Summary
Overview
Work History
Education
Skills
Affiliations
Certification
Websites
Timeline
Generic

Laxmi Ganji

San Antonio,Texas

Summary

  • Around 3.5 years of professional experience and expertise in a Security Operation Center with multiple threat detection and response systems.
  • Performed 24/7 monitoring of security tools, dashboards, SIEM, IDS/IP, and email alerts.
  • Conducted daily monitoring and analysis of suspicious email and web traffic.
  • Monitored system logs and network traffic for unusual or suspicious activity like DDoS attacks, Port scanning, and DNS.
  • Used Splunk Enterprise Security (ES) to monitor and analyze network traffic, Intrusion Detection Systems (IDS), and security event logs.
  • Performed triage on alerts by determining their criticality and scope of impact.
  • Investigated, analyzed, and processed endpoint alerts using SIEM tools: McAfee Antivirus, Cylance, Splunk Enterprise Security (Splunk ES), and OSINT tools.
  • National Vulnerability Database (NVD), open ports, and missing patches. Used tools like Nexpose Rapid 7 and Splunk for scanning vulnerabilities.

Overview

6
6
years of professional experience
1
1
Certification

Work History

Security Intern

GEICO
Dallas, TX
09.2024 - Current
  • Monitored SIEM alerts using LogRhythm, ELK to identify security threats.
  • Investigated alerts from multiple log sources (firewall, WAF, IDS/IPS, email gateway, DLP).
  • Performed phishing email analysis using Proofpoint, Symantec MessageLabs to detect and block malicious emails.
  • Conducted forensic investigations using Autopsy, EnCase, Volatility.
  • Automated incident triage & SIEM log analysis using Python & SOAR (Splunk SOAR, IBM Resilient).
  • Worked with EDR tools (CrowdStrike, SentinelOne) to analyze endpoint threats.
  • DLP (Data Loss Prevention) strategies for cloud storage and SaaS.
  • Automating SIEM processes using Python, and Shell scripting to streamline log ingestion, alerting, and incident response workflows
  • Network protocols including TCP/IP, SSL/TLS, and IPSec in critical system environments
  • Penetration testing and vulnerability assessments using Burp Suite and Metasploit.
  • Investigations by analyzing logs, network traffic, and endpoint telemetry to determine root cause and impact
  • Provided incident response leadership, coordinating with SOC, IT, Legal, and Compliance teams to remediate security threats
  • Integrating SIEM solutions with cloud platforms (AWS, Azure).

SOC Engineer

ADP
Hyderabad, Telangana
05.2019 - 08.2022
  • Provide forensic analysis of network packet captures, DNS, proxy, malware, host-based security, and application logs, as well as logs from various types of security sensors
  • Splunk Enterprise Security (ES) to monitor and analyze network traffic, Intrusion Detection Systems (IDS), and security events logs and analyze email logs.
  • Applied MITRE ATT&CK framework to threats and enhanced detection rules in SIEM
  • Security incidents to Cyber Kill Chain stages to understand attacker tactics and improve defense strategies
  • Cloud environments met CIS, NIST, ISO 27001, and SOC 2 compliance using Wiz’s policy engine
  • Monitor Network Intrusion Detection/Prevention Systems (IDS/IPS), SIEM, Zscaler Web Security, CISCO WSA
  • Use Splunk to search and analyze email logs to confirm malicious emails were not delivered or is quarantined and malicious attachment is dropped
  • Analyze, investigate and process Malicious/Phishing Email alerts from IronPort.
  • Automated routine security tasks using PowerShell and Python scripts

Education

Masters - Information Technology & Management

Webster University
01.2024

Bachelor of Science - Computer Science

SVS Engineering College
India
01.2017

Skills

  • Network Security: TCP/IP, UDP, SSL/TLS, HTTP(S), VPN
  • EDR: CrowdStrike, SentinelOne
  • SIEM: LogRhythm, ELK
  • Email: Proof Point, Symantec MessageLabs
  • Ticketing: IBM Resilient, BMC Remedy, ServiceNow, Jira
  • OSI Layers: Routers, Switches
  • Cloud: Azure Security Center
  • Scripting: PowerShell
  • Languages: Python
  • Kali Linux Tools

Affiliations

  • Outstanding performance in threat detection, monitoring, and response
  • Awarded improving SIEM detections & log analysis.

Certification

  • CompTIA Security+ Certified
  • Mitre Attack Defender

Timeline

Security Intern

GEICO
09.2024 - Current

SOC Engineer

ADP
05.2019 - 08.2022

Masters - Information Technology & Management

Webster University

Bachelor of Science - Computer Science

SVS Engineering College

Similar Profiles

CREATE PROFILE
Laxmi Ganji