Keerthana Patel Kasetty
Information Security Analyst
About
Information Security Analyst with 4.10 years of experience in enterprise-wide security projects and SOC operations. Skilled in threat detection, incident response, and proactive threat hunting using advanced security tools and frameworks. Adept at reducing risks and ensuring compliance through continuous monitoring and analysis.
Skills & Expertise (49)
Work Experience
SENIOR SOC Analyst
DOTSOFT BUSINESS SOLUTIONS
Jun 2023 - Present
Proficiency in using various security tools and technologies, such as firewalls, intrusion detection systems (IDS), intrusion prevention systems (IPS), antivirus software, proxy, SIEM (Security Information and Event Management), and threat intelligence platforms. Experience of working with 24x7 operations of SOC team, offering log monitoring, security information management, global threat monitoring. Handling critical alerts from Endpoint Protection and working for resolution. Analyze external threats like Phishing and Spam mails and logging them into SIEM Tool. Analyze the nature and source of security threats, understanding their tactics, techniques, and procedures (TTPs). Handle alerts from Crowd strike EDR and investigation. Perform Malware analysis using different types of web-based tools such as Hybrid Analysis and Virus Total. Investigate phishing emails, domains and IP's using open-source tools and recommend proper blocking based on analysis. Create suppression rules for the false positive alerts to avoid unnecessary noisy alerts. Strong knowledge of Incident management, Event Life Cycle and its Phases. Good understanding of OWASP Top 10, IDS, IPS, Cyber Attacks like DOS, DDOS, MITM, SQLi XSS and CSRF. SIEM monitoring which includes License monitoring, storage volume monitoring, SIEM Application daily health check monitoring and Event & Incident monitoring. Log source integration and trouble shooting. Monitoring 24x7 for P1, P2, P3 alerts in SOC operations for real-time monitoring, analyzing logs from various security/Industrial appliances by using Splunk and QRadar. Experience in hunting for adversaries and identifying the TTP's of threat actors and mapping them against MITRE ATT&CK framework. Expert in handling targeted/large Phishing campaigns by finding and blocking IOCs as part of proactive measures by investigating emails reported by end users and responding with appropriate recommendations. Remediation of Threats and Malware by analyzing the detections through EDR with the help of SHA-256, MD5 values, executed Application, File behavior, purpose of the file, Network information of the file. Experience in triaging viruses, malware, Ransomware and other security events on endpoints, including Windows, Linux.
SOC Analyst
DOTSOFT BUSINESS SOLUTIONS
Mar 2021 - May 2023
Working in Security Operation Centre (24*7), Monitoring of SOC Events, Detecting and Preventing the Intrusion attempts. Played a key role in Monitor and analyze Proofpoint TAP & TRAP, Email Security, and handle Phishing incidents to ensure the security of email communications. Successfully utilized SIEM tools like QRadar and Splunk to monitor real-time security events, demonstrating exceptional skills in log analysis and threat detection. Performing VA on both Web-applications and servers. Recognize cyber-attacks based on their signatures. Differentiate the false positives from true intrusion attempts and help remediate/prevent cyber-attacks. Prepared insightful root cause analysis reports based on log analysis findings, enabling continuous improvement in security practices. Experienced in preparing detailed analysis for external cyber threats for new vulnerabilities, exploits, Intrusion patterns, malware behaviors, based on the information proactively checking with the vendor to deploy the signatures for collected IOCs. Perform real-time monitoring, investigation, analysis, reporting, and escalation of security events from multiple log sources. Conduct phishing email investigations and implement necessary actions to block Indicators of Compromise (IOCs) on security controls. Coordinate responses to security incidents in a timely manner and assist customers in mitigating attacks. Conduct in-depth analysis of identified vulnerabilities and prioritize patching efforts based on their criticality, efficiently communicating vulnerability details to respective teams for immediate resolution. Created weekly Comprehensive Incident Reports (CIR) and presented them during weekly client meetings, providing valuable insights into security incidents and trends. Real time monitoring of Network Security devices such IPS, Firewall, End point Security, Operating system, and Email security etc.
Education
M.COM - OSMANIA UNIVERSITY
- ยท Afghanistan
B.COM - SATAVAHANA UNIVERSITY
- ยท Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Skills (49)
Click a skill to find developers with the same skill
