Naidu Gopi

Cyber Security Analyst at Levi Strauss & Co. (Nov 2020 – Till date)
• Assist and Provide all Active Defense Analysts in triage, identification, and analysis of threat events and working with Security Incident Management team and providing Security Response support as needed.
• Provide actionable intelligence to Security Analysts, Threat and Vulnerability Management, Global Physical Security, Global Business Units, and Industry Partners on Cyber Security related matters.
• Collaborate with SOC Analysts, Security Engineering, and Security Architecture, Threat and Provide documentation to maintain, develop and create runbooks and SOPs.
• Analyze malicious traffic and IOCs hits for attributing to threat actors
• Research, analyze, and provide reports on attacker campaigns as required
• Analyzing emails and logs from security devices, Microsoft, AWS, Firewall & IPS from Fortinet, CISCO etc. and other EDR Solutions like Crowdstrike, Symantec.
• Handling high priority security incidents from external threat actors, insider threats/ litigious threat actors. Working with leadership team and technology towers on risk, recovery, damage assessment, post incident investigations to harden security.
• Creating an initiate notification, recommendation notification and working with appropriate team to check the legitimacy of the alerts
• SIEM monitoring, fine tuning rules to eliminate FP’s, creating IR playbooks and use cases.
• Correlation event counts and event counts report on weekly and monthly dashboards and reporting based on the tickets and alerts during the past month of operations.
• Develop, document, and present general and technical presentations on security threats to business units and Information Security Risk Management personnel
• Conducting cybersecurity awareness trainings for employees.

• Working with SIEM tools and ServiceNow acknowledging the alerts within 15 minutes of SLA for multiple customers and Ensuring excellence in service delivery to ensure client satisfaction and to minimize down time.

• Sharing the analyzed logs and events with customers with description, impact and remediation actions for a better understanding.

• Raising alerts for exploits, potential exploits from IPS, Firewall, DLP, EDR and SIEM alerts

• Providing training for the new joiners , updating and managing SOP ’s for clients, creating IR playbooks. • Monitor vulnerability and Risk Assessment based on actively exploited vulnerabilities configured on

threat intelligence fields and work with engineering team to tune rules and hardening security.

• Working on Vulnerability Analysis using Nessus & Qualys vulnerability scanner, coordinating with respective teams to resolve and patch the Vulnerabilities via ServiceNow and creating SR for any changes in the client network.

• Technical report generation for the events, alerts, incidents and scans completed Preparing management report for specific clients.

• Providing training for the new joiners, updating and managing SOP’s for clients, creating IR playbooks

• Utilized vulnerability scanner to identify OWASP top vulnerabilities in the web server
• Prioritized vulnerabilities, researched, and identified exploits to expose vulnerabilities
• Documented vulnerabilities, exploits used, and results of penetration testing
• Provided technical expertise in network and application security
• Produced detailed presentations for kick-off, summary of findings, and executive presentations
• Educated and communicated security requirements, policies, standards, and procedures to stakeholders
• Configured SAST and DAST tools, troubleshooting and identifying network and system vulnerabilities
• Participated in the change management process for security and patch changes
• Conducted daily administrative tasks, reporting, and communication with relevant departments
• Researched and tested new cybersecurity products and innovations to support decision making
• Developed and implemented changes to streamline and integrate security processes and systems