Karumuri Rahul Benerjee

● Performed thorough investigations on high-severity incidents, revealing detection and correlation gaps,
leading to a reduction in false positives, and successful rule integration.
● Took up a leadership position for a brief period, helping to locate and fix process bottlenecks.
● Enhanced operational efficiency by implementing Kusto Query Language (KQL) queries, leading to a 30%
decrease in manual workload and a significant boost in productivity.
● Produced reports and pinpointed avenues for optimizing reporting workflows with PowerBI, leading to a
remarkable 50% reduction in manual effort.
● Assessed the severity of alerts and assigned them their corresponding metrics (TP,TN,FP,FN).
● Correlating alerts from MDO, MDI, MDA, M365D and MDE to enhance threat detection and response.
● Focused on distinguishing legitimate threats from the background noise of false positives.
● Examining and evaluating the severity and classification of various threats by investigating Indicators of
Compromise (IOCs) and Indicators of Attacks (IOAs) with reference to MITRE ATT&CK frameworks.
● Proactively engaged in Threat Hunting within customer environment drawing insights on Tactics,
Techniques, and Procedures (TTPs) from recent high-profile breaches and exploits.
● Investigated high-priority customer incidents and provided Root Cause Analysis (RCA) while working with
multiple teams.
● Monitored critical incidents generated within the internal ticketing tool and leveraging Sentinel for in-
depth analysis.
● Accountable for filing bugs and providing support until their resolution.
● Experienced in analyzing various host-based security appliance and network logs.
● Categorised incidents based on their behavioural patterns.
● Created procedural documents (SOPs) to improve operational workflows.
● Mentored and trained new team members, facilitating their integration into production environments.