TEJASWI MAIDAMSHETTI
OBJECTIVE
To obtain a full-time position in the field of information security with an emphasis on technology integration; special interests include Incident Management, Threat Hunting, Digital Forensics, security audits, SOX audits, compliance and PCI audits.
PERSONAL PROFILE
Security professional with 5 years experience in Information security and architecture. Working in Global Security Operation Center [GSOC] and offering reactive and proactive security services to renowned clients.
Global experience in IT Administrator with nearly 3 years’ experience with highly reputable clients to deliver application and network security solutions and having an experience in systems support and operations, LAN administration, PC and User support [24/7 shifts].
Identified and implemented strategies to minimize risk associated technical solutions with strong customer service orientation. Ability and Proven experience in training other members on cyber security tools and concepts.
Results-oriented professional, recognized for taking on major initiatives, adapting to rapidly changing environments and resolving mission-critical issues to ensure bottom line success with expertise People is broad in scope in the field of Network Security and Information Security.
Interest in Cyber Security and Audit technologies made me to clear to CISA [Certified Information Systems Auditor - ISACA] Certification.
TECHNICAL SKILLS
Security Analyst (Global Security Operation Centre)
Incident Management/Response
SOC Architect
SIEM Consultant
Vulnerability Assessment
Threat Hunting/Intelligence Activities [Including Risk Assessments]
Malware Analysis
Dealt with Domain Controllers, Active Directories, Syslogs, ITIL
Good Knowledge on Networking Protocols
Good understanding of ISO27001, SOX standards
Knowledge on Windows, Linux Server Operating systems
Extensive Knowledge on VPN, IDS/IPS, Firewalls, Routers, Antivirus
Worked on SOPs, Evidence framing documents
Good Knowledge in Microsoft Office Tools[Excel, PowerPoint,Word, SharePoint]
Forensic Analysis [Knowledge on Encase forensic tool]
Worked on SOX audit compliance
Working Experience on QRadar, Splunk
Knowledge on Risk Assessment and implementing controls
Knowledge on Audit testing and documentation
Working Knowledge on internal controls
WORK HISTORY
INFORAMTION[CYBER] SECURITY ANALYST, METMOX INC, HYDERABAD, INDIA
APR 2013 – PRESENT
Key Profile:
Analyzing Security logs in real-time from SIEM [Proven Experience in Qradar and Splunk].
Triaging Events to incidents on analysis and work with teams for remediation
Perform End to End effective Incident Analysis and Response activities.
Correlating data from various source such as SIEM, End points, Firewalls and providing a complete analysis with recommendations.
Identifying false positives and work to tune them on SIEM to avoid noise and false alerts
Provide expertise, support and take & given advice from other Security Analysts.
Perform Risk Assessments on Client organization and document the findings for management.
Efficiency in Threat Management,Security monitoring and security incident detection.
Ensure the quality and timeliness of the security incident detection and classification service. (E.g. Incident Handling & classification, Vulnerability, Data management).
Manage and track user issues and requests.
Conducting research on emerging security threats and cyberattack trends and ensure appropriate detection capabilities are in place to identify and respond to these threats on client infrastructure.
Articulating security issues to customers, both verbally and written.
Investigating data breach incidents by collecting various logs, applying forensic techniques, identifying, analyzing and collecting incidents by running scripts to collect data.
Identifying, Managing and Preserving Evidence following the standards.
Analyzing the anamolies in network traffic and making sure to investigate deeply to reduce probability of malpractices.
Conducted Forensic analysis adhering to Client policies.
Understanding and application of IT methodologies for forensic analysis.
Work on analyzing the Malware issues, detection and remediation of Ransomwares and other malwares spread on the network [ identifying the malicious behavior from network traffic, analyze and research, confirm the impact and remediations]
Malware analysis and Incident Response with emphasis on quick response and detailed analysis.
Routinely review security incidents and other customer deliverables for adherence to the established procedures and guidelines.
Investigate potential or actual security violations or incidents in an effort to identify issues and areas that require new security measures or policy changes. (Configuration Management/Change Management).
Design reports to track corrective actions.
Performing Vulnerability Assessments on Client Infrastructure and working with operations team on Patching issues.
Perform Penetration Testing on Web Application using Burp suite to detect Vulnerabilities [OWASP Top 10 Vulnerabilities detection]
Analyzing Proxy Logs and functioning on requests regarding Blocking or Unblocking URL following company security Policy.
Recategorization of users and URLs as per requirement.
Performing daily activities, creating documents for technical reference, report templates development, custom Rules configuration, agent Configurations, and trend report configuration, creating reports for daily and weekly, monthly. Meeting the SLA and timeframe.
Analyzing the current SOC architecture and discussing Policies with management for better security.
Technologies:
Event Monitoring [SIEM] – IBM Q-Radar, Splunk, SiteProtector.
Endpoint Security – Symantec Antivirus / Certificate Manager, McAfee DLP. Bit9,
Cloud Security – Google Cloud Lock,Skyhigh
Vulnerability Assessment: Nexpose, Qualys.
Mcafee WebRepoter : Verifying & Investigating Proxy Logs
McAfee Network DLP Manager: Web Security(Content Filtering)
Log/Network Monitoring Tools: LAN Manager, Solar winds,Wireshark
End Point Security : Cylance, Tanium
Pentest Tool : Burpsuite
Programming in C,C++
Firewalls : Cisco, Palo Alto
Worked on Application development projects.
EDUCATION
VAAGDEVI COLLEGE OF ENGINEERING, WARANGAL
Pass out from Bachelor Degree in year 2013 with 79 percent - Computer Science from Vaagdevi College of Engineering, established in 1991, affiliated with JNTUH
SR COLLEGE, KARIMNAGAR
Pass out from SR Junior College in the year 2009 with 94.3 percentage.
CERTIFICATIONS
CLEARED CERTIFIED INFORMATION SYSTEMS AUDITOR [CISA] EXAM[DECEMBER 2016]
AWAITING CERTIFICATION IN HAND
CLOUD LOCK FOR GOOGLE APPS -OCT 2014
Instructed Led Training Certificate of completion on Google Cloud Lock Apps
IBM VIRTUAL OPERATION CENTRE (VSOC)
Security services: MSS Security Intelligence And Analysis - Apr 2014
MSS Security Incident Response - May 2014
CCNA, EC COUNCIL, NOV 2013
Cisco Certified Network Associate
PERSONAL INFORMATION
NATIONALITY : INDIAN, DATE OF BIRTH : 11,SEPTEMBER,1991 MARITAL STATUS : SINGLE LANGUAGES : FLUENT IN TELUGU,ENGLISH,HINDI
.