Incident Response Security Operations

Nikhil Krishna +1-908-***-**** *.**********@*****.***

Summary

Security Operations Center (SOC) Analyst with extensive experience in vulnerability scanning and incident response. Notable achievements include monitoring security events with SIEM Tools, conducting rigorous system scans, and collaborating with cross-functional teams to enhance security protocols. I am enthusiastic about leveraging this expertise to design, execute, and troubleshoot effective vulnerability scanning solutions as a Security Analyst.

Skills

Security Tools: Splunk SIEM, IBM QRadar Splunk SOAR

Vulnerability Management: Vulnerability management, Routine system scans, Malware scans, Log reviews

Incident Response: Incident detection, Investigation, Response procedures

Collaboration: IT Operations, Development, Network Engineering

Work Experience

Elevance Health Atlanta

SECURITY OPERATIONS CENTER (SOC) ANALYST Dec 2022 - Present

•Utilized Splunk SIEM to monitor security events, analyze logs, and investigate incidents.

•Conducted routine system scans, including vulnerability assessments and malware scans, ensuring the integrity of Microsoft Defender for Vulnerability Management components.

•Provided 24/7 triage and response to security events, ensuring timely and efficient handling of security incidents.

•Hands-on experience with cloud platforms including AWS and Azure, applying security best practices.

•Configured and managed Splunk dashboards and alerts for real-time security monitoring and incident response.

•Designed, executed, and troubleshooted endpoint vulnerability scans, improving asset management, scan schedules, and scanner health for accurate threat detection.

•Assessed and documented changes to the control environment, ensuring that all modifications were reflected accurately in SOC reporting and aligned with regulatory requirements.

•Conducted comprehensive PCI readiness assessments for multiple business units, identifying and closing critical compliance gaps

•Conducted in-depth SIEM log analysis to identify and mitigate security threats, improving system integrity.

•Authored and updated critical security policies and documentation to align with PCI DSS requirements and evolving industry best practices.

•Extensive experience working in SOC environments, including hands-on familiarity with SOC operations, procedures, and tools like SIEM systems, IDS/IPS, and Endpoint Detection and Response (EDR) tools.

•Troubleshot and resolved basic configuration and script issues, ensuring operational efficiency and reliability.

•Filtered and analyzed vulnerability scan results, resolved incomplete scans, and managed false positives to enhance the accuracy and effectiveness of the program.

Wintech Information Services PVT Ltd Hyderabad, India

SOC ANALYST Dec 2017 - Jun2021

•Demonstrated a strong understanding of SIEM concepts, log collection, and correlation rules in Splunk SOAR.

•Developed and implemented Splunk SOAR SIEM Use Cases, Dashboards, Alerts, and Reports based on different sources of logs.

•Hands-on experience with Microsoft 365 security tools, including Microsoft Defender for Endpoint, Microsoft Intune, and Microsoft Defender for Cloud Apps.

•Developed and implemented security policies, procedures, and guidelines in alignment with industry standards and best practices.

•Proficient in interpreting diagnostic network tools, including NetFlow, security event logs, and IDS systems, to identify and respond to potential threats.

•Conducted regular security reviews and vulnerability assessments to proactively address risks and maintain a secure environment.

•Managed Security Incident and Event Management (SIEM), including log monitoring, local area networks, and firewalls.

•Collaborated with internal teams including IT Operations, Development, and Network Engineering to ensure secure system configurations, incorporating considerations for Microsoft Defender for Vulnerability Management's scanning parameters.

•Conducted vulnerability scanning and penetration testing to uncover and remediate security gaps in infrastructure and applications.

•Developed and maintained relationships with stakeholders across the organization to foster alignment and collaboration on

compliance initiatives.

•Identified, analyzed, and interpreted threat actors and malicious activities within client environments to safeguard critical systems.

•Consistently delivered on assigned projects, staying on time and on task, meeting or exceeding customer expectations.

Esika Infotech Private Limited Bangalore, India

SOC ANALYST Jan 2013 - Nov 2017

•Analyzed system logs from multiple sources across the enterprise environment for suspicious activities.

•Documented processes related to incident detection, investigation, and response procedures.

•Maintained security software and enforced security policies using Active Directory, Group Policy Objects, and scripting.

•Conducted routine system scans, including vulnerability assessments, malware scans, and log reviews.

•Differentiated between legitimate security threats and false alarms, improving the accuracy of threat detection and response.

•Actively monitored and analyzed security logs and alerts, ensuring rapid identification and response to emerging threats and suspicious activities.

•Actively updated on the latest cybersecurity trends, vulnerabilities, and threat intelligence to continuously improve security measures.

•Created and managed asset tags in Microsoft Defender for Vulnerability Management to add business context to endpoints and assets.

•Experienced in proactive threat hunting, identifying, and investigating security threats before they escalate into incidents.

•Hands-on experience with ethical hacking techniques, including Red Team tools, to proactively identify and address security vulnerabilities.

•Expertise in configuring Endpoint Detection and Response (EDR) systems to monitor, detect, and block cybersecurity threats.

•Responded to security incidents, handling triage, containment, and remediation to mitigate risks.

Electronics Corporation of India Limited Hyderabad, India

GRADUATE ENGINEER APPRENTICE Jul 2011 - Jul 2012

•Worked for Socio-Economic Caste Census, India's major project, collecting citizen information and uploading it, troubleshooting Software issues.

•Worked for National Population Register projects, as a team lead guided and trained the team on how to use BEL-made Tablet PCs

•Communicating with different state people all over the county to upgrade the area requirements.

Education

New England College, New Hampshire

MASTER OF SCIENCE, COMPUTER SCIENCE, AND ENGINEERING Dec 2022

Jawaharlal Nehru Technological University, India

MASTER OF TECHNOLOGY, SOFTWARE ENGINEERING Nov 2014

Certification

CompTIA Cybersecurity Analyst (CYSA+)

Certified Ethical Hacker (CEH)

Certificate of Cloud Security Knowledge (CCSK)

Cisco Certified Network Associate (CCNA)

Contact this candidate