MONISHA M SREEKUMARI

CYBER SECURITY ANALYST/ Jr. CYBER SECURITY ENGINEER

LINKEDIN: https://www.linkedin.com/in/monishams/

TryHackMe: https://tryhackme.com/p/monishams

Phone number: 469-***-**** or Email: ad3geh@r.postjobfree.com

• 3+ years of working experience as a Cybersecurity experience.

• Solid understanding of IDS Monitoring and Triage, IOC Monitoring, Log Analysis, Incident Response, Vulnerability Management, Network Security.

• Worked on several Security Information and Event Management (SIEM), Intrusion Detection, Phishing, Endpoint Detection and Response (EDR) and Firewall tools.

• Knowledge in OWASP Top 10, NIST, PCI DSS, ISO, MITRE AT&CK.

• Analyzing the Phishing/Spam mails and identifying the malicious content. Educating global staff about the steps and precautions to be taken against cyber-attack.

• Knowledge of the fundamentals of networks IT, OSI model, TCP / IP, security threats, IDS, IPS etc.

• Basic knowledge of Active Directory, Vulnerability Management, Penetration Testing, AWS, Terraform (self- taught)

• Excellent interpersonal communication (written and verbal) and customer service skills.

• High organized with strong attention to detail.

SKILLS

Security Tools

KnowBe4 PhishER, Mimecast, Palo Alto Cortex XDR, Alien Vault, Symantec Endpoint Protection, McAfee Endpoint Security, Rapid7 IDR

& VM, CrowdStrike, IBM Qradar, Burp Suite, Splunk Phantom, Qualys, Cisco Umbrella, Google Chronicle.

Programming and

Query Language

Python, SQL, Java

Operating System

Microsoft Windows, macOS, Linux (Kali Linux, Ubuntu) Other Tools/

Platforms

ServiceNow, Asana, Miro, Confluence, Jira, Microsoft 365, Microsoft Access, AWS, Google cloud, Terraform.

EXPERIENCE

** June 2022 – Dec 2023 GC process time; Green Card approved now ** MUFG Union Bank, Remote Jan 2022 – May 2022

Security Analyst

• Monitoring of Security Management Console for Security Operation Centre (SOC) for ensuring Confidentiality, Integrity, and Availability of Information systems. Opened, Assigned, and Closed the tickets assigned in SOC Security Management Console.

• Followed SOC team Incident Response plan in responding to and investigating Cyber Security alerts and incidents.

• Log analysis and monitoring on Splunk.

• Used Splunk Phantom as our database to monitor, research and investigate the ticket.

• Worked on a few Splunk rules to check if they are firing or not. Communicated with stakeholders if the rules did not fire, to take next steps.

• Managed Cyber Security threats through prevention, detection, response, escalation, and reporting in effort to protect Enterprise IT Assets through Computer Security Incident Response Team (CSIRT).

• Analyze endpoint application data in real time to identify potential threats, rogue systems, vulnerabilities, unauthorized devices and/or system changes, and data loss prevention.

• Responsible for 24x7 SOC Operations including Log monitoring which include detection, tracking and analyzing of incidents, generating daily, weekly, and monthly reports and preparing it in proper format.

Sage Therapeutics, Remote Jum 2021 – Dec 2021

Security Operations Engineer, Junior

• Management and monitoring of security tools for anomalous and malicious activity.

• Assistance with incident response duties as needed.

• Perform DNS monitoring on Cisco Umbrella.

• Assisted with Rapid7 implementation and attended meeting with stakeholders regarding the same.

• Recorded Rapid7 IDR and VM implementation plan on Asana, from start to end.

• Suspicious/ phishing email analysis on KnowBe4 PhishER and Mimecast.

• Contacted the end user daily in phishing email related issues and helped them solve it.

• Analyzing impersonations, release, hold or block malicious emails on Mimecast.

• Assisted my manager with writing of security documentation like Disaster Planning and Recovery, Incident Response Plan, and creation security playbook for KnowBe4 PhishER.

• Knowledge of finding security vulnerabilities (CVEs).

• Worked on various ServiceNow tickets regularly.

• Monitoring traffic and analyzing suspicious IP addresses or devices on the network on Palo Alto Cortex XDR.

• Knowledge of NIST CSF framework

Port Authority of NY and NJ (MSA Security), Jersey City NJ Sep 2017 – April 2020 Security Operator at Cyber Security Operation Center (CSOC)

• Perform real-time monitoring, assessment and triage of IDS alarms and the Security Information and Event Management (SIEM) console, collects cyber news, and phone calls from Client users of the systems affected by the cyber threats

• Monitored security events on Splunk.

• Triage and respond to security event on 24/7 basis.

• Analyzing endpoints on Symantec ePO and McAfee ePO.

• Detects, creates ticket, and assigns risk score classification to incidents.

• Utilized advanced excel functionalities such as vlookup function, xlookup function, pivot tables.

• Knowledge of MITRE AT&CK framework.

EDUCATION

Harvard University (Online) - Cybersecurity Cert Jan’24 -Dec’24 Pace University, Seidenberg School of CSIS, NYC Sep’15 -May’17 Master of Science in Computer Networking and Telecommunication Birla Institute of Technoloy, RAK, UAE Sep’09 -Aug’13 Bachelor of Engineering in Electronics and Communication ONLINE COURSES/ CERTIFICATION

• ISC2 Certifies in Cybersecurity

• Google Cybersecurity Professional Certificate

• Qualys Vulnerability Management

• Qualys PCI Compliance

Contact this candidate