Incident Response Cyber Security
Resume:
Jahnavi Cherukuri
Irving, TX
adz2x4@r.postjobfree.com
Objective:
As an ambitious cybersecurity professional, I am keen to obtain an entry-level career in the industry. With a real interest in network security, vulnerability assessment, and incident response, as well as a true enthusiasm for protecting digital assets, I am motivated to apply my knowledge and talents to contribute to a secure and resilient digital world. I am committed to remaining current on emerging dangers and technologies, and I am always honing my skills to successfully protect critical information and systems.
Professional Experience
Area of Interests:
Cyber security Analyst Penetration tester SOC Analyst
Vulnerability Management
Technical Skills:
Network security protocols: TCP/IP, DNS, VPN
Security tools: Burp Suite, Nmap, Metasploit, Kali Linux, Nessus
Operating Systems: Windows, kali Linux
Vulnerability assessment and penetration testing
Firewall configuration and management
Qradar
Intrusion detection and prevention systems (IDS/IPS)
Incident response and digital forensics
Certifications:
Certification in Cyber Security through Coursera.
Certification in python for everybody through Coursera.
Certification in python data-structure through Coursera.
Work Experience:
FERGUSON ENTERPRISES – Newport News, VA JAN 2022 to July 2023
SOC ANALYST
Responsibilities:
Worked in a 24 7 Security Operations Center. Investigate, analyze, and process phishing email alerts from IronPort and FireEye following standard operating procedures.
Provide oversight and guidance to junior Analysts to monitor, detect, analyze, remediate, and report on cybersecurity events and incidents.
Develop, update, and maintain standard operating procedures and other technical documentation.
Determine appropriate courses of action in response to identified anomalous network activity. Containment, eradication, remediation, recovery, and post-incident activities.
Evaluate external threat intelligence feeds related to zero-day exploits, or other vulnerabilities to determine organizational risk using Splunk.
Manage the day-to-day log collection activities of source devices that send log data to SIEM QRadar.
Analyze DLP alerts from Google Admin and escalate qualifying incidents to the Cyber Privacy Team.
Provide log/network/malware/device analysis and making recommendations for remediation of security vulnerability conditions.
Utilized a variety of tools, including Burp Suite, OWASP ZAP, Nmap, and Metasploit, to conduct penetration testing and vulnerability assessments.
Identifying OWASP Top 10 issues such as SQL injection, Cross-Site Request Forgery (CSRF), Cross-Site Scripting (XSS), XML injection, and file upload vulnerabilities
Continuously monitors the alert queue; triages security alerts; monitors health of security sensors and endpoints; collects data and context necessary to investigate and validate alerts.
Good experience to provide remediation consultation to organizations and system owners, ensuring vulnerabilities are remediated NIST and Cyber Threat Intelligence research.
Response to confirmed incidents, by notifying about security incidents (escalations) with information about the attacks, threats, vulnerabilities, affected systems, and recommendations on how to mitigate the incidents and vulnerabilities.
Participation in resource coordination and taking of timely and appropriate countermeasures for incident response.
Analyze firewall logs, Full Packet Capture (PCAP), IDS alerts, Anti-malware alerts, Host Intrusion Prevent System (HIPS), and server and application logs to investigate events and incidents for anomalous activity and produce reports of findings.
Perform Incident response investigations, containment and root cause analysis activities across multiple platforms including Windows, Mac, Linux/Unix platforms.
Develop and continuously improve incident response methods and countermeasures through research and tabletop exercises.
Participate in daily security meetings with other contractors and customer teams.
Utilize and adhere to defined workflow and processes driving the Incident Response and mitigation efforts.
Conduct technical analysis on impacted systems to determine impact, scope, and recovery from active and potential cyber incidents.
Document results of cyber threat analysis and subsequent remediation and recovery.
Dashboard / Enterprise dashboard customization for various teams based on the log source type requirements.
Perform daily monitoring of security events/alerts from Splunk Enterprise Security Dashboard, analyze suspicious email, remediate incidents, and escalate as required.
Manage SOC inbox requests, follow-up on pending tickets and respond to incidents reported by internal users.
Experience with MITRE ATTACK framework and integrating threat intelligence platforms.
Utilized a variety of tools, including Burp Suite, OWASP, Nmap, and Metasploit, to conduct penetration testing and vulnerability assessments.
Follow information security industry news and blog posts for internal and external threats intelligence.
Monitor different data sources using Splunk Dashboard for unusual or suspicious activities, interpret such activity and make recommendations for resolution.
Provide 24/7/365 real-time monitoring of security tools, to validate the operational status of critical tools. Perform all phases of the incident response life cycle including preparation, analysis, containment, eradication, remediation, recovery, and post-incident activities.
Evaluate external threat intelligence feeds related to zero-day exploits, or other vulnerabilities to determine organizational risk.
Provide situational awareness and reporting on cybersecurity status, incidents, and trends in adversary behavior to appropriate organizations.
Coordinate with SOC Engineers and Cyber Intel teams to improve tuning and correlation.
Cognizant Technology Solutions – Bangalore, India AUG 2021 – NOV 2021
SOC ANALYST
Responsibilities:
Develops and manages the cyber security operations center.
Working in a security operations center; investigating, responding and/or triaging security events.
Technical as well in terms of Security design and support, SIEM and proxy to mention but a few.
Monitors, assesses, and defends the enterprise information systems.
Manages SOC and NOC dashboards, reporting, and monitoring.
Manages SIEM, CASB, and SIEM / Splunk SOC integrations.
Experience implementing security technologies, including Threat Intelligence platforms, digital forensics, intrusion detection, and network security.
Analyze and investigate adverse events and incidents using an enterprise security information and event monitoring (XDR), logs from firewalls, IDS/IPS, proxies, servers, endpoints, and other network devices to determine threats, attack vector, scope of activity, and appropriate response.
Assist with Clean up state agency Active Directory user accounts.
Assist with further integrating and refining local Active Directory with cloud Active directory.
Execute SOC activities in Azure/AWS/Cloud base security environment.
Develop SOP’s for CIRT/Forensics Team in areas-workflows, separate SOP for each IR.
Work in collaborative, team-oriented environments with commitment to results and a proven track record of accomplishments.
Cognizant Technology Solutions – Bangalore, India JAN 2021 – JULY 2021
Programmer Analyst
Participating in peer code reviews to enhance the quality of code authored by other team members.
Developing new apps or modifying current ones to meet the needs.
Communicating with customers and other team members on project status and any difficulties that occur.
Making prototypes of innovative technology and features for possible integration into future goods.
Creates, alters, and updates assigned programs. Monitors the performance of assigned programs and responds to difficulties by finding and resolving logical and code mistakes.
Debugging computer code to repair mistakes and increase performance.
Education
Masters in information technology, Clark University, Worcester, MA
Bachelors in computer science, GITAM University, Visakhapatnam
Contact this candidate