gavara durgarao
Information Security Professional
About
Information Security Professional with over 3.3 years of experience as a Security Analyst, recognized for leading security monitoring and incident response efforts. Strong hands-on expertise in SIEM, EDR, and endpoint security administration, with a proven ability to drive phishing threat analysis, improve detection capabilities, and strengthen overall security posture.
Skills & Expertise (59)
Work Experience
Security Analyst
CONQUER TECHNOLOGIES
Jan 2023 - Present
Good knowledge and working experience in central logging, log management, and Splunk SIEM architecture. Expertise in building use cases around the NIST and MITRE ATT&CK frameworks to enable detection at various stages of a cyber-attack. Strong experience in managing Endpoint Agents over Windows and Linux operating systems, Active Directory integrations, and Windows Event Logs. Experience in handling technical administration and troubleshooting activities related to the M365 Defender suite. Experience in supporting, fine-tuning, and troubleshooting correlation searches in Splunk SIEM and Azure Sentinel. Experience in working on host isolation and advanced threat analysis using the EDR Microsoft Defender ATP. Implementation of use cases using SPL/KQL, with complex correlation across different data sources. Experienced in preparing detailed analyses of external cyber threats, including new vulnerabilities, exploits, intrusion patterns, and malware behaviours, based on information proactively checked with the vendor to deploy the signatures for collected IOCs. Handling SPAM and phishing email submissions from the end-users and taking containment steps by further investigating domains and IPs to recommend proper blocking, and creating SPF, DKIM, and DMARC records for the domains to protect against spoofing. Experience in AIR (Automated Investigations and Remediation) policies and their implementation. Experience in onboarding and offboarding Windows Server 2016 R2 and 2019 by installing the MMA/unified agent and troubleshooting server-level issues. Carrying out log monitoring and incident analysis for various devices such as firewalls, IDS, IPS, databases, web servers, and so forth. Experience in creating runbooks, SOPs, and documents supporting Security Operations. Monitor, respond to, and analyse trends in workstations, servers, and security-related events.
Education
Master of Business Administration: Financial Management and Marketing Management - Palivela PG College
- 2015 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Citizen
Relocation
Open to Relocation
Skills (59)
Click a skill to find developers with the same skill
