Roopchandra Reddy
SIEM Specialist
Abu Dhabi
Summary
Graduated Bachelor of Engineering in Electronics and Communications Engineering (PDIT) and working as SIEM Specialist (SIEM/SOAR) in ADIB I possess about 8+ years of total IT related work experience, worked with L&T, Accenture, Mashreq Global Services and played roles like mortgage analyst and Information Security Analyst.
Overview
8
8
years of professional experience
4
4
years of post-secondary education
4
4
Certifications
1
1
Language
Work History
SIEM Specialist
Cantaloupe, ADIB Bank
01.2023 - Current
- Develop and fine-tune detection rules, correlation rules, and use cases within the SIEM platform to identify security incidents and abnormal activities.
- Establish mechanisms to collect and parse logs from various sources, such as network devices, servers, endpoints, and cloud platforms.
- Deploy and configure the SIEM solution, including infrastructure components, log sources, data connectors, and integration with other security tools and systems.
- Deploy and configure Azure Sentinel, Microsoft's cloud native SIEM solution, including resource provisioning, workspace setup, and data source integration.
- Reviewing incident response processes and implementing improvements. Stay updated with the latest cloud security trends, tools, and practices to enhance the overall security posture.
- Connect and ingest data from various Azure services, such as Azure Active Directory, Azure Security Center, Azure Firewall, and other cloud-based platforms, to Azure Sentinel. Configure data connectors and log collection mechanisms to ensure comprehensive visibility.
- Develop and implement automation scripts, workflows, and playbooks using Azure Logic Apps, Azure Functions, or other automation tools to streamline incident response processes. Automate routine security tasks, such as threat hunting, log analysis, and incident enrichment.
- Deploying the MMA, AMA and OMA agents to collect file based, syslog and windows.
Assistant Manager
Mashreq Bank
Bangalore
06.2021 - 02.2023
- Collaborate with L2 and L3 analysts for incident escalation and resolution.
- Generate compliance reports, security dashboards, and executive summaries to communicate the effectiveness of the SIEM solution and the organization's security posture. Ensure adherence to regulatory requirements and industry best practices.
- Develop and follow incident response processes to promptly address security incidents and breaches. Coordinate with internal teams or external stakeholders to contain and mitigate the impact of incidents. Provide support during forensic investigations and ensure timely closure of incidents.
- Monitor real-time security events and alerts generated by the SIEM system. Conduct in-depth analysis of suspicious activities, anomalies, and potential indicators of compromise (IOCs). Investigate and validate security incidents using log data and other available sources
- Monitor and triage alerts and incidents within the SOAR platform.
- Execute predefined automated response actions for low-level incidents.
Senior Security Delivery Analyst
Accenture Solutions Pvt Ltd
Bangalore
07.2019 - 06.2021
- Managing Azure Log Analytics: Creating workspace, Adding VM for monitoring.
- Configuring Alerts for Log analytics workspace.
- Analyzing security and log data to identify potential threats or weaknesses and handling Service Now incidents.
- Setting up Security policies and Pricing tier for Log Analytics.
- Working with the team for MMA installation in VMs for log monitoring.
- Setup and configuration of Azure Security Center.
- Performing the health check of the servers.
- Fine-tuning the rules in Log Analytics and Sentinel and Adhoc requests for any whitelisting.
- Created MCAS policies and conditional access policies (Session policies).
- In MCAS worked on Sanctioned and Unsanctioned apps. WDATP integration for blocking the unsanctioned Apps.
- Working on Automation Accounts to automate the Reports.
- Created Logic app and Automation account for Email Header Analysis using PowerShell.
- Report alerts and investigate issues identified during monitoring the live traffic. Preparing Daily/weekly/Monthly Reports for clients
System Engineer
LTI, Larsen & Toubro Infotech Limited
Bangalore
01.2018 - 07.2019
- To analyze the logs and events triggered in SIEM and investigation the type of attacks and logs and provide security to the network environment
- Responsible for integrating the network devices and servers to McAfee
- Responsible for operational deliveries to the customers weekly and monthly
- Analyzing Phishing, Spamming, and Malicious URL sites and blocking them using Web Content Filtering
- Proxies
- Performing Vulnerability Assessment and following up with respective teams for mitigations
- Log and assign incident tickets for internal and external users for various product-related issues and coordinate with the respective teams for closure of the incidents under the defined SLA and priority
- Escalate issues to the operation heads or senior authorities as per the escalation matrix for faster and better resolution
- Close coordination with vendors of ticketing and monitoring tools for quick restoration and periodic updates
- SIEM (ArcSight ESM & MacAfee Nitro):
- Working on ArcSight SIEM Tool for Providing the SOC (Security Operation Centre) Operations
- Monitor real-time security events on Arc sight console and Event Analysis and Investigating
- Working on incidents, reviewing the alerts, and doing a detailed analysis of alerts
- Investigating the events based on criteria by creating active channels
- Investigating the commands, and applying the inline filters in an active channel to make the process reliable
- After Analyzing alert raising incidents in ticketing tool for true positive incidents and follow up the team up to incident closure
- Investigate incidents using Active Channels/Dashboards/Events/Graphs/Annotations and reports
- Regular health checks monitoring, log analysis, and reporting
- Working on assigned events based on Annotations
- Creating and submitting daily, weekly, and monthly reports without errors using query viewers
- Providing 24
- 7 support and coordinating with the required team to resolve the issues
- VA(Nexpose):
- Creating Sites, Asset groups, and performing Scheduled and ad-hoc scans for multiple client-servers, sites, and
- IPs
- Finding vulnerabilities and sending them to the respective team to remediate/fix the issue
- Technical report generation for the scans completed
- Preparing management reports for specific clients
- Work on basic troubleshooting techniques for the IP’s failed to scan
- Coordinate with technology towers for the issue remediation and suggest control measures to avoid the same in the future.
Associate
Magna Infotech, Accenture
Bangalore
07.2016 - 12.2017
- Highlight your team's deep knowledge and expertise in specific domains or industries relevant to the KPO process.
- Emphasize the specialized skills and understanding your team possesses, which allows them to handle complex and knowledge-intensive tasks.
- managing and processing large volumes of data efficiently. Highlight your expertise in data cleansing, validation, normalization, and transformation to ensure accurate and reliable information for clients' decision-making processes.
- Discuss your team's focus on quality assurance and adherence to industry standards and regulatory requirements. Highlight your methodologies for conducting quality checks, audits, and ensuring compliance with relevant guidelines to deliver accurate and reliable outputs.
Associate
Aegis
Bangalore
08.2015 - 04.2016
- Showcase your ability to deliver exceptional customer service in a banking voice BPO role.
- Highlight your experience in handling customer inquiries, resolving issues, and providing accurate and timely information on banking products, services, and policies.
- Highlight your familiarity with various banking transactions, such as account inquiries, fund transfers, loan applications, and credit card services, demonstrating your ability to effectively assist customers with their specific banking needs.
- Discuss your ability to adhere to privacy regulations, data protection guidelines, and identity verification processes to ensure customer information remains secure and confidential.
Education
B.Tech - ECE
Priyadarshini Institute of Technology
Tirupathi 09.2011 - 05.2015
Skills
undefined
Certification
Certified in McAfee Nitro 10.2
Additional Information
- R&R Certificate for April 2022 - Certificate of Extra Mile Award
- R&R Certificate for February 2022 -Certificate of Mashreq Excellence Silver Award
- R&R Certificate for February 2022 -Certificate of Extra Mile Award
- R&R Certificate for December 2021 - Mashreq Excellence Silver
Timeline
SIEM Specialist
Cantaloupe, ADIB Bank
01.2023 - Current
Assistant Manager
Mashreq Bank
06.2021 - 02.2023
Senior Security Delivery Analyst
Accenture Solutions Pvt Ltd
07.2019 - 06.2021
System Engineer
LTI, Larsen & Toubro Infotech Limited
01.2018 - 07.2019
Associate
Magna Infotech, Accenture
07.2016 - 12.2017
Associate
Aegis
08.2015 - 04.2016
B.Tech - ECE
Priyadarshini Institute of Technology
09.2011 - 05.2015
Similar Profiles
ANAS MADMUJANAS MADMUJ
Business Service Officer at Abu Dhabi Islamic Bank (ADIB)Business Service Officer at Abu Dhabi Islamic Bank (ADIB)
Ahmed Shokry IbrahimAhmed Shokry Ibrahim
Senior trade operations officer at ADIB-ABUDHABI ISALMIC BANKSenior trade operations officer at ADIB-ABUDHABI ISALMIC BANK
Ahmed AlaaAhmed Alaa
Islamic Sales Executive at Abu Dhabi Islamic Bank (ADIB)Islamic Sales Executive at Abu Dhabi Islamic Bank (ADIB)
ASHETHA PETERASHETHA PETER
HCC Medical Coder at ChampionsHCC Medical Coder at Champions
Muhammad Tahir BegMuhammad Tahir Beg
TEAM LEADER / MARINE OPERATIONS (Tankers) at ADNOC Logistics and ServicesTEAM LEADER / MARINE OPERATIONS (Tankers) at ADNOC Logistics and Services