Gokul Reddy m s Reddy m s
Cyber Security Analyst
About
Solid understanding on network protocols and network connections, Three way handshake. Good networking knowledge on DHCP, DNS, OSI Model, TCP, UDP. Working level knowledge on security solutions like Antivirus, Firewall, IPS, Email Gateway, WAF, switchers and routers. Basic knowledge on Phishing Email Analysis and Malware analysis. Basic knowledge on Cyber kill chain. Good knowledge on cyberattacks.
Skills & Expertise (59)
Work Experience
Security Analyst
Connectwise
Aug 2023 - Mar 2025
Hands on experience on Endpoint Detection and Response tool (Sentinel One, Bitdefender and Microsoft Defender for Business, ESA - MS 365 Defender, Microsoft Azure - Sentinel, ArcSight ESM Logger). Hands on experience with the CISCO web application firewall, where we used to add some IP to blacklist and whitelist over there. Hands on experience with a sandboxing via Recorded Future and VMWare using malicious files and malicious URL. Hands on experience in dealing with case related to live attack like Ransomware. Analyse the root cause of the attack or vulnerability found in the client system, Identification and analysis of threat and vulnerabilities using EDR tool and perform mitigation. Fletching timeline logs over Microsoft defender to deep dive in the threats. Fletching the audit logs and signing locks over Microsoft Azure Sentinel. Fletching the all the logs from the SIEM tool over ArcSight logger. Hands on experience in dealing with cases related to live attacks involving MimiKatz, MSHTA, PowerShell Executions, CMD Executions, Lateral Movement. Hands on experience with Fresh Desk used as Incident Management and Response Tool. Monitor Dashboard and Manage SLA Board to keep a track of security events, health of Sentinel one. Working on the Escalated tickets by L1 Those who are not trained for Alert Call Escalation. Connecting with the partner via call in 3CX application to confirm the activity is legit or not. Adding to the blocklist when the threat hash is malicious by the partner approval. When the Threat of the file is found as False Positive, will go ahead and Add to Exclusion and Unquarantine and whitelist the file, by the partner approval. We will take some appropriate actions for the malicious threat like Kill, Quarantine, Remediate & Rollback.
Senior Consultant - Cyber Security
LTIMindtree
Apr 2025 - Jul 2025
Monitoring of Multiple Security Incidents using SIEM tool-Splunk ES. Providing Incident Response (IR) support when analysis confirms actionable incident. Fine-Tuning of alerts to avoid false positives. Analyzing the events in Splunk (SIEM) for various types of alerts from Firewall, IPS, Servers. Monitoring for the alerts like DOS, Malware, Network Security, IPS. Blocking the blacklisted IPS with bad reputation in Firewall. Providing immediate solution for security related queries to end users. Creation of Security incident Report for Daily and Monthly review Meetings. Engagement in daily Client Calls. Blocking Malicious URL on proxy tools. Produce security incident reports and briefings to the team lead and manager. Daily Shift Handovers.
Education
Bachelor of Computer Application - BHADRA INSTITUTE OF MANAGEMENT & INFORMATION STUDIES
2018 - 2021 · Afghanistan
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Citizen
Relocation
Open to Relocation
