SAI TEJA REDDY GUNTAKA
Bellevue,WA
Summary
Vigilant and results-driven Cyber Security Specialist with extensive experience and hands-on expertise in incident response, DLP implementation, Azure administration, network monitoring, and working to prevent and proactively safeguard against cyber threats and attacks with a strong track record of real-time SIEM triage, event analysis, correlation, alerting, response, security engineering, and communication skills.
Overview
7
7
years of professional experience
1
1
Certification
Work History
SOC Engineer
Truveta (Health Care)
01.2023 - Current
- As an Incident Responder, I proactively addressed security alerts triggered in Azure Sentinel. My responsibilities included analyzing and mitigating incidents promptly to safeguard critical systems and data.
- Conducted thorough analysis of over 100 phishing emails using a combination of OSINT (Open Source Intelligence) tools and Azure Defender. This effort contributed to enhancing our organization's email security posture.
- Managed over 100 user administration and authentication tasks, ensuring appropriate roles and access for users based on project requirements. Additionally, contributed to enhanced security by handling tasks related to travel notices and MFA (Multi-Factor Authentication) resets.
- Conducted in-depth analysis of security alerts triggered by the Azure Security Suite. Utilizing KQL (Kusto Query Language), I identified patterns, trends, and potential threats, enabling timely and effective responses.
- Documented recurring false positive alerts and actively collaborated with L3 Security Engineers to fine-tune rule and policy configurations. This proactive approach significantly minimized repetitive false positives, optimizing overall alert handling efficiency.
- Leveraged Threat Intelligence tools, including In-house Recorded Future, to carefully analyze and comprehend malware events and alerts within an Inbuilt Sandbox environment. This knowledge significantly informed our incident response strategies, enhancing our organization's overall defenses against cyber threats.
- Actively drove meetings to discuss security alerts, updates, and other critical security matters. By communicating and collaborating among cross-functional teams, I ensured alignment and timely actions for Security and Compliance Requirements.
Associate Consultant
KPMG
10.2019 - 07.2021
- Collaborated with 3 C-suite executives (CISO,CTO and CRO) and Senior Management Executives from multiple departments to detect data loss incidents by Data classification and succeeded in implementing a data loss prevention solution for a company with 700 employees.
- Implemented Multiple use-cases for security event alerting and assisted in fine-tuning the use-cases for the organization that achieved 99% security and reduced the false alert alarms.
- Analyzed Malware events and similar such cyber threats like Phishing, DDOS etc.
- For large enterprises like KPMG for maintaining high data security and availability
- Performed Email Analysis for over 100+ phishing emails using multiple OSINT tools and Email security solution (Proof-Point) for the enterprises and helped the organization to keep cyber attacks at bay.
- Mentored the client team on handling the DLP security incidents, preparing a strong self-sufficient in-house security team
- Devised an SOP (Standard operating procedure) for managing the DLP security incidents and prepared an escalation matrix by collaborating with multiple departments for quick remediation, reducing the response time by 30%
- Developed trusting relationships with team members and clients by being an SME (Subject Matter Expert) and communicating regularly with the C-Suite Executives, Senior Management, and the employees of the client organization, assisting KPMG to earn a new project worth USD 1/2 million from the same client.
SOC Analyst
IBM
09.2018 - 10.2019
- Acted as Incident coordinator for multiple high severity security investigations and involved multiple teams like Network, Windows, Database and others for containment, eradicating threats and eliminating lateral movement.
- Documented the recurring false positive alerts and coordinated with the L3 Security Engineers for fine tuning the rule/policy configuration, minimizing the repetition of false positive alerts and improving the detection accuracy.
- Communicated with multiple stakeholders like the Network team and Windows team; leveraged multiple security tools like SIEM, Firewalls, IDS/IPS, EDR, and AV during the investigation process to maintain high security for the organization data.
- Participated in developing 5+ playbooks for keeping the security investigation process intact and uphold compliance, controlling the response time for incident investigations and improving the regulatory compliance capability of the organization.
Security Analyst
Unpaper
07.2017 - 09.2018
- Engaged in a 24/7/365 cyber defense team for real-time monitoring of the Security Incident and Event Management (SIEM) tool for addressing the Security events / Policy Violations
- Monitored and analyzed multiple network and endpoint security events by adopting multiple security solutions and OSINT tools.
- Detailed Analysis of the security events on SIEM tool (IBM Qradar), updating & closing the alerts according to the analysis, and enabling an improved incident management system.
- Compiled and prepared the briefings of daily, weekly, and monthly events and incidents on reports, strengthening the client's overview of the environment's security posture.
Education
Masters in Cybersecurity and Information Assurance -
University of Central Missouri
Warrensburg, MO08.2022
Skills
- Operating Systems (Windows, Linux/Unix, Mac)
- Frameworks (MITRE ATT&CK framework, Cyber Kill Chain (CKC) framework, NIST)
- Networking (TCP/IP, DNS, DHCP, Firewall, IDS/IPS, Proxies, Protocols, Gateways, Routers, Switches, VPN, Firewall, Web Application Firewall (WAF))
- SIEM (Azure Sentinel, Splunk, IBM Qradar)
- Project Management Tools (Azure Devops, JIRA, Service Now, HP service management tool)
- Azure Suite (Sentinel, Defender for Endpoint, Defender for Cloud, Defender for Office 365)
- Skills (Incident Response, Threat Hunting, SIEM Administration, DLP Implementation and Security Engineering)
Certification
- Certified Network Associate (CCNA), Cisco
- Azure Fundamentals (AZ-900), Microsoft
- Certified Ethical Hacker (C|EH), EC Council
- Security Blue Team- Level 1 (BTL1), Security Blue Team,
- CompTIA Security+, CompTIA
Timeline
SOC Engineer
Truveta (Health Care)
01.2023 - Current
Associate Consultant
KPMG
10.2019 - 07.2021
SOC Analyst
IBM
09.2018 - 10.2019
Security Analyst
Unpaper
07.2017 - 09.2018
Masters in Cybersecurity and Information Assurance -
University of Central Missouri
Similar Profiles
Lisa GurryLisa Gurry
Chief Growth Officer and Co-Founder at TruvetaChief Growth Officer and Co-Founder at Truveta
Schnaison DelvaSchnaison Delva
Medical Interpreter at Health CareMedical Interpreter at Health Care
Carol PattersonCarol Patterson
Community Health Nurse at Health careCommunity Health Nurse at Health care
Lawrence SmithLawrence Smith
Loss Prevention Officer at Vigilant Assest Protection, LLCLoss Prevention Officer at Vigilant Assest Protection, LLC
Tyler ChoTyler Cho
Cashier at NordstromCashier at Nordstrom