+91-7259531191

KAMA ASHOK VARDHAN REDDY

Senior Analyst – Cyber Security [email protected]

Technical Skills Profile

Category Tools/ Expertise Summary
Programming KustoQueryLanguage,  5.5+ years skilled cyber security professional with experience in mitigating information flow threats in a converging IT & OT
RegEx, HTML environment.
Endpoint CrowdStrike,
 Security Operations Center (SOC): Experienced in 24/7 SOC operations, monitoring, investigating, and triaging incidents using
Security Defender for Endpoint
multiple security tools.
SIEM & SOAR Splunk, MS Sentinel,
IBM Qradar,  Security Engineering: Skilled in implementing security tools, controls, and recommendations to bolster organizational security.
Blusapahhire  SIEM Implementation: Proficient in deploying SIEM tools, adding log sources, creating SOPs, dashboards, reports, and fine -
Email Security Defender for O365, tuning rules.
Mimecast
 Incident Monitoring and Response: Adept at investigating incidents and developing playbooks for effective incident triage.
Cloud Security Azure –Defender for
Cloud (Work load  Privilege Access Management (PAM): Implementing, monitoring, and troubleshooting privilege account passwords and access
protections) using BeyondTrust Password Safe.
IAM Microsoft EntraID,
 Risk Management: Identifying, notifying, reporting various risks and communicating them to client.
OneLogin  Identity Access Management (IAM): Managing user provisioning, MFA policies, dynamic groups, and external identities.
Privilege BeyondTrust Endpoint Management: Creating and updating attack surface rules and antivirus policies in Intune.
Identity Password Safe  Malware Analysis: Conducting static analysis of suspicious files using OSINT tools.
Management
DDOS Azure DDoS  Security Control Implementation: Assessing and planning the implementation of security controls to enhance security posture.
Protection, Protection & WAF  Reporting and KPIs: Preparing comprehensive weekly and monthly security status reports for stakeholders.
WAF
 Email Security: Implementing Defender for O365, creating threat policies, and analyzing phishing attempts.
Compliance NIST CSF, ISO 27001
Frameworks  Endpoint Detection and Response (EDR): Implementing and monitoring Defender for Endpoint, investigating incidents, and
OT Security Claroty onboarding devices using Intune and Defender cloud integration.
Phishing Defender Attack  Identity Protection: Implementing Microsoft EntraID, monitoring, investigating, and creating conditional access policies for
campaign Simulation, Knowbe4 identity-based risk remediation.
Ticketing tools iSight, Manage
 Vulnerability Management: Tracking and reporting vulnerabilities within organizational infrastructure.
Engine
 Cloud Security: Implementing Defender for Cloud, cloud workload protection, Azure Keyvault, and securing databases, servers,
and containers.
 Phishing Campaigns: Conducting phishing campaigns to train and assess user readiness against phishing attacks.
Core Competencies
Security Operations
Security Engineering Work
Vulnerability Management Experience
Network Operations Birlasoft Senior Analyst Oct 2021 – Till Date
Risk Management Project Domains:
Email Security Oil, Gas, Energy & Utilities
Security Architecture  Implemented Security controls to enhance organizations security posture.
OT Security  Working on Endpoint, Identity and Cloud Apps security incidents triggered in Defender and triaging them in timely manner.
Application Security  Writing KQL queries for investigations, report extraction, dashboard creation in Defender.
Governance and Compliance  Implementing threat policies for email security in Defender for O365.
 Preparing and presenting weekly, monthly, quarterly security status reports to client.
 Managed BeyondTrust PAM tool for admin account password rotation.
 Assessing and implementing Security recommendations received from Microsoft.
Education  Conducting Phishing awareness campaigns using Knowbe4.
 Identifying Risks in organization and monitoring them in risk register.
 Running phishing campaigns and creating reports for prone percentage for calculating user awareness.
Degree College
 Reporting newly found vulnerabilities to respective teams for patching activity.
PG Garden city  Providing to L1 Support in resolving alerts generated by complex network, end point and log analysis performance.
University

Automobile Industry
B.com Rayalaseema
University  Implemented Defender for Endpoint, Device onboarding via Defender for Cloud and Intune policies
 Sentinel Implementation using Data connectors and DCR rules.
 Defender O365 policies creations like Anti-Spam, Anti Phish, Safe Attachments and Safe URL policies.
 Conducted Phishing awareness campaigns using attack simulation feature in Defender for O365.
 Created Attack surface rules, Device onboarding policies in Intune.
Soft Skills  Configured Defender for Cloud workload protections like Just-in-time, File integrity Monitoring, Adaptive application control.
 Prepared POC documents and Organization role out plans at High Level and Low level.
Analytical Attitude
 Gathered all steps taken while implementation and prepared a detailed step by step handover documents.

Healthcare Device Manufacturing

Leadership
 Worked on Mimecast email security, SentinelOne Anti-Virus tools
Communicator  Analyzing the phishing mails reported by the users.
 Blocking domains, URLs, mail IDs in Mimecast if any found in phishing analysis.
Team builder  Monitoring SentinelOne AV for any malware detection on endpoints and working on the remediation.
Quick Solver  Making sure that all devices are having the latest version of Anti-Virus.

Strategic Thinking
Wipro, Hyderabad Security Analyst Aug 2019 –Oct 2021
Key Result Areas:
 Worked in 24x7 operations of SOC team, offering log monitoring, security information management, global threat monitoring.
 Act as first level support for all Security Issues.
  Monitoring the logs from various security devices like email gateway, Windows, IPS, Firewall and generating incidents and provided
the necessary mitigation steps accordingly.
 Performed phishing analysis of reported mails by users using tools like Mx toolbox, Message Header analyzer.
 Worked on Mimecast Email security tool for phishing analysis, IOCs blocking, whitelisting/blocklisting domains and mail ID as per
client requirement. Used MX Toolbox and Message Header analyzer tools for mail header analysis.
 Monitor SIEM alerts, analyze events in SIEM and raise Security incidents in Ticketing tool ManageEngine.
 Monitoring security systems and networks for anomalies.
 Coordinate responses to security incidents in a timely manner.
 Investigating security violations, attempts to gain unauthorized access, Virus infections, etc.
 Notifying Vulnerabilities and threats identified by VM tool (Nessus).
 Investigate the security logs, mitigation strategies and Responsible for preparing generic security incident report.
 Allowing and blocking URLs, bypassing IP addresses and other operations in Zscaler proxy.

Certifications
 Microsoft Certified: Security, Compliance, and Identity Fundamentals – SC-900
 Zscaler Internet Access (ZIA) Certified Support Specialist
 Zscaler Private Access (ZPA) Certified Support Specialist
 OneLogin Implementation Specialist(v2) Level1
 Certified Microsoft Security Administrator Associate
 Network Security Expert Certification. (NSE 1, NSE 2, NSE 3)