Sai Ramakrishna Bathula
Information Security Analyst
About
Information Security Analyst with 4.1 years of hands-on experience in enterprise-scale security monitoring, incident response, cloud security, and threat detection. Proficient in SIEM (Splunk, QRadar, LogRhythm), EDR (CrowdStrike, SentinelOne), SOAR workflows, AWS security, and DLP platforms. Highly skilled in triaging alerts, investigating endpoint activity, performing threat hunting, analyzing phishing & malware, and reducing false positives through use case fine-tuning. Strong knowledge of MITRE ATT&CK, log analysis, network fundamentals, and incident lifecycle management. Adept at driving detection improvements, creating SOPs/Runbooks, and supporting SOC operations with accuracy and speed.
Skills & Expertise (42)
Work Experience
Senior Analyst
HCL Tech
Dec 2023 - Jun 2025
Monitored and analyzed security alerts across QRadar, Splunk, and LogRhythm, validating events, correlating logs, and reducing false positives through deeper contextual analysis. Conducted endpoint investigations using CrowdStrike Falcon & SentinelOne, analyzing process executions, registry changes, network connections, and identifying malicious activity or behavioral anomalies. Performed AWS cloud security monitoring by reviewing GuardDuty findings, IAM anomalies, CloudTrail logs, and identifying misconfigurations or unauthorized access attempts. Investigated Zscaler & Netskope DLP alerts, analyzing user activity, data movement, and policy violations; escalated potential data leakage attempts. Reviewed Qualys VM reports, prioritized high-risk vulnerabilities, verified asset exposure, and supported remediation coordination with infra teams. Executed threat-hunting activities using SIEM queries, IOC lookups, EDR indicators, and MITRE ATT&CK TTP mapping to detect suspicious behavior and validate anomalies. Performed basic malware triage using sandboxing, static analysis, hash analysis, and identifying IOCs for enrichment and escalation. Conducted detailed phishing investigations, including header forensics, URL/attachment detonation, domain reputation checks, and user impact assessment. Created and maintained SOPs and Runbooks, ensuring consistent triage, classification, and response workflows across SOC operations. Documented investigations thoroughly in ServiceNow, ensuring audit-ready evidence, timelines, and action tracking. Collaborated with L2/L3 teams to escalate confirmed incidents and participate in incident response coordination. Executed deep-dive RCA for confirmed incidents by analyzing logs, endpoints, user activity, and network flow data; prepared detailed post-incident reports with IOCs, attack paths, containment actions, and recommendations to prevent reoccurrence.
Security Analyst
TCS
Apr 2021 - Dec 2023
Monitored and analyzed security events using SIEM tools (Splunk, IBM QRadar), performing real-time threat detection, alert triage, and incident validation across network and endpoint environments. Investigated and responded to security incidents including phishing, malware, and network intrusions, leveraging CrowdStrike EDR, Proofpoint, and Microsoft 365 Defender for endpoint and email threat analysis. Performed firewall monitoring and log analysis on Checkpoint Firewall, implementing and reviewing security policies, NAT rules, and IPSEC VPN configurations to ensure secure network access. Analyzed network traffic and protocols (TCP/IP, DNS, DHCP, IPv4) and troubleshot issues across VLANs, routing, and Cisco routers/switches, ensuring network security and availability. Managed and tracked security incidents through ticketing tools (ServiceNow, JIRA, Citrix, iVUE, GEN-G), ensuring proper documentation, SLA adherence, and escalation as per incident response playbooks. Conducted log correlation and threat hunting, integrating multiple data sources (firewalls, SIEM, EDR) and aligning detections with MITRE ATT&CK framework to improve threat visibility and response efficiency.
Education
Bachelor of Computer Applications (BCA) - Aditya Degree College
2018 - 2020 · India
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
OPT
Relocation
Depends on Offer
Skills (42)
Click a skill to find developers with the same skill
