Summary
Overview
Work History
Education
Custom
Certification
Timeline
Generic

Sri Nalla

Toronto,Canada

Summary

IT and Cybersecurity professional with over 3 years of experience in security operations and incident response. Strong understanding of computer networks, security tools, and how cyberattacks work. Hands-on experience in protecting devices, analyzing threats, and fixing security issues. Good at finding risks and helping companies stay safe from cyber threats.

Overview

2
2
years of professional experience
1
1
Certification

Work History

Cyber Security Consultant

Herjavec
Toronto, ON
01.2024 - Current
  • Conducted vulnerability scans using Qualys to identify and help fix security gaps across systems.
  • Created custom reports in Qualys to support project needs and improve vulnerability tracking.
  • Performed on-demand scans during high-risk events to ensure proactive security measures.
  • Monitored security alerts and anomalies using Splunk, and responded to incidents based on log analysis.
  • Built custom dashboards in Splunk to improve visibility into threats and streamline investigations.
  • Responded to endpoint threats using SentinelOne, ensuring proper containment and follow-up.
  • Investigated suspicious network activity using IDS/IPS, escalating real threats for action.
  • Assisted with patch management and access controls using Active Directory.
  • Supported phishing awareness by helping design and track internal simulations.
  • Participated in incident response — from initial detection to root cause analysis and documentation.
  • Contributed to client audit preparations by collecting evidence and tracking remediation progress.
  • Conducted basic penetration testing using Kali Linux to assess and validate security defenses.
  • Regularly researched new threats and assessed their potential impact on systems and processes.Conducted vulnerability assessments using Qualys, and Nexpose, identifying security gaps and coordinating with application and infrastructure teams for timely remediation.
  • Created custom scan profiles and reporting templates in Qualys to align with project-specific requirements and streamline vulnerability tracking and remediation workflows.
  • Performed ad-hoc vulnerability scans during zero-day alerts or onboarding of new assets, ensuring proactive threat management.
  • Regularly monitored SIEM platforms such as Splunk and Azure Sentinel for anomalies and potential security threats; escalated and resolved L2-level tickets through detailed investigation and correlation of security events.
  • Built custom dashboards, data monitors, filters, and active channels in Splunk to enhance visibility and alerting based on evolving threat intelligence.
  • Managed and monitored EDR solutions including SentinelOne and Cylance, responding to endpoint threats and ensuring containment.
  • Investigated alerts generated by Sourcefire IDS/IPS, identifying false positives and escalating confirmed threats for remediation.
  • Collaborated with stakeholders to support patch management cycles, ensuring alignment with compliance standards and SLAs.
  • Led internal threat hunting campaigns, training teammates on identifying anomalies based on threat intelligence reports from NSA, FBI, and OSINT sources.
  • Contributed to the firm’s phishing awareness program, assisting with campaign design using PhishMe and analyzing employee responses.
  • Supported incident response lifecycle, including incident analysis, root cause determination, mitigation, and formal reporting.
  • Participated in client audits, acted as a security representative, and contributed to audit meetings and remediation strategy sessions.
  • Performed penetration testing and network vulnerability scanning using Kali Linux and various tools to assess security posture and test resilience.
  • Worked across multiple clients to implement and manage vulnerability management programs using Nessus and Nexpose.
  • Investigated events related to IPS/IDS, PAM, 2FA systems, and responded to offenses logged in the SOC.
  • Monitored McAfee ePolicy Orchestrator (ePO) for malware events and ensured endpoint compliance through alert response.
  • Maintained user access controls and performed Active Directory account management for secure onboarding/offboarding.
  • Managed mobile device management (MDM) with AirWatch, ensuring secure device policies and timely ticket resolution with high customer satisfaction.
  • Regularly conducted research on emerging threats and analyzed the impact of critical vulnerabilities on the organization's environment.

SOC Analyst

Deloitte
Toronto
01.2023 - 12.2023
  • Developed industry-specific threat analysis methods to accurately identify threat actors and sector-specific vulnerabilities.
  • Conducted thorough vulnerability assessments using Nexpose, identifying attack vectors and ensuring issues were documented and tracked for remediation.
  • Created customized vulnerability reports to help IT and business teams prioritize patching and improve overall security.
  • Performed penetration testing tailored to the organization’s infrastructure to validate controls and simulate real-world cyberattacks.
  • Managed SIEM operations with Splunk, including log analysis, rule tuning, correlation searches, and creating dashboards/reports.
  • Responded to and triaged security incidents, using the MITRE ATT&CK framework to map adversary tactics and improve incident understanding.
  • Collaborated with cross-functional teams during incident response and root cause analysis to ensure timely resolution and mitigation.
  • Carried out continuous threat monitoring using OSINT tools and cyber threat feeds to detect and report emerging threats.
  • Investigated security violations and recommended actionable improvements to strengthen policies and increase system resilience.
  • Helped develop and update incident response procedures, ensuring consistency in documentation and communication during security events.
  • Supported audit and compliance efforts, including documentation updates, tracking remediation actions, and gathering evidence.
  • Advised on security policies and best practices, contributing to a stronger security posture and improved employee awareness.

Education

Bachelor -

Computer Science

Custom

Security Monitoring: Hands-on experience with SIEM tools like Splunk, QRadar, and LogRhythm to monitor and analyze security events.

Vulnerability Management: Skilled in tools like Nessus, Qualys, Nexpose, and IBM AppScan for finding and assessing security weaknesses.

Threat Investigation: Used the MITRE ATT&CK framework for advanced threat hunting and understanding attacker behavior.

Intrusion Detection: Worked with systems like Snort and Sourcefire to detect and respond to network attacks.

Web Security: Familiar with common web threats such as XSS, SQL injection, CSRF, and login weaknesses.

Compliance & Standards: Knowledge of security standards like ISO/IEC 27001 and basic understanding of audit and control practices.

Cloud Security: Experience working with cloud platforms like Microsoft Azure and AWS.

Forensics: Hands-on use of digital forensics tools such as Autopsy, OSForensics, and ProDiscover.

OSINT & Recon: Comfortable using open-source intelligence tools like Shodan and Censys for external threat discovery.

Core Cyber Skills:

  • Network protocols and endpoint protection
  • SIEM operations and malware defense
  • Risk analysis and vulnerability lifecycle management

Soft Skills: Strong problem-solving skills, attention to detail, and ability to work under pressure. Great at collaborating and sharing knowledge with teams.

Certification

  • API Product manager certification
  • Certified Ethical Hacker(CEH)
  • AZ-500(Microsoft Azure Security Engineer Associate)

Timeline

Cyber Security Consultant

Herjavec
01.2024 - Current

SOC Analyst

Deloitte
01.2023 - 12.2023

Bachelor -

Computer Science
Sri Nalla