Level 1 Security Operations

Kalyan Yadav Mamilla

Email: *********************@*****.***

Phone: 331-***-****

LinkedIn: http://www.linkedin.com/in/kalyanyadavmamilla

Professional Summary

Security Operations Center (SOC) Analyst with hands-on experience in Level 1 alert triage, phishing response, initial malware analysis, and login anomaly investigations. Proficient in using Splunk and Microsoft Azure Sentinel to monitor and escalate threats across cloud and on-prem environments. Successfully reduced the false positive rate by 30% through rule tuning and improved response times. Demonstrated expertise in identifying process bottlenecks and implementing solutions that enhanced investigation productivity by 25%. Adept at performing root cause analysis, executing containment procedures, and documenting incident timelines with measurable improvements in mean-time-to-detection. Strong foundation in compliance frameworks like NIST 800-53 and HIPAA, complemented by technical knowledge in network security architecture, ethical hacking, cryptography, and secure systems design. An exceptional communicator who effectively translates technical security findings into actionable intelligence for both technical teams and management stakeholders. Committed to continuous improvement in threat hunting methodologies, incident response playbooks, and security control implementations within hybrid infrastructures.

Technical Skills

SOC Tools: Splunk, Microsoft Sentinel (Azure SIEM), Wireshark, Nmap, Nessus, Burp Suite, Metasploit

Alert Handling: Phishing, Malware (basic), Suspicious Logins, Data Loss, Policy Violations

Compliance: HIPAA, NIST 800-53, ISO 27001

Networking: TCP/IP, VPN, DMZ, OSI Model, Firewalls

Platforms: Windows Server, Linux, Active Directory, Azure, AWS

Languages & Scripting: Python, SQL, JavaScript

Professional Experience

Pinnacle IT and Life Sciences Solutions – Cumming, GA

January 2024 – Present

Security Analyst – SOC Level 1 – Contract

Triaged 50–70 alerts daily using Splunk and Microsoft Azure Sentinel, including phishing, malware, login anomalies, and data exfiltration attempts.

Maintained detailed and accurate records in the ticketing system, including task progress, resolutions, and follow-up actions for continuous service improvement.

Investigated and escalated confirmed phishing attempts, reducing user-reported incidents by 40% through proactive analysis and user awareness coordination.

Contributed to cross-functional meetings and knowledge-sharing sessions to ensure security awareness, consistent playbook usage, and rapid threat containment.

Performed malware alert investigation and IOC enrichment; helped reduce average response time from 1 hour to 30 minutes.

Delivered timely and thorough incident reporting, including RCA, time-to-detect, time-to-contain, and mitigation steps in alignment with SLA metrics.

- Supported audits and assessments by documenting control implementations and generating evidence of compliance for NIST 800-53 and HIPAA standards.

Assisted in the development and testing of incident response playbooks, ensuring alignment with evolving threat scenarios and operational requirements.

Identified and escalated 15+ anomalous login cases weekly, including brute-force attempts and impossible travel events.

Created and managed custom SIEM dashboards, search queries, and alerts to support real-time threat visibility and operational efficiency.

Used Wireshark and Nmap for packet capture and port scanning; helped identify 3 previously unknown vulnerable assets.

Executed proactive threat hunting campaigns across endpoints, network traffic, and cloud infrastructure, identifying stealthy threats and advanced persistent threats (APTs).

Proposed and implemented triage templates and enriched alert documentation, reducing analyst time spent per alert by ~25%.

Communicated recurring L1 pain points (alert fatigue, context gaps) to management; collaborated on automating playbooks and improving enrichment logic.

Analyzed and correlated logs from HIPS, antivirus, DLP, IDS/IPS, AAA, and Web proxy platforms using Splunk, and Microsoft Defender to detect complex attack patterns.

Contributed to weekly review of security controls, patch status, and access logs across 100+ endpoints in Azure and hybrid infrastructure.

Projects

Eastern Illinois University - Cybersecurity Capstone - Secure University Network Architecture

Designed a segmented campus network with firewall, DMZ, VPN, and SIEM monitoring for 5 simulated departments as part of Capstone.

Implemented network segmentation using VLANs with ACLs and deployed a multi-tiered firewall infrastructure featuring stateful inspection and IPS functionality.

Designed a secure DMZ hosting public-facing services (web portal, email gateway, LMS) with proper isolation from internal networks.

Established a site-to-site VPN infrastructure supporting remote campuses and a client-to-site solution for secure faculty access.

Developed comprehensive network documentation including topology diagrams, IP schemas, and security control mappings.

Created and executed penetration testing plans to validate security controls and remediate vulnerabilities.

Presented architecture to faculty panel, receiving commendation for balanced security and usability considerations.

Incorporated compliance alignment strategies using NIST 800-53 and ISO 27001 by developing access policies and auditing procedures as part of Management of Information Technologies Course.

Created incident response playbooks for login anomalies, phishing, and malware infections as part of Cybersecurity Professional Seminars.

Education

Master of Science in Cybersecurity - Eastern Illinois University

Courses: Advanced Network Security, Database Security and Reliability, Applied Cryptography

Master of Business Administration - Osmania University

Pendekanti Institute of Management, Hyderabad, India

Bachelor of Business Administration - Osmania University

G. Pulla Reddy Degree and PG College, Hyderabad, India

Contact this candidate