Shruthi Narsannagari
Frisco,TX
Summary
A Skilled IAM and Security Analyst with expertise in managing identity and access in Azure, GCP. Skilled in RBAC, service principal and group management, and least-privilege access enforcement through platforms like Microsoft Entra ID. As an IAM expert, I have been instrumental in developing and implementing security policies, procedures and best practices for the organizations i worked for.
Overview
10
10
years of professional experience
1
1
Certification
Work History
IAM / Information Security Analyst
SMBC
Texas
07.2023 - Current
- Implemented and managed Azure RBAC to enforce least privilege access across subscriptions, resource groups, and resources in Microsoft Azure
- Assigned built-in and custom roles to users, groups, and service principals, reducing over-privileged access
- Designed and maintained RBAC role hierarchies aligned with organizational security policies
- Administered Privileged Identity Management (PIM) in Microsoft Entra ID for just-in-time (JIT) access to critical roles
- Conducted periodic access reviews and removed unnecessary privileged roles to improve compliance posture
- Enforced approval workflows and time-bound access for high-risk roles such as Global Administrator
- Monitored Azure Activity Logs and Entra ID audit logs to track RBAC changes and detect unauthorized access
- Identified and remediated segregation of duties (SoD) conflicts across critical roles
- Integrated RBAC with Conditional Access policies to enforce context-based access controls
- Managed access for enterprise applications and Azure resources using service principals and managed identities
- Managed group-based access control to simplify RBAC assignments and reduce administrative overhead
- Provided Tier 2/3 support for access-related issues and escalations
- Scoped roles at management group, subscription, and resource levels for fine-grained control
- Investigated unauthorized access attempts and revoked excessive permissions promptly
- Responded to identity-related security incidents by removing role assignments and enforcing MFA resets
- Automated creation and lifecycle management of Service Principals (SPNs) in Microsoft Entra ID using CI/CD pipelines
- Configured SPNs with least-privilege Azure RBAC roles at subscription, resource group, and resource levels
- Audited SPN usage and permissions using Entra ID logs and Azure Activity Logs
- Analyzed Tenable findings to prioritize remediation based on risk and exposure level
- Remediated critical security gaps in Microsoft Azure environments, reducing attack surface
- Partnered with Security Operations Center (SOC) teams to investigate identity-related incidents using logs from Microsoft Entra ID
- Assisted in incident response by revoking access, disabling compromised accounts, and enforcing MFA remediation
- Collaborated on threat detection use cases and identity-based alerts
- Worked closely with DevOps teams to implement secure authentication using Service Principals (SPNs) and managed identities in Microsoft Azure
- Enabled secure CI/CD pipelines by integrating RBAC roles and least-privilege access controls
- Created and managed service accounts in Google Cloud Platform for secure application-to-application authentication
- Assigned IAM roles to service accounts following the least privilege principle, reducing excessive permissions
- Implemented service account key management, including secure creation, rotation, and decommissioning
- Created and managed Google Groups to enable group-based access control (GBAC) across projects and resources
- Assigned IAM roles to groups instead of individual users to simplify access management and improve scalability
- Maintained group memberships aligned with job roles and business functions
- Used predefined and custom roles to meet granular access requirements
- Regularly reviewed and optimized role bindings to ensure compliance and security
- Conducted periodic access reviews to identify and remove unused or over privileged accounts
- Disabled or deleted inactive service accounts to reduce attack surface
Senior Information Security Analyst
Harsco India Services Pvt Ltd
India
01.2022 - 02.2023
- Managed and deployed KnowBe4 security awareness training campaigns to employees across multiple departments
- Designed and assigned role-based training modules to address phishing, social engineering, and cybersecurity best practices
- Ensured timely completion of mandatory training and maintained compliance with organizational policies
- Configured and executed phishing simulation campaigns to assess employee susceptibility
- Analyzed simulation results to identify high-risk users and departments
- Recommended targeted follow-up training to improve awareness and reduce click rates
- Monitored security events and alerts using SIEM tools to detect and respond to potential threats
- Investigated suspicious activities, unauthorized access attempts, and anomalies across cloud and on-prem systems
- Performed log analysis using data from Microsoft Entra ID and Azure Activity Logs
- Collaborated with IT teams to patch systems and validate remediation through re-scans
- Managed user identities, groups, and roles in Microsoft Entra ID
- Implemented RBAC (Role-Based Access Control) and enforced least privilege access
- Secured cloud environments in Microsoft Azure and Google Cloud Platform by enforcing security best practices
- Participated in incident response activities including identification, containment, eradication, and recovery
- Documented incidents and performed root cause analysis to prevent recurrence
- Monitored endpoint activity using EDR platforms such as Microsoft Defender for Endpoint to detect malicious behavior
- Investigated alerts related to malware, ransomware, phishing, and suspicious processes
- Responded to endpoint security incidents by isolating compromised systems and terminating malicious processes
- Performed root cause analysis and ensured full remediation of threats
- Coordinated with IT teams to re image systems, patch vulnerabilities, and restore services
- Conducted proactive threat hunting using EDR telemetry (process trees, command-line activity, registry changes)
- Identified Indicators of Compromise (IOCs) and Indicators of Attack (IOAs)
- Documented incident findings and remediation actions for audit readiness
- Worked with SOC, IT, and network teams to coordinate endpoint incident response
- Analyzed suspicious emails for phishing, spoofing, malware, and business email compromise (BEC) attacks
- Investigated email content, attachments, and embedded URLs to identify malicious indicators
- Classified and escalated confirmed threats based on severity and impact
- Performed detailed email header analysis (SPF, DKIM, DMARC) to validate sender authenticity
- Identified spoofed domains and impersonation attempts targeting executives and users
- Utilized Microsoft Defender for Office 365 to detect, quarantine, and remediate malicious emails
- Reviewed and released/quarantined emails based on security assessment
- Responded to reported phishing emails by removing malicious messages from user mailboxes
- Blocked malicious domains, URLs, and sender addresses across the organization
- Coordinated with IT teams to reset compromised accounts and enforce MFA
IAM / Information Security Analyst
TATA Consultancy Services Pvt Ltd
India
07.2016 - 01.2022
- Monitored approximately 50 security alerts per day across EDR, and cloud platforms to identify potential security incidents
- Conducted initial triage of alerts, correlating data from Microsoft Entra ID, Microsoft Defender for Endpoint, and cloud logs
- Prioritized incidents based on severity, business impact, and regulatory requirements
- Performed root cause analysis on security events, including malware infections, phishing attempts, and unauthorized access
- Analyzed endpoint activity, network traffic, and log data to identify Indicators of Compromise (IOCs)
- Documented investigation findings and recommended corrective actions
- Isolated compromised systems and terminated malicious processes to contain threats
- Removed malicious accounts, revoked credentials, and enforced password resets for affected users
- Coordinated with IT and cloud teams to restore affected services and ensure secure operations
- Maintained post-incident documentation to support continuous improvement and compliance requirements
- Recommended security improvements based on incident trends and lessons learned
- Analyzed suspicious emails for phishing, spoofing, malware, and business email compromise (BEC) attacks
- Investigated attachments, embedded links, and headers to detect malicious intent
- Conducted email header analysis to validate sender authenticity (SPF, DKIM, DMARC)
- Identified and reported impersonation attempts targeting executives and sensitive departments
- Traced email origin via IP addresses and relay paths to detect spoofed or malicious domains
- Removed malicious emails from user mailboxes and blocked dangerous senders or domains
- Extracted and analyzed Indicators of Compromise (IOCs) from emails (URLs, file hashes, domains)
Education
Bachelor of Science - Computer Science
Telangana University
India03.2016
Skills
- Identity Lifecycle Management
- Role-Based Access Control (RBAC)
- Authentication & MFA
- Conditional Access
- Governance & Compliance
- Security Monitoring
- Identity and Access Management
- Azure Cloud Security
- Microsoft Entra ID
- Information Security
- Privileged System Administration
- Security Trainings
- Malware Analysis
- Email Security
- GCP Access Management
- Azure Access Management
Certification
- Microsoft Certified: Identity and Access Administrator
- Microsoft Certified: Azure Security Engineer
- Certified Ethical Hacker v11
Timeline
IAM / Information Security Analyst
SMBC
07.2023 - Current
Senior Information Security Analyst
Harsco India Services Pvt Ltd
01.2022 - 02.2023
IAM / Information Security Analyst
TATA Consultancy Services Pvt Ltd
07.2016 - 01.2022
Bachelor of Science - Computer Science
Telangana University