Gurnadha Ballipalli
Cyber Security SOC Analyst
About
Cyber Security SOC Analyst with 6.8 years of experience in 24/7 SOC Operations. Skilled in Security Monitoring, Incident Investigation, Threat Detection, and response using IBM QRadar, Splunk SIEM, and Cortex XSOAR. Experienced in analyzing security events across EDR/XDR, Firewalls, IDS/IPS, Proxy, WAF, Email Security, and Windows/Linux Environments. Proficient in Malware Analysis, Phishing Investigations, Threat Hunting, and MITRE ATT&CK-based Incident Response. Adept at Incident Escalation, SLA management, Fine Tuning, process improvement, ITIL/NIST practices, Customer Engagement, Shift Handovers, and mentoring SOC analysts to enhance operational effectiveness and Security Posture.
Skills & Expertise (21)
Work Experience
Information Systems Analyst
Flint International Consulting Services/ Cisco/Saudi Telecom Company (STC)
Oct 2023 - Feb 2026
Demonstrated hands-on experience in analyzing and responding to real-time security alerts using Splunk SIEM. Responsible for Monitoring and analysis of events generated by various security and network tools like EDR, Firewalls, Proxy Servers AV, IPS/IDS and Malware Analysis. Following end to end Incident Investigation and Incident Response process, ensuring to close the investigation within defined SLA. Executed phishing and malware analysis to detect and mitigate email-based threats. Utilized Abnormal AI for advanced email threat detection and prevention. Prepared daily, weekly, monthly, and quarterly SOC reports, highlighting key metrics and trends. Worked closely with cross-functional teams and stakeholders to resolve incidents and mitigate risks. Participated in daily shift handovers to ensure smooth operational transitions and continuity. Experienced in investigating IOCs, fine-tuning false positives, and recommending endpoint security actions. Participated in cross-functional war-room calls during critical security incidents, sharing live analysis and logs, and helped contain the incident within defined impact thresholds. Mentored junior SOC analysts, conducted hands-on knowledge sessions on threat detection, MITRE ATT&CK mappings, and the effective use of SIEM dashboards and playbooks in a real-world SOC environment.
Technical Lead - II
HCL Technologies
Jan 2022 - Aug 2023
Delivered SOC services in a 24x7 environment, safeguarding client networks from intrusion attempts. Monitoring alerts, checking machine logs, running AV Scan if malware is not quarantined/removed, mitigating the alerts for resolving problems. Skilled in analyzing Malware Analysis, Phishing email Analysis, and Monitoring Network, Endpoint, and Server activities across Windows and Linux Operating System environments. Applied MITRE ATT&CK and Cyber Kill Chain frameworks to map and understand security incidents. Provide Finetuning recommendations to L3 Analysts to whitelist the appropriate Domains, URLs and Paths to reduce the False Positive and duplicate incidents count as well optimization of security systems, SOC Security Process, Procedures and Policies. Participated in daily shift handovers to ensure smooth operational transitions and continuity. Directly engaged with customers during critical incidents, providing step-by-step guidance for issue mitigation. Moreover, I actively engage in customer calls, facilitate shift handovers, fine-tune systems, troubleshoot issues, track incidents, mentor the L1 team, and review alerts resolved by L1 analysts.
Systems Analyst
UST Global
Nov 2020 - Jan 2022
Responsible for working in a 24x7 Security Operation Centre (SOC) environment. The Security Operations Centre (SOC) monitors security alerts from the SIEM (Security Incident and Event Management system), and investigates suspected security incidents in order to make recommendations for containment and eradication. Use SIEM tools (IBM QRadar) to detect possible signs of security breaches and perform detailed investigation to confirm successful breach. Worked on SPAM and Phishing email Investigation Report and investigate potential security incidents. Escalate incidents to L2 and L3 support tiers based on the severity of the incident. Produce and update security operations processes and procedures. Provide training and guidance to SOC Security Analysts in the execution of their duties. Transfer knowledge to colleagues via delivery of training/mentoring and clear concise documentation.
Security Analyst
BSW Software Pvt Ltd
Jan 2019 - Nov 2020
Responsible for working in a 24x7 Security Operation Centre (SOC) Environment. Responsible for monitoring of security alerts. Analysis of logs generated by appliances, investigation, and assessment on whether the incident is false positive or True positive. Escalate incidents to L2 and L3 support tiers based on the severity of the incident. Knowledge of ITIL disciplines such as Incident, Problem and Change Management. Create Root Cause Analysis (RCA) report used as Knowledge base for internal purpose which will reduce MTTD, MTTR and MTTI. Communicate effectively with customers, teammates, and management. Staying up-to-date with emerging security threats including applicable regulatory security requirements.
Education
M.Tech in Computer Science and Engineering - Nova College of Engineering and Technology
- 2012 · Afghanistan
B.Tech in Computer Science and Engineering - Kakinada Institute of Engineering and Technology
- 2009 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Skills (21)
Click a skill to find developers with the same skill
