About
Security Analyst with 4+ years of experience in global SOC Operations, support aiming to secure a position as Endpoint Security Professional specializing in Endpoint Security, Antivirus, SIEM, Email Security, Service management tools, and information security system to utilize the acquired knowledge and experience in challenging environment
Skills & Expertise (43)
Work Experience
Security Analyst
EMERSON
Jun 2025 - Present
Endpoint Protection can help manage and monitor Microsoft Defender Advanced Threat Protection (ATP) (formerly known as Windows Defender ATP). Experience in adding and deploying a client onboarding configuration file, Configuration Manager can monitor deployment status and Microsoft Defender ATP agent health. In-depth understanding of latest techniques used by attackers for persistence, privilege escalation, defense evasion and lateral movement. Experience in providing end-to-end support to enterprise counterparts, identifying the root cause of sophisticated enterprise initiatives with endpoint security solutions Microsoft Defender ATP. Configure and manage Dashboards, Notebooks, Data Connectors and playbooks in Azure Sentinel, Hunt security threats using Azure Sentinel. Experience in AIR (Automated Investigations and Remediation) policies and its implementation. Monitor Symantec Endpoint Monitoring console for regular health checkups of systems. Splunk SIEM monitoring which includes License monitoring, Indexer storage volume monitoring, Splunk Application daily health-check monitoring, and Event & Incident monitoring. Good Knowledge in analyzing different malicious executables and documents. Support Fine-tuning and troubleshooting of correlation searches in SPLUNK SIEM. Performed security event monitoring of heterogeneous networks such as firewalls, IDS/IPS, Cisco ASA, DLP devices using Splunk. Experienced in preparing detailed analysis for external cyber threats for new vulnerabilities, exploits, and Intrusion patterns, malware behaviors, based on the information proactively checking with the vendor to deploy the signatures for collected IOCs.
Security Engineer
Hitachi
Jan 2021 - Jul 2024
Performed end-to-end incident response including alert triage, investigation, containment, eradication, and recovery for security incidents across endpoints, email, and network environments. Conducted root cause analysis (RCA) for true-positive incidents and coordinated with SOC, IR, and IT teams to implement remediation and preventive controls. Prepared incident reports and executive summaries, documenting impact, timelines, evidence, and corrective actions in line with organizational SOPs. Used KQL queries in Microsoft Sentinel to search logs and investigate security incidents. Also created basic analytics rules and alerts in Sentinel using KQL to detect suspicious activities. Additionally, used KQL to build simple dashboards and reports for monitoring user and system activities. Good knowledge on MITRE ATT&CK, Diamond model or other cyber threat kill chains. Mapped security incidents and alerts to MITRE ATT&CK tactics and techniques to identify attacker behavior and improve detection coverage. Used MITRE ATT&CK framework to analyze threat patterns, prioritize alerts, and validate SIEM detections for better threat hunting. Enhanced SOC playbooks by aligning response actions with ATT&CK techniques, improving incident response consistency and efficiency. Knowledge of a breadth of security technologies and topics such as: Security Information and Event Management (SIEM), IDS/IPS, Data Loss Prevention (DLP), Proxy, Web Application Firewall (WAF), Enterprise Anti-Virus, Sandboxing, Network and Host-based firewalls. Implemented and managed email security solutions (e.g., Microsoft Defender for Office 365, Proofpoint) to prevent phishing, spoofing, and malware delivery. Investigated and responded to email-based threats such as phishing, spam, and Business Email Compromise (BEC); performed email header analysis and sandboxing to detect malicious content. Fine-tuned email filtering policies and implemented SPF, DKIM, and DMARC to enhance domain protection and reduce spoofing, integrating IOCs into threat intelligence platforms. Proactively monitor and implement cloud environment using Prisma Cloud to detect and mitigate security threats and also analyze threats from Prisma cloud or Defender for cloud classify them by severity and potential threats. Experienced SOC analyst in – Microsoft ATP Defender & CrowdStrike falcon, O-365, Splunk SIEM, and Nessus Security Center. Knowledge of Azure Identity (Azure Active Directory, AAD Domain Services, AAD B2C, Azure Information Protection, SSO, MFA, etc.). Experience on Splunk query language to make use of cases and dashboards reports in SOC. Experience in threat hunting with Microsoft ATP Defender EDR, in performing host-based analysis, artifact analysis.
Education
B. Tech - JNTU Kakinada
- 2019 · Afghanistan