AVINASH NANDIGAM
Plano,TX
Summary
Highly experienced and skilled Information Security expert with over eight years of proven success in the
cybersecurity field. Adept in leading Vulnerability Management initiatives and providing expert analysis as a SOC
Level 3 Analyst. Proficient in utilizing cutting-edge technologies, including SIEM, IBM QRadar, AWS, FireEye EX &
NX, EDR, Proofpoint to safeguard critical assets and mitigate emerging threats.
Overview
8
8
years of professional experience
Work History
Senior SOC Analyst / Incident Response / Vulnerability Management
DELOITTE
01.2021 - 05.2023
- Multinational Bank & Financial services company, Proactively hunt for and research potential malicious activity and incidents across multiple platforms using tools like
- IBM QRadar, advanced threat network and host-based tools
- Build indicators of compromise into monitoring tools using internal and external sources to integrate those tools with one another to provide data enrichment
- Conduct senior level analysis, proactive monitoring, mitigation, and response to network and security incidents
- Conducted third-level review of cybersecurity alerts, collaborating with L1 & L2 teams to conduct in-depth root cause analyses, ensuring accurate threat identification and timely incident resolution
- Facilitated integration of new log sources by collaborating with infrastructure teams, ensuring seamless log source integration into QRadar for enhanced threat detection and response capabilities
- Proactively troubleshooted log source discrepancies, promptly identifying and rectifying issues to ensure continuous flow of security-relevant data into the SIEM solution
- Proposed and implemented QRadar rule fine-tuning recommendations, contributing to improved accuracy in threat detection and minimized false positives
- Analyzed network traffic and system logs to proactively identify and mitigate potential security breaches, bolstering overall cybersecurity posture
- Investigated and effectively resolved incidents involving unauthorized access to sensitive information, preventing data compromise and potential financial losses
- Conducted comprehensive reviews of computer security procedures, identifying violations and devising strategic mitigation plans to enhance overall security awareness and compliance
- Utilized risk analysis techniques to identify vulnerabilities and recommend appropriate security measures, enhancing the organization's ability to proactively address potential threats
- Led migration of Jira ticketing tool from on-premises infrastructure to AWS cloud, resulting in improved accessibility and scalability
- Orchestrated the provisioning of AWS resources, including EC2 instances, RDS databases, Elastic Load Balancer, and other essential services for optimal functionality of the Jira tool
- Monitored AWS GuardDuty alerts and swiftly responded to potential security threats, enhancing overall system security
- Leveraged AWS Identity and Access Management (IAM) to facilitate access provisioning, ensuring the right level of permissions for various user roles
- Implemented robust security measures for S3 buckets, fortifying data protection and maintaining compliance standards
- Assessed and enhanced the security posture of S3 buckets, contributing to the organization's overall security framework.
Vulnerability Management
05.2019 - 12.2020
- Successfully managed and led the Vulnerability Management (VM) program, overseeing crucial aspects in establishing scan schedules and meticulously preparing comprehensive metrics
- Effectively coordinated a team of skilled professionals in the execution of Vulnerability Management tasks, ensuring the timely delivery of high-quality outputs
- Conducted thorough vulnerability assessments, collaborating closely with various departments to address procedural challenges associated with prioritized risks, facilitating streamlined risk mitigation efforts
- Fostered strong collaboration and synergy with IT teams and stakeholders, leveraging their expertise to integrate advanced analysis techniques and optimize the efficiency of remediation processes
- Demonstrated a proactive approach by consistently reviewing and evaluating established vulnerability procedures, identifying areas in need of improvement to enhance overall program effectiveness.
SOC Analyst
Ariatech IT Solution.Pvt.Ltd
03.2015 - 04.2019
- Performed information security incident response and handling, categorizing incidents based on risk levels and following established protocols
- Utilized SIEM tools, specifically IBM QRadar, for real-time monitoring, investigation, analysis, and reporting of security incidents to clients
- Employed diverse collection techniques to continuously monitor and analyze security alerts from approved devices and system logs
- Applied SLA-based escalation procedures for security incidents and furnished clients with pertinent information regarding the incidents
- Collaborated with clients during high-priority security issues, assisting in the mitigation of attacks and minimizing potential impacts
- Troubleshot issues with SIEM dashboards, ensuring proper data availability and generating accurate reports
- Identified and classified cyber security vulnerabilities, working alongside system owners to create and implement effective mitigation plans
- Analyzed network traffic to derive insights from known malicious actors, enhancing countermeasures against potential threats
- Provided daily status updates on active cyber security incidents, ensuring ongoing communication with clients and prompt resolution.
Education
B.Tech - Computer Science and Engineering
2014
IBM QRadar SIEM certification, CEH (Certified Ethical Hacker), ICS certification (Industrial Control Systems), CISSP - undefined
AWS Security Specialty - undefined
Skills
- Vulnerability Management (Nessus)
- SIEM (Security Information & Event
- Management)
- IBM QRadar
- Incident Response
- FireEye EX (Email Security)
- FireEye NX (Network Security)
- Phishing Analysis
- AWS (Amazon Web Services)
- Proofpoint (Email Security)
- EDR (CrowdStrike)
- Cyber Kill Chain (CKC)
- MITER ATT&CK Framework
- Virus Total, Any Run, MX Toolbox
- Service Now, Jira, HPSM
- MS Excel
- Network: Wireshark, Pcap Analysis
- Operating Systems: Windows, Linux
Timeline
Senior SOC Analyst / Incident Response / Vulnerability Management
DELOITTE
01.2021 - 05.2023
Vulnerability Management
05.2019 - 12.2020
SOC Analyst
Ariatech IT Solution.Pvt.Ltd
03.2015 - 04.2019