Summary
Overview
Work History
Education
Skills
Accomplishments
Languages
Certification
Timeline
Generic

SRAVYA GM

Vancouver,BC

Summary

I have 6 years of extensive experience in cybersecurity specializing in both active defense strategies. My expertise includes Security Operations Center (SOC) operations, incident response and threat hunting. I understand security practices that help me effectively protect organizations from cyber threats. I focus on enhancing the security posture of enterprise organizations in both on premises and cloud environments, Azure, and AWS. My experience includes event correlation using tools like Splunk, FireEye, Snort, IBM Radar well as network security tools such as Nmap, Nessus, Wireshark, and TCP dump. I am skilled, at communicating and leading diverse teams across locations. Collaboration is one of my strengths.

Overview

6
6
years of professional experience
1
1
Certification

Work History

SOC Level 2 & IR Specialist

Bank Of Montreal, BMO
05.2021 - Current
  • To enhance the understanding of cyber threats, vulnerabilities, and asset management we provided (daily, weekly and monthly) reports that offer awareness to military leaders SOC analysts, incident responders and decision makers, at the strategic enterprise level.
  • We conducted analysis and investigations into events and incidents using a sophisticated Security Information and Event Monitoring (SIEM) system. This includes examining logs from firewalls, IDS/IPS systems, proxies, servers, endpoints, and other network devices.
  • Through our investigations we determine threat profiles identify attack vectors utilized by adversaries and assess the scope of their activities. Based on our findings we recommend measures to mitigate security incidents.
  • I assessed and conducted scans using IBM Qualys. Whenever I discovered any vulnerabilities, I promptly reported them to the teams. Provided detailed reports, along with recommendations for fixing them
  • To monitor security events, analyze incidents and generate reports I utilized the IBM Qualys Security Information and Event Management (SIEM) management console.
  • Working closely with functional teams my aim was to ensure that vulnerabilities were remediated in a timely manner. I tracked the progress of these remediation efforts. Made sure that they were effectively resolved to enhance our security posture.
  • To prioritize our remediation efforts and mitigate risks I developed approaches for threat analysis based on industry standards. This involved leveraging vulnerability reports.
  • I utilized external data sets well as threat intelligence feeds to drive proactive cyber threat hunting initiatives effectively identifying potential threats before they become major issues.
  • I conducted investigations, in Incident Response and Digital Forensics specializing in Malware Analysis to uncover activities and derive Indicators of Compromise (IOCs) and detection rules.
  • I played a role in creating and distributing reports on cyber threat intelligence incident response plans, vulnerability management strategies and security briefings. Moreover I produced quality written reports that effectively communicated complex technical matters to a wide range of audiences. From peers to senior management.
  • By analyzing event details and summary information I was able to recognize and analyze both unsuccessful intrusion attempts or compromises. This allowed for understanding of vulnerabilities within the system.
  • To ensure network integrity and protection for networks, systems and applications I diligently enforced security policies while actively monitoring vulnerability scanning devices.
  • My expertise extended to frameworks such as NIST Cybersecurity Framework, PCI DSS, CIS Critical Security Controls MITRE ATT&CK framework and Cyber Kill Chain. This knowledge facilitated investigation into phishing emails along with analysis of domains and IPs using Open Source tools. Based on this analysis I recommended blocking measures.
  • I analyzed network logs from security appliances such as Firewalls, NIDS, HIDS and Sys Logs pertaining to both network based and host based security incidents. Such analysis enabled me to determine the remediation actions for each incident along, with an appropriate escalation path. Analyzed trends in cyber security vulnerabilities and incident data to propose countermeasures that reduce risk and enhance security and business processes.
  • Collaborated closely with application security, system administrators, incident response and security operations teams to develop solutions for addressing vulnerabilities.
  • Played a role in troubleshooting and managing events related to components of the Security Operations Center (SOC) SIEM system.
  • Generated monthly as well as customized reports for different clients. These reports offered insights into the security posture of organizations and potential threats they might face.

Cyber Security Analyst

GLOBE ACTIVE TECHNOLOGIES LIMITED
11.2019 - 04.2021
  • Successful implementation of Splunk as a central log management and SIEM solution for multiple clients, resulting in enhanced threat detection and response capabilities.
  • Integration with IDS/IPS (Snort):- 1. Orchestrated the seamless integration of Snort IDS/IPS systems with Splunk, enabling real-time monitoring of network traffic for potential threats. 2. Implemented custom alerting and correlation rules, reducing false positives by 32% and ensuring that security teams focused on critical alerts
  • Firewall Rule Management: Took charge of firewall rule management for clients, designing, implementing, and maintaining comprehensive rule sets to bolster security posture
  • Improvements: 1. Initiated and executed a Splunk performance optimization project, resulting in triage improvement 40% faster query response times, thereby increasing the efficiency of threat detection. 2. Spearheaded the creation of standardized incident response playbooks, streamlining response procedures and reducing incident resolution time by 18%.
  • Collaborated with clients to customize Splunk dashboards and alerts, aligning the system with their specific security requirements.
  • Conducted regular reviews of firewall rules, optimizing them for security and performance while minimizing potential vulnerabilities.
  • Proactively managed and fine-tuned Snort IDS/IPS signatures and rules to enhance threat detection accuracy and reduce false positives.
  • Conducted training sessions for client teams on how to effectively utilize Splunk for incident detection and response.
  • Maintained up-to-date knowledge of emerging threats and vulnerabilities to ensure that IDS/IPS rules and firewall policies remained current and effective.

SOC Analyst

VALUE CYBER TECH PVT LTD
05.2017 - 10.2019
  • Worked on troubleshooting and event management for different SIEM components in Security.
  • Worked with device onboarding to SIEM.
  • Worked with automation of reports, Dashboard, rule creation and rule review process.
  • Troubleshooting issues arising in SOC.
  • Performing daily health check and other administration tasks for SIEM and related components.
  • Worked with technical and process document creation in SOC.
  • Worked with the Indus Guard portal for Web Application Security including malware monitoring and vulnerability assessment.
  • Drafted technical manuals, installation manuals, installation progress updates, and incident response plans to enhance system security documentation; create required system compliance reports and information requests.

Education

Bachelor of Science - Electronics And Computer Engineering Technology

KHIT
AndhraPradesh, India
04.2017

Skills

  • SIEM, IDS/IPS, HIDS/HIPS , Cyber Kill Chain, MITRE’s ATT&CK
  • Incident Response, SOC Monitoring, Threat Detection , Malware Analysis
  • Endpoint Protection , Data Encryption , Cloud Technologies & Security
  • Risk Analysis, Risk Management, Vulnerability Management, Vulnerability Assessment
  • Developing Security Plans Continuity, Identifying Risks
  • Information Security Management, Critical Thinking Skills
  • NIST Security Standards, Sans top 25, OWASP top 10

Accomplishments

  • Certified Security Analyst (CySA+)
  • Microsoft 365 Security Administration

Languages

English
Native or Bilingual

Certification

Certified Security Analyst (CySA+)


Microsoft 365 Security Administration

Timeline

SOC Level 2 & IR Specialist

Bank Of Montreal, BMO
05.2021 - Current

Cyber Security Analyst

GLOBE ACTIVE TECHNOLOGIES LIMITED
11.2019 - 04.2021

SOC Analyst

VALUE CYBER TECH PVT LTD
05.2017 - 10.2019

Bachelor of Science - Electronics And Computer Engineering Technology

KHIT

Similar Profiles

  • Thuong Phan

    Thuong PhanThuong Phan

    Sr Business Analyst at Bank of Montreal, BMOSr Business Analyst at Bank of Montreal, BMO

  • Noushin Nawar

    Noushin NawarNoushin Nawar

    Personal Banker at Bank of Montreal (BMO)Personal Banker at Bank of Montreal (BMO)

  • Harsimranjeet singh

    Harsimranjeet singhHarsimranjeet singh

    Senior Team Leader- Legal and Compliance at Bank of Montreal, BMOSenior Team Leader- Legal and Compliance at Bank of Montreal, BMO

  • Sofia Zahrane

    Sofia ZahraneSofia Zahrane

    Senior Mortgage Renewal Specialist at Bank of Montreal, BMOSenior Mortgage Renewal Specialist at Bank of Montreal, BMO

  • Qianyu Chen

    Qianyu ChenQianyu Chen

    UBtheChange Student Activator at UBC Center For Community Engaged LearningUBtheChange Student Activator at UBC Center For Community Engaged Learning

CREATE PROFILE
SRAVYA GM