Summary
Overview
Work History
Education
Skills
Certification
Awards
Timeline
Generic

YATHISH SRINIVASA

Senior Threat Analyst
Dubai

Summary

Seeking a dynamic career opportunity as a Senior Information Security Analyst, where I can apply my extensive 9+ years of knowledge, skills, and hands-on experience in Information Security to contribute value to a forward-thinking and progressive organization.

Overview

10
10
years of professional experience
4
4
years of post-secondary education
6
6
Certifications

Work History

Senior Threat Analyst

Emirates Airlines
04.2021 - Current
  • Demonstrated excellence in delivering actionable Threat Intelligence tailored to the specific needs of Emirates Airlines and Emirates Group, ensuring a proactive and informed approach to cybersecurity measures.
  • Demonstrated proficiency in Digital Forensics and Incident Response in support of CSOC operations in handling P1 and P2 incidents.
  • Proven expertise in adeptly managing a spectrum of cybersecurity challenges, including but not limited to Phishing, BEC, DDoS, Credential Stuffing, Intrusions, Malware, Web, and Ransomware attacks.
  • Created alerts to monitor any mentions about our organization in deep and dark web, criminal forums, paste sites, Chatting services etc.
  • Issued timely vulnerability advisories, informing internal teams about new vulnerabilities, proof of concepts, and exploits for CVEs, along with ongoing exploit activities by threat actors, recommending patch prioritization.
  • Designed a Ransomware Preparedness Assessment Framework and conducted assessments for multiple business entities which help evaluate the Ransomware risks and preparedness to detect, prevent, contain and recover from a potential attack.
  • Developed a custom python script to fetch Vulnerability Intelligence data, onboarded to Splunk and created alerts to match products used in the organization and generated email notification to product owners/respective Emirates Group Entities.
  • Automated registered Domain monitoring with a custom python script to get Whois data, DNS record data and created usecases like to detect domains vulnerable for Zone Takeover, misconfigured DNS records and change in DNS records
  • Hunting for known indicators and TTPs using the existing log sources and security controls for possible indications of compromise
  • Established phishing/typo squat/impersonating domains monitoring using a python script to fetch Certificate Transparency data stream
  • Experience on multiple commercial Threat Intel Platforms such as Recorded Future, Flash Point, Digital Shadows, Silobreakers, FireEye as a part of POC conducted in line with procurement process
  • Experience in Attack surface management tools like PaloAlto Expanse and OSINT tools like Spiderfoot, Shodan, Censys etc
  • Setup and Managed DIgital Shadows for Digital Risk monitoring, Threat and vulnerability intelligence.
  • Experience in managing a local MISP instance to collect, track and enhance indicators from incidents within the organisation.

L2 Security Analyst

Emirates Airlines
02.2017 - 03.2021
  • Served as an L2 Security Analyst for Emirates Airlines within a dynamic SOC environment, collaborating with a small yet highly efficient team.
  • Conducted Security Analysis and proficiently handled Incident Handling procedures in alignment with SOC processes, actively contributing to the creation and fine-tuning of alerts.
  • Assumed responsibility for L1 escalations, providing guidance to L1 analysts for the effective resolution of incidents.
  • Spearheaded the implementation of SPF and DMARC across all entities owned by the Emirates Group, showcasing expertise in creating a DMARC Analyser dashboard and developing a use-case to identify and analyze data spikes.
  • Utilized industry-leading tools such as Splunk ES and Symantec MSS as SIEM solutions, seamlessly integrating with SNOW and HPSM ticketing systems while adhering to standard SLAs.
  • Demonstrated proficiency in advancing security controls, including Fidelis and Windows Defender ATP, and leveraged packet analytics tools like Symantec Analytics and Net Flow Analyzer Lancope.
  • Applied forensic expertise using Fidelis Endpoint for in-depth incident analysis, issuing comprehensive incident reports.
  • Gained exposure to email security controls, specifically Mimecast and Office 365 protections.
  • Successfully onboarded 600+ devices, encompassing endpoints, network and security controls, as well as OS logs, showcasing a comprehensive approach to managing and securing the organization's digital infrastructure

Security Analyst

Accenture
09.2016 - 02.2017
  • Working as a Security Analyst and Incident handler for 4 different clients as it is a shared model
  • Responsible for creating use-cases, implementing and fine tuning as per the customer requirement in Splunk ES
  • Finetuned 20+ usecases and suggested 3 usecases on Splunk
  • Exposure on 3 different SIEM tools such as Splunk, Qradar and Symantec MSS with different ticketing systems.

CRS-SIAA (Security Intelligence Analytics and Assurance)

WIPRO Technologies
09.2015 - 09.2016
  • Creating demo-able applications and dashboards which would contain interactive investigative workbench, analytical use-cases, trends which are log source specific
  • Creating use-cases on Splunk which are relevant to our network and also on customer demand and creating documentation on Splunk enterprise installation, forwarder installation, data on-boarding and troubleshooting
  • Worked closely with Splunk representatives to create new apps and also review the apps created by Splunk and give suggestions as per our experience on information security
  • Migrated 130 plus use-cases from Qradar and Arcsight, out of which 30 plus use-cases created and implemented for a Banking client (Bank of New York – Inautix).

Cyber Defence Team

WIPRO Technologies
09.2014 - 08.2015
  • Worked for Wipro’s Internet security that defends more than 60 locations globally by using different network controls like IPS, Firewall and Endpoint Security Products
  • Worked as a key resource in analyzing and detection of Intrusion events and firewall traffic
  • Monitored events, responded to incidents, finding the root cause and mitigate the risk
  • Utilized Security Information and Event Management (SIEM), Intrusion Detection & Prevention (IDS / IPS), Data Leakage Prevention (DLP), and malware analysis tools.
  • Experience in on-boarding logs from sources like Windows, Bluecoat Proxy, Symantec DLP, Microsoft EOP and McAfee EPO from syslog, database, forwarders and from a custom python script
  • Demonstrated excellence in extracting the fields as per CIM using Interactive field extractor and also regex and creating dashboards, reports and alerts as per the use-cases and requirements
  • Applied Splunk Expertise in creating 50+ usecases and implementing them
  • Working with CERT team in analysing data related to security events and effectively communicating to the end users
  • Analysis of antivirus logs which comes from 1lakh+ end points daily, proxy and email logs of more than 1.5 lakh users, router logs etc
  • Investigate potential or actual security violations or incidents in an effort to identify issues and areas that require new security measures or policy changes.

Education

Bachelor Degree (BE) in Electrical and Electronics Engineering -

Sri Jayachamarajendra College of Engineering
Mysore, Karnataka
01.2010 - 06.2014

Pre-University Course - undefined

Govt. PU college
Chikkamagaluru, Karnataka

Secondary Education - undefined

St. Josephs Boys High School
Chikkamagaluru, Karnataka

Skills

    Incident Handling and Response

Threat Intelligence

Digital Forensics

OSINT

Ransomware Preparedness Assessments

Threat Hunting

Malware Analysis

Certification

GIAC Certified Forensic Examiner (GCFE)

Awards

  • Splunk BOTS winner 2019 (Boss Of the SOC)
  • Awarded as “Wipro Shining Quick Novice” for good performance in 1st year.

Timeline

GIAC Certified Forensic Examiner (GCFE)

04-2023

GIAC Response and Industrial Defense (GRID)

07-2022

Senior Threat Analyst

Emirates Airlines
04.2021 - Current

Certified Ethical Hacker V10

01-2019

L2 Security Analyst

Emirates Airlines
02.2017 - 03.2021

Splunk Certified Admin 6.3

11-2016

Splunk Certified Power User 6.3

11-2016

Security Analyst

Accenture
09.2016 - 02.2017

CRS-SIAA (Security Intelligence Analytics and Assurance)

WIPRO Technologies
09.2015 - 09.2016

Checkpoint Certified Security Administrator (CCSA)

06-2015

Cyber Defence Team

WIPRO Technologies
09.2014 - 08.2015

Bachelor Degree (BE) in Electrical and Electronics Engineering -

Sri Jayachamarajendra College of Engineering
01.2010 - 06.2014

Pre-University Course - undefined

Govt. PU college

Secondary Education - undefined

St. Josephs Boys High School

Similar Profiles

CREATE PROFILE
YATHISH SRINIVASASenior Threat Analyst