Scribd
Upload
123 views2 pages

Ranjth Resume-SOC

BUSINESS ANALYST SKIILS

Uploaded by

Raviteja RavitejaBandhakavi
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
123 views2 pages

Ranjth Resume-SOC

BUSINESS ANALYST SKIILS

Uploaded by

Raviteja RavitejaBandhakavi
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

SOC Analyst | SIEM |EDR |Threat Hunting |Email Security

Ranjith Kumar Varimalla


Email: ranjithvarimalla0203@gmail.com
Phone: 9492036985
Summary:

Experienced Security operations Center Analyst with a demonstrated history of working in Incident
Response and Threat Hunting. Skilled in investigating Security Incidents and coordinating with teams to
contain a compromise situation, finding root cause for incidents, making/suggesting changes to improve
Security measures in an organization.

Work Experience:

Currently working as SOC Analyst with 3.2 years in Tech Mahindra from April 2018 –
Present.
Worked as a Graduate Apprentice Trainee with 1 year in Avantel Limited from March 2017
to March 2018.

Skills:

● SIEM: Qradar and Splunk


● Endpoint Detection and Remediation: Crowdstrike and Carbon Black
● Antivirus: Symantec Endpoint protection
● Email Security: Proofpoint and Cisco Umbrella
● DLP: Symantec Data Loss Prevention
● Content & URL web filtering: Zscaler
● Phishing Analysis: Cofense Triage
● User Behavior and Analytics: Exabeam
● ITSM: Service Now
● IPS: Cisco Sourcefire
● Vulnerability Assessment: Nexpose
● Packet Analysis: RSA Netwitness
● Sandboxing Tools: Hybrid Analysis, CS Sandbox
● Open-Source INT Tools: Virus Total | URLvoid | Cisco Talos | IBM x- force | MX toolbox |
Palo Alto | Cyberchef

Professional Summary:

● Served as Analyst in SOC operations for real-time monitoring, analyzing logs from various
security/Industrial appliances.
● Experienced in using SIEM tools Qradar and Splunk for analyzing logs from Network Devices,
Authentication Devices, Endpoints, Email Gateway and other cloud hosted devices.
● Analyse and investigate the alerts in SOC monitoring tool to report any abnormal behaviors,
suspicious activities, traffic anomalies etc.
● Handling DLP and Data exfiltration incidents and closing them with appropriate categorization for
different policies
● Knowledge of email security threats and security controls, including experience on analyzing email
headers, Attachments and URL’s.
● Responsible for analyzing suspicious email URL’s or attachments using sandboxes and
communicate with concerned teams to block the URL at gateway level of Proofpoint.
● Determining IOC’s while threat hunting by correlating and analysing a variety of application,
network and host-based security logs and determining the correct remediation actions and escalation
paths for each incident.
● Carrying out log monitoring and incident analysis for various devices such as Firewalls, IDS, IPS,
database, web servers and so forth.
● Security event analysis and intrusion detection by review and analysis of events generated by
various components including IDS/IPS, firewalls, Routers, DB, OS, and various types of security
devices.
● Work closely with business units to ensure that they know what and how to feed data into Qradar
and to create network hierarchy, classify Log Sources within the Qradar SIEM.
● Maintain keen understanding of evolving internet threats to ensure the security of client networks.
● Escalating the security incidents based on the client's SLA and providing meaningful information
related to security incidents by doing in-depth analysis of event payload, providing
recommendations regarding security incidents mitigation which in turn makes the customer business
safe and secure.
● Actively involved in monitoring and remediating alerts Working with IT functional teams until the
infected machine is remediated.
● Website Anti-Malware and Defacement monitoring and real-time alerting based on anomalies
detected.
● Differentiate the false positives from true intrusion attempts and help remediate / prevent.
● Work with the customer designated personnel to provide continual correlation rule tuning, incident
classification and prioritization recommendations.
● Quick response and to interpret security incidents and to provide root cause analysis.
● Respond to common alerts in a consistent and repeatable manner from multiple sources.
● Actively investigates the latest security vulnerabilities, advisories, incidents, and notifies clients
when appropriate.
● Security Alerts and targeted phishing sites by using SIEM tool with the help of technologies such as
Watermark, Referrer, Abuse mailbox and similar sounding domains.
● Performing enterprise-wide Vulnerability Assessment campaign and ensure timely remediation of
identified vulnerability. Perform trend analysis to capture and highlight repetitive critical
vulnerabilities in environment.

Education:

● B. Tech from SMECcse, Hyderabad in 2016.


● Board of Intermediate Education (M.P.C) from Narayana Jr. College, Hyderabad in 2012.
● Secondary School Certificate (S.S.C) from A.P. Resi. School, Beechupally in 2010.
Declaration:

I hereby declare that the information furnished above is true to the best of my knowledge.

Date :
Signature : Ranjith Kumar

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy