Muralikrishna M Email and Phone Number

Working as a Security Analyst in a 24/7 SOC environment. Continuously monitor alerts from SIEM tools for potential security incidents and review email gateway logs for phishing attempts and malware.. Investigate alerts and incidents to assess their severity and determine appropriate response actions. Analyze threat intelligence to identify emerging threats and adapt defenses accordingly. Review logs from SIEM, email gateways, and EDR systems to identify unusual patterns or suspicious activities.. Conduct regular scans using tools like Qualys or Nessus to identify vulnerabilities in systems and applications. Prioritize vulnerabilities based on risk and coordinate remediation efforts with relevant teams. Create and manage incident tickets in systems like ServiceNow, ensuring timely resolution and proper documentation. Respond to incidents identified through EDR, including isolating affected endpoints and removing malicious files. Configure and fine-tune rules and policies in SIEM and EDR tools to minimize false positives and ensure critical threats are detected. Generate daily and monthly reports on security incidents, vulnerabilities, and compliance metrics for management review. Work closely with other IT teams (Network, Server, etc.) and the Security Operations Center (SOC) to ensure effective handling of incidents. Participate in training sessions and knowledge-sharing meetings to stay updated on the latest security trends and best practices

Continuously monitor alerts generated by SIEM and EDR tools for potential security incidents. Investigate and analyze alerts to determine their nature, severity, and potential impact on the organization. Monitor and analyze security events across firewalls, proxies, antivirus, and cloud platforms (AWS, Azure, Google). Use threat intelligence and MITRE ATT&CK framework to understand the tactics, techniques, and procedures (TTPs) associated with identified threats. Review logs from various sources (firewalls, servers, applications) to identify unusual patterns or behaviors. Create and manage incident tickets in systems like ServiceNow, tracking their status and ensuring timely resolution. Take immediate action to contain threats, such as isolating infected endpoints or removing malicious files. Coordinate with other IT teams (Network, Server, etc.) and the Security Operations Center (SOC) to ensure effective incident response. Configure and fine-tune SIEM and EDR rules, policies, and alerts to minimize false positives while ensuring critical threats are detected. Generate daily and monthly reports for incident management, compliance, and management review. Stay updated on the latest security trends, vulnerabilities, and best practices to enhance security posture.

Working as a Security Analyst in a 24/7 SOC environment. Monitoring and analyzing events produced by various security and network tools, such as firewalls, proxy servers, antivirus software, IPS/IDS, load balancers, databases, system applications, and cloud platforms (Amazon, Azure, and Google), as well as Windows and Linux servers. Security Incident Response: Responsible for monitoring security alerts, analyzing logs produced by appliances, and investigating incidents to assess whether they are false positives or false negatives. Use SIEM tools (UEBA, Splunk, LogRhythm, and IBM QRadar) to detect potential signs of security breaches and perform detailed investigations to confirm any successful breaches. Conduct root cause analysis (RCA) and handle incidents appropriately according to the clarified Incident Management Framework. Follow the end-to-end Incident Investigation and Incident Response process, ensuring investigations are closed within defined SLAs. Escalate security incidents to the relevant teams and management, and follow up for closure. Create tickets in ServiceNow and track the status of incidents.Analyze daily and monthly reports for incident management and compliance. Coordinate with the Network and Server teams regarding activities and technical issues. Create vulnerability and remedy reports and communicate them to users. Identify critical servers and application inventories from respective business owners and schedule scans on a weekly, monthly, and quarterly basis. Conduct knowledge-sharing sessions with team members whenever complex incident issues arise, as well as discuss lessons learned from other team members.

 Continuously monitor alerts generated by SIEM and EDR tools for potential security incidents. Investigate and analyze alerts to determine their nature, severity, and potential impact on the organization. Monitor and analyze security events across firewalls, proxies, antivirus, and cloud platforms (AWS, Azure, Google). Use threat intelligence and MITRE ATT&CK framework to understand the tactics, techniques, and procedures (TTPs) associated with identified threats. Review logs from various sources (firewalls, servers, applications) to identify unusual patterns or behaviors. Create and manage incident tickets in systems like ServiceNow, tracking their status and ensuring timely resolution. Take immediate action to contain threats, such as isolating infected endpoints or removing malicious files. Coordinate with other IT teams (Network, Server, etc.) and the Security Operations Center (SOC) to ensure effective incident response. Configure and fine-tune SIEM and EDR rules, policies, and alerts to minimize false positives while ensuring critical threats are detected. Generate daily and monthly reports for incident management, compliance, and management review. Stay updated on the latest security trends, vulnerabilities, and best practices to enhance security posture.