VAMSHIDHER REDDY YELLA
Phone: +1-786-***-****
Email: *********.*****@*****.***
LinkedIn: linkedin.com/in/vamshidher-y-260620147
PROFESSIONAL SUMMARY
Dedicated and results-oriented Senior SOC Analyst with over 5 years of comprehensive experience in cybersecurity, specializing in Security Operations Center (SOC) activities, threat detection, incident response, and digital forensics. Adept at monitoring, analyzing, and responding to security events using leading SIEM tools such as Splunk and ArcSight. Proven ability to work in 24x7 environments, mitigating cyber threats through advanced endpoint detection, email forensics, cloud security monitoring, and vulnerability analysis. Strong understanding of TCP/IP, firewall configurations, IDS/IPS, malware behavior, and data loss prevention systems. Recently completed a Master’s in Cybersecurity with a specialization in threat detection. Seeking to contribute to a high-performing security team with a proactive and detail-oriented approach.
CORE COMPETENCIES
Security Information and Event Management (SIEM)
Endpoint Detection and Response (EDR)
Incident Response & Digital Forensics
Threat Hunting & Malware Analysis
Email Security & Phishing Investigation
Cloud Security Monitoring (AWS, Azure, Prisma)
Vulnerability Management
Network Traffic Analysis
MITRE ATT&CK Framework
TCP/IP, DNS, DHCP, HTTP/HTTPS Protocols
IDS/IPS and Firewall Log Analysis
Risk Management & Compliance (NIST, ISO 27001, HIPAA awareness)
Python Scripting, Bash Commands, Linux & Windows Environments
PROFESSIONAL EXPERIENCE
Quadrant Resource Pvt Ltd, Hyderabad
SOC Analyst
September 2021 – July 2022
Tools Used: Splunk, CrowdStrike Falcon, Proofpoint TAP, Palo Alto, Zscaler, Akamai, AWS, Tanium, Okta, Cofense, Symantec DLP
Monitored real-time alerts using Splunk to identify threats and suspicious behavior across endpoints, email systems, and cloud infrastructure.
Investigated phishing attacks using Proofpoint TAP and Cofense, performing email header analysis, sandbox testing of URLs/attachments, and recommending quarantining/blocking.
Analyzed endpoint behaviors with CrowdStrike and Tanium, detecting indicators of compromise such as privilege escalation, lateral movement, and command-line abuse.
Performed deep-dive forensics on malware and ransomware cases using log correlation and behavioral analysis.
Responded to DLP incidents across webmail, encrypted data, and data classification policies using Symantec DLP.
Evaluated anomalous traffic patterns on Akamai WAF and blocked malicious IPs targeting application layers.
Investigated cloud security alerts from AWS, including S3 bucket exposures, unauthorized API access, and IAM misconfigurations.
Conducted triage and escalated critical security incidents while maintaining incident tickets via ServiceNow.
Collaborated with cross-functional teams and reported findings during SOC review meetings.
Concentrix Pvt Ltd
Security Analyst
June 2017 – August 2021
Tools Used: ArcSight ESM, Proofpoint, ServiceNow, IDS/IPS, Antivirus Logs, Windows Logs
Provided 24x7 monitoring support in a global SOC team, handling daily security alerts and incidents from multiple sources.
Used ArcSight ESM to correlate logs from various sources such as firewall, antivirus, IDS/IPS, and endpoint logs.
Identified and investigated phishing campaigns, suspicious IP communications, data exfiltration attempts, and malware infections.
Created and fine-tuned correlation rules and use cases for detecting abnormal patterns.
Analyzed Windows event logs, Linux audit logs, DNS/HTTP traffic, and performed initial triage of endpoint alerts.
Investigated brute-force attacks, lateral movement, fileless malware, and privilege escalation attempts.
Documented and presented incident reports and root cause analysis to senior management.
Trained new joiners on alert triage procedures, log sources, and basic scripting for automation.
TECHNICAL SKILLS
SIEM Tools: Splunk, ArcSight ESM
Endpoint Security: CrowdStrike Falcon, Tanium, Exabeam
Email Security: Proofpoint TAP, Cofense
Cloud Security: AWS, Prisma, Azure AD
Web Security & Proxy: Zscaler, Akamai WAF
DLP: Symantec DLP, Forcepoint (basic exposure)
Ticketing Tools: ServiceNow, Jira
Networking: TCP/IP, Wireshark, NetFlow, DNS, DHCP, ICMP, HTTP/HTTPS
Programming/Scripting: Python (basic), Bash
Operating Systems: Windows, Linux, macOS
Frameworks & Compliance: MITRE ATT&CK, NIST, ISO 27001, HIPAA (awareness)
CERTIFICATIONS & TRAINING
Endpoint Detection and Response (EDR) - Foundations
Foundations of Operationalizing MITRE ATT&CK
Cybersecurity Awareness & Phishing Simulation (Cofense Training)
AWS Cloud Security Basics (Internal)
EDUCATION
Master of Science in Cyber Security - 2022-2024
Specialized in advanced threat detection techniques, SOC operations, and cybersecurity strategy.
Conducted academic research on the use of AI in malware detection.
Completed projects in digital forensics, log analysis, and ethical hacking.
PROJECTS & ACHIEVEMENTS
Developed a custom phishing detection dashboard in Splunk using KQL and Regex patterns.
Automated log collection from Palo Alto firewalls using Python scripts.
Participated in a red vs blue team exercise; successfully detected and blocked simulated lateral movement.
Created runbooks for L1 analysts to respond to common phishing and malware cases.
Recognized as "Top Analyst of the Month" for resolving the highest number of incidents in a quarter.
DECLARATION
I hereby declare that the information provided above is true and correct to the best of my knowledge.
Vamshidher Reddy Yella
Date: