Mohitha Gadde

• Enhanced network security by implementing intrusion detection systems and monitoring potential threats.
• Streamlined incident response procedures for quicker threat mitigation and improved system uptime.
• Conducted regular vulnerability assessments to identify weaknesses and implement appropriate countermeasures.
• Collaborated with IT teams to develop comprehensive cybersecurity strategies, reducing risks from external attacks.
• Developed customized security policies and protocols, ensuring compliance with industry standards and best practices.
• Analyzed log files for anomalies, identifying potential intrusions or malicious activity before significant damage occurred.
• Hunting for and identifying threat actor groups and their techniques, tools, and processes.

• Conducting Exploratory Data Analysis (EDA), including

acquiring, engineering, and exploring various data types

and log sources for detection opportunities.

• Working with the detections engineering team to transform

attacker TTPs into viable, low false positive behavioral and

signature detections using variety of techniques including

supervised, semi-supervised, and unsupervised ML, with an

emphasis on sequential classification and pattern matching.

• Participating in "hunt missions" using threat intelligence,

analysis of anomalous log data and results of

brainstorming sessions to detect and eradicate threat

actors on corporate networks.

• Providing expert analytic investigative support of large

scale and complex security incidents.

• Continuously improving processes for use across multiple

detection sets for more efficient operations.

• Identifying key attributes (TTP's) and develop

Indicators of compromise (IOC's).

• Communicating potential threatssuspicious/anomalous activity malware, etc. to the IR team,

and be a point of contact to the other teams.

• Conducting forensic analysis of network packet captures,

DNS, proxy, Netflow, malware, host-based security, and

application logs, as well as logs from various types of security

sensors.

• Performing analysis of security incidents & threat actors for

further enhancement of Detection Catalog and Hunt

missions by leveraging the MITRE ATT&CK framework.

• Validating suspicious events and incidents by using open-

source and threat intelligence sources.

• Identifying potential malicious activity from memory logs,

packet captures and tools.

• Successfully mapped SIEM alerts to MITRE ATT&CK

framework technique id's using sigma rules.