Soc Analyst

VAMSHIDHER REDDY YELLA

Phone: +1-786-***-****

Email: *********.*****@*****.***

LinkedIn: linkedin.com/in/vamshidher-y-260620147

PROFESSIONAL SUMMARY

Dedicated and results-oriented Senior SOC Analyst with over 5 years of comprehensive experience in cybersecurity, specializing in Security Operations Center (SOC) activities, threat detection, incident response, and digital forensics. Adept at monitoring, analyzing, and responding to security events using leading SIEM tools such as Splunk and ArcSight. Proven ability to work in 24x7 environments, mitigating cyber threats through advanced endpoint detection, email forensics, cloud security monitoring, and vulnerability analysis. Strong understanding of TCP/IP, firewall configurations, IDS/IPS, malware behavior, and data loss prevention systems. Recently completed a Master’s in Cybersecurity with a specialization in threat detection. Seeking to contribute to a high-performing security team with a proactive and detail-oriented approach.

CORE COMPETENCIES

Security Information and Event Management (SIEM)

Endpoint Detection and Response (EDR)

Incident Response & Digital Forensics

Threat Hunting & Malware Analysis

Email Security & Phishing Investigation

Cloud Security Monitoring (AWS, Azure, Prisma)

Vulnerability Management

Network Traffic Analysis

MITRE ATT&CK Framework

TCP/IP, DNS, DHCP, HTTP/HTTPS Protocols

IDS/IPS and Firewall Log Analysis

Risk Management & Compliance (NIST, ISO 27001, HIPAA awareness)

Python Scripting, Bash Commands, Linux & Windows Environments

PROFESSIONAL EXPERIENCE

Quadrant Resource Pvt Ltd, Hyderabad

SOC Analyst

September 2021 – July 2022

Tools Used: Splunk, CrowdStrike Falcon, Proofpoint TAP, Palo Alto, Zscaler, Akamai, AWS, Tanium, Okta, Cofense, Symantec DLP

Monitored real-time alerts using Splunk to identify threats and suspicious behavior across endpoints, email systems, and cloud infrastructure.

Investigated phishing attacks using Proofpoint TAP and Cofense, performing email header analysis, sandbox testing of URLs/attachments, and recommending quarantining/blocking.

Analyzed endpoint behaviors with CrowdStrike and Tanium, detecting indicators of compromise such as privilege escalation, lateral movement, and command-line abuse.

Performed deep-dive forensics on malware and ransomware cases using log correlation and behavioral analysis.

Responded to DLP incidents across webmail, encrypted data, and data classification policies using Symantec DLP.

Evaluated anomalous traffic patterns on Akamai WAF and blocked malicious IPs targeting application layers.

Investigated cloud security alerts from AWS, including S3 bucket exposures, unauthorized API access, and IAM misconfigurations.

Conducted triage and escalated critical security incidents while maintaining incident tickets via ServiceNow.

Collaborated with cross-functional teams and reported findings during SOC review meetings.

Concentrix Pvt Ltd

Security Analyst

June 2017 – August 2021

Tools Used: ArcSight ESM, Proofpoint, ServiceNow, IDS/IPS, Antivirus Logs, Windows Logs

Provided 24x7 monitoring support in a global SOC team, handling daily security alerts and incidents from multiple sources.

Used ArcSight ESM to correlate logs from various sources such as firewall, antivirus, IDS/IPS, and endpoint logs.

Identified and investigated phishing campaigns, suspicious IP communications, data exfiltration attempts, and malware infections.

Created and fine-tuned correlation rules and use cases for detecting abnormal patterns.

Analyzed Windows event logs, Linux audit logs, DNS/HTTP traffic, and performed initial triage of endpoint alerts.

Investigated brute-force attacks, lateral movement, fileless malware, and privilege escalation attempts.

Documented and presented incident reports and root cause analysis to senior management.

Trained new joiners on alert triage procedures, log sources, and basic scripting for automation.

TECHNICAL SKILLS

SIEM Tools: Splunk, ArcSight ESM

Endpoint Security: CrowdStrike Falcon, Tanium, Exabeam

Email Security: Proofpoint TAP, Cofense

Cloud Security: AWS, Prisma, Azure AD

Web Security & Proxy: Zscaler, Akamai WAF

DLP: Symantec DLP, Forcepoint (basic exposure)

Ticketing Tools: ServiceNow, Jira

Networking: TCP/IP, Wireshark, NetFlow, DNS, DHCP, ICMP, HTTP/HTTPS

Programming/Scripting: Python (basic), Bash

Operating Systems: Windows, Linux, macOS

Frameworks & Compliance: MITRE ATT&CK, NIST, ISO 27001, HIPAA (awareness)

CERTIFICATIONS & TRAINING

Endpoint Detection and Response (EDR) - Foundations

Foundations of Operationalizing MITRE ATT&CK

Cybersecurity Awareness & Phishing Simulation (Cofense Training)

AWS Cloud Security Basics (Internal)

EDUCATION

Master of Science in Cyber Security - 2022-2024

Specialized in advanced threat detection techniques, SOC operations, and cybersecurity strategy.

Conducted academic research on the use of AI in malware detection.

Completed projects in digital forensics, log analysis, and ethical hacking.

PROJECTS & ACHIEVEMENTS

Developed a custom phishing detection dashboard in Splunk using KQL and Regex patterns.

Automated log collection from Palo Alto firewalls using Python scripts.

Participated in a red vs blue team exercise; successfully detected and blocked simulated lateral movement.

Created runbooks for L1 analysts to respond to common phishing and malware cases.

Recognized as "Top Analyst of the Month" for resolving the highest number of incidents in a quarter.

DECLARATION

I hereby declare that the information provided above is true and correct to the best of my knowledge.

Vamshidher Reddy Yella

Date:

Contact this candidate