KALE SAI NARENDRA SURAJ
Security Analyst
Phone: 9573105374
Email: [email protected]
Career Objective:
A position in organization providing the opportunity to make a strong contribution to
organizational goals through continued development of my skills.
Professional Summary:
3.9 years of IT experience working in a large scale SOC (Security Operations Center)
Exposure to Ticketing tools like service now, Jira
Experience in generating Daily, Weekly & Monthly Reports.
Good knowledge on networking concepts including OSI layers, subnet, TCP/IP, ports, DNS,
DHCP, firewall monitoring, content filtering, check point etc.
Hands-on experience in creating and updating event-based rules in QRadar.
Good experience in creating & updating Incident response runbooks.
Participating in weekly review meetings.
TECHNICAL PROFICIENCY:
SIEM Tool used : QRadar, Splunk, Exabeam & Logrhythm
Ticketing Tool used : Service Now, Trend micro
Endpoint protection : Crowdstrike, Carbon Black.
Vulnerability Tool : Qualys Guard
Other Tools used : G-Suit, Cisco IDS fire power, Proofpoint.
WORK EXPERIENCE:
ACCENTURE
SOC monitoring Operations
Security Analyst DEC 2018 - Till date
Roles and Responsibilities:
Responsible for first level incident response and incident management in managed SOC for different
industries.
Responsible for performing daily health checks of SIEM (QRadar).
Responsible for performing investigation of the incidents captured in the SIEM and notifying clients
with all the findings.
Good experience in handling various variants of incidents across multiple clients.
Hands-on experience in fine tuning of Use Cases and creating/updating reference sets in QRadar.
Hands-on experience in handling various SIEM solutions like QRadar, Splunk, LogRhythm &
Exabeam.
Good experience in handling Phishing emails, performing Header analysis to identify the integrity of
the email & Body analysis for any IOC presence.
� Good experience in handling IOC’s by performing malware analysis.
Good experience in handling EDR detections (both file based, and process based) from Crowd strike &
Carbon Black.
Good understanding of MITRE ATTACK framework.
Knowledge in understanding TTP’s detected by EDR solutions.
Good understanding of OWASP, IDS, IPS, Threat modeling and Cyber Attacks like DOS, DDOS,
MITM, SQL Injection, XSS and CSRF.
Experience in performing Ad-hoc AV scans on hosts whenever required.
Closely working with Hunt team & identifying latest attack vectors & latest IOC’s and performing IOC
sweep activities across various clients.
Responsible for client calls & their requests like IOC sweep, Ad-hoc request or Hunting.
Hands-on experience in handling incidents and ensuring SLA’s to be met.
POC for the shifts, managing shift roster, client bridging, managing and updating client updates and
managing shifts as per requirement.
Work closely with clients for the follow-ups and understanding client requirements and updating the
same with analysts.
Performing peer reviews of the investigation on incidents before notifying the clients.
Responsible for responding and managing the intrusions for multiple clients using respective SIEM
solutions in a managed SOC environment.
Performing Trend analysis of the Use Cases to identify the aspects for high count of False positives and
performing fine tuning of Use Cases.
Creating & updating Runbooks for the newly created/existing UC’s.
Coordinating with the SDM and Client SOC team for any configuration activities.
Active participant in Buddy programs and BrownBag sessions.
Collaborating with Engineering team, Hunt Team, Threat Intel team for ticket/process improvements.
Experience in creating incidents in various ticketing tools like ServiceNow, Jira.
Creating Bi-weekly reports for client reference.
Responsible for performing monthly audits of L1 alerts for process improvement.
Education:
B.TECH Graduated From Pondicherry engineering college in 2016 .
Declaration:
I hereby declare that all the details furnished above are true to the best of my knowledge and belief.
(Kale Sai Narendra Suraj).
