Security Events from multiple log sources. Indulged in fine tuning of work structure and triggering of the incidents. • Work closely with business units to ensure that they know what and how to feed data into QRadar and to create network hierarchy, classify Log Sources within the QRadar SIEM. • Design, implement, and administer Data Loss Prevention (DLP) solutions across multiple environments, including configuration, policy creation. • Monitor DLP alerts, investigate incidents, and provide timely response and remediation actions to mitigate risks. • Monitoring the customer network using SIEM tool –IBM Qradar, Splunk. • Worked on incidents and suggested required changes to make the task easier. • Monitoring security alerts and raw logs as well as alerts triggered in SIEM tool integrated with various devices like IDS/IPS, Firewalls, Endpoint tools to make sure all the company assets are free from external attacks. • Vulnerability analysis of both internal and external of the networks. • Working on DLP incidents and policy fine tuning. Managing the customer queries on blocking and helping with the solutions. Escalating the incidents to the respective departments. • Categorizing vulnerabilities into different remediation groups and ensuring the remediation. • Monitoring & Troubleshooting the Schedule scan task running status in Qualys Vulnerability Manager Console and latest Signature Updating. • Perform quarterly and monthly Vulnerability scans. • Coordinate with Remediation team to complete the Vulnerability patching till closer. • Performing daily activities, monitoring and remediation of servers/workstations for virus infectionsand threats. • Analyze issues & escalate to appropriate Levels. • Knowledge on basic trouble shooting. • Understanding phases of QRadar event life cycle and describe the functional processing whichoccurs during each phase. • Daily SIEM Health check and troubleshooting the issues. • In-depth log analysis to create use cases based on anomalies. In-depth Incident analysis and escalation to concerned team. • Conduct regular false analysis on the existing content. Define monthly/quarterly reports/trends as perinternal team requirement. • Endpoint detection and response on Crowd Strike. • Hands-on experience in dynamic malware analysis. • Collect the suspicious files/script and perform malware analysis using sandboxing. • Hands-on experience in security incident response lifecycle and its phases. • Identify gaps in IT infrastructure by mimicking an attacker’s behaviors and responses. • Provide expert analytic investigative support of large scale and complex security incidents. • Direct prior experience with core security technologies (SIEM, firewalls, IDS/IPS, HIPS, proxies,vulnerability scanners, AV, etc.)