Summary
Overview
Work History
Education
Skills
Accomplishments
Certification
Timeline
Generic

Lokesh CK

Principal Threat Analyst
Plano,TX

Summary

Results-driven IT professional with 8+ years of experience in planning, analysis, and implementation of security initiatives. Strengths in providing comprehensive network design and security frameworks. Certified in Azure Security and Ethical hacker

Overview

3
3
Certifications
4
4
years of post-secondary education
9
9
years of professional experience

Work History

Principal Threat Analyst

Optiv Security Inc.
Frisco, TX
12.2017 - Current
  • Was responsible for Cybersecurity Incident Discovery and event management, network forensics, IPS/IDS, Firewalls, Content Filtering Technology, DLP, Configuration Management, and Monitoring, End-Point Protection, Database Security and Log Collection and Analysis.
  • Strong working knowledge of security-relevant data, including network protocols, ports and common services, such as TCP/IP network protocols and application layer protocols (e.g. HTTP/S, DNS, FTP, SMTP, Active Directory, etc.)
  • Strong understanding of malware families, delivery mechanisms and behaviours
  • Incident response or network security with strong knowledge working as part of aSOC team
  • Understanding of tactics, techniques, and procedures employed by threat adversaries
  • Regularly prepare reports and comprehensive documentation for customers.

Incident Responder

Pytheus Consulting
Bangalore, India
03.2017 - 12.2017
  • Providing technical and Administration support for Proofpoint Messaging Gateway/Antispam System to secure customer emails infrastructure.
  • Was responsible in Integrating Proofpoint TAP alerts into JIRA.
  • Providing analysis on various security enforcement technologies including Proofpoint, Sumologic, Cylance, Crowdstrike, Paloalto, and Zscaler.
  • Technical/Administration support for blocking/white listing external mail domains, checking/updating spam scores, blocking spam emails and email address, mail encryption, adding domains in TLS, adding users access/block list, managing gateway firewall and creating rules, monitoring quarantine/spam emails, hold emails and released them as per instructions from Client.
  • Was responsible to analyse, document and report on potential security incidents identified in Client environment.
  • Coordinating security events that require urgent response, containment and remediation
  • Joining high bridges/major incident calls with customer/vendor and others support team if any major incident reported, providing status updates to customer till incident resolved.
  • Daily management / monitoring, assignment of incident tickets in JIRA and resolving them within SLA.
  • Providing on call and after office hours support when required.
  • Actively research current threats and attack vectors being exploited in wild

Consultant

Ernst & Young
Bangalore, India
02.2016 - 03.2017
  • Monitoring incident queues and alerts from various monitoring functions, incidents highlighted via email, phone etc.
  • Document and monitoring incidents - Background, progress, next actions.
  • Perform remote and onsite live-response activities, document findings, oversee the remediation process to its completion.
  • Guide vendors and teams responsible for remediation actions.
  • Analyze logs from firewalls, network and host intrusion and prevention systems.
  • Analyze malware and/or spam and/or phishing or any other malicious content.
  • Interact with IT, networking, and security assurance functions as well as Business, Human Resources and Legal Team.
  • Participation in knowledge sharing with peers.
  • Cooperation with the global team.

Information Security Analyst

Tata Consultancy Services Limited
Bangalore, India
06.2015 - 02.2016
  • Responsible for identifying frequently occurring security incidents and thereby minimizing the Number and Severity of Security Incidents.
  • Responsible for suggesting the teams on what needs to be done on a security incident.
  • Analyze and develop new technologies for minimizing security vulnerabilities and risks.
  • Provide security consulting services.
  • Routinely assess vulnerabilities and coordinating with security specialist and various other stake holders for mitigating the same.
  • Routinely monitor and analyze network traffic and system performance.
  • Responsible for analysis and reporting.
  • Handling SOC operations vulnerability assessment tools like ncircle ip 360.
  • Worked on tools such as Cisco Meraki, McAfee ePO, Service Now for incident management and security reporting.
  • Involved in risk analysis of major threats and vulnerabilities detected at client’s network ecosystem.

IT Security Professional

IBM
Bangalore, India
04.2012 - 06.2015
  • Monitoring of Multiple Security Incidents using SIEM tool (QRadar).
  • Analyzing the offenses for Botnet, P2P activity, Virus threat, Trojan, Malwares, Brute force attack, vulnerability and policy violation activities.
  • Technical/Administration support on Symantec messaging gateway for blocking/white listing external mail domains, checking/updating spam scores, blocking spam emails and email address, mail encryption, adding domains in TLS, adding users access/block list, managing gateway firewall and creating rules, monitoring quarantine/spam emails, hold emails and released them as per instructions from Client.
  • All security events, network transactions and additional contextual information (derived from correlation tests) observed during an attack or violation.
  • Identify anomalies and possible threats or to review network usage and performance to help meet IT service-level responsibilities.
  • Finding out the false positive offenses, modifying the rules to ignore the legitimate traffic and reducing the offense count.
  • Finding the false negative by analyzing the events, flow count in the dashboard and fine tuning the rules to trigger the offense.
  • Search across logs on different nodes and time periods based on specific criteria.
  • Troubleshooting anti-virus (Symantec and McAfee EPO) agents on hosts which are inactive\not reporting to console.

Education

Bachelor of Engineering Technology - Electrical, Electronics And Communications Engineering

Visvesvaraya Technological University
Bangalore, India
08.2007 - 06.2011

Skills

    Designing security controls

Incident Response

SIEM

EDR (MDATP, Falcon, SEPM)

Firewalls

Email Gateway (Proofpoint, Mimecast)

VMS - Nessus and Qualys

Cloud Security

Accomplishments

  • Made recommendations to management on SOAR Technologies to improve the overall incident response.
  • Designed and implemented a SOC team for major FMCG client.
  • Achieved Better security posture by integrating EDR, VMS with SOAR platforms.
  • Collaborated with team of 35 in the development of Automation.

Certification

Certified Ethical Hacker

Timeline

Azure Security

05-2021

Certified Ethical Hacker

03-2018

Principal Threat Analyst

Optiv Security Inc.
12.2017 - Current

Incident Responder

Pytheus Consulting
03.2017 - 12.2017

CCNA

02-2017

Consultant

Ernst & Young
02.2016 - 03.2017

Information Security Analyst

Tata Consultancy Services Limited
06.2015 - 02.2016

IT Security Professional

IBM
04.2012 - 06.2015

Bachelor of Engineering Technology - Electrical, Electronics And Communications Engineering

Visvesvaraya Technological University
08.2007 - 06.2011

Similar Profiles

CREATE PROFILE
Lokesh CKPrincipal Threat Analyst