VARA PRASAD

➢ Working as Security Analyst for 24*7 SOC environment. ➢ Monitoring and analysis of events generated by various security and network tools like Firewalls, Proxy servers, AV, IPS/IDS, Cloud (Amazon, Azure, and Google) Windows and Linux servers ➢ Following end to end Incident Investigation and Incident Response process, ensuring to close the investigation within defined SLA ➢ Responsible for monitoring of security alerts, analysis of logs generated by appliances, investigation, and assessment based on the incidents generated. ➢ Use SIEM tools (IBM Q Radar & LogRhythm) to detect possible signs of security breaches and perform detailed investigation to confirm successful breach. Perform root cause analysis (RCA) and appropriately handle the incident as per defined Incident Management Framework. ➢ Escalation of security incidents to concerned teams and their management and follow-up for closure. ➢ Recommendations provide for Proactive of Threat hunting and Threat detection of all the attacks. ➢ Creating tickets using the ticketing tools like Snow &Jira ➢ Analysis of daily and monthly reports for incident management using the Microsoft Excel & Word Page 2 of 3 ➢ Coordinating with Network team, Server team regarding activities and technical issues. ➢ Creating vulnerability and remedy reports and reporting them to users. ➢ Finding the Critical servers and application inventory from respective business owners and scheduling the scan weekly, monthly, and Quarterly basis. ➢ Knowledge sharing session with the team members whenever complex incident issues are raised and lessons learned from other team members. ➢ Scanning the environment using Nessus tool and finding the vulnerabilities based on the business units and sending the report to respective business owners. ➢ Attending calls with business owners, Windows, and Linux team for scheduling the Vulnerability Management patching and remediation part without business disruptions.

➢ Working as Security Analyst for 24*7 SOC environment. ➢ Monitoring and analysis of events generated by various security and network tools like Firewalls, Proxy servers, AV, IPS/IDS, Cloud (Amazon, Azure, and Google) Windows and Linux servers ➢ Following end to end Incident Investigation and Incident Response process, ensuring to close the investigation within defined SLA ➢ Responsible for monitoring of security alerts, analysis of logs generated by appliances, investigation, and assessment based on the incidents generated. ➢ Use SIEM tools (IBM Q Radar & LogRhythm) to detect possible signs of security breaches and perform detailed investigation to confirm successful breach. Perform root cause analysis (RCA) and appropriately handle the incident as per defined Incident Management Framework. ➢ Escalation of security incidents to concerned teams and their management and follow-up for closure. ➢ Recommendations provide for Proactive of Threat hunting and Threat detection of all the attacks. ➢ Creating tickets using the ticketing tools like Snow &Jira ➢ Analysis of daily and monthly reports for incident management using the Microsoft Excel & Word ➢ Coordinating with Network team, Server team regarding activities and technical issues. ➢ Creating vulnerability and remedy reports and reporting them to users. ➢ Finding the Critical servers and application inventory from respective business owners and scheduling the scan weekly, monthly, and Quarterly basis. ➢ Knowledge sharing session with the team members whenever complex incident issues are raised and lessons learned from other team members. ➢ Scanning the environment using Nessus tool and finding the vulnerabilities based on the business units and sending the report to respective business owners. ➢ Attending calls with business owners, Windows, and Linux team for scheduling the Vulnerability Management patching and remediation part without business disruptions.