Akhil Panasa, CISSP
Associate Manager
Hyderabad
Summary
Cybersecurity Specialist with proficiency in online security research, planning, execution and maintenance. Skilled at training internal users on security procedures and preventive measures. Responsible for analysis, prevention of data loss, service interruptions, provide comprehensive secure network design, systems analysis, and full information lifecycle, focusing on IT solutions and business objectives. As Information Security Analyst, responsible for operation, support, development, and implementation of information systems and related components. Establish and maintain effective communications and relationships within and across teams, business areas, and vendors. Deal with incident identification, assessment, quantification, reporting, communication, mitigation and monitoring. Revise and develop Standard Operating Procedures (SOP) to strengthen the current Security Operations Framework (SOF). Possess broad knowledge of security technologies, processes and strategies.
Overview
9
9
years of professional experience
11
11
Certifications
Work History
Associate Manager
AlliantGroup Talent India PVT LTD
07.2023 - Current
- Implementation of SOAR, configuration, and enhancement of Incident response playbooks as per the client environment.
- Identification of Cybersecurity emerging trends and attack methodologies based on investigations, internal/external threat feeds and open-source threat intelligence.
- Identification of new rules to be created or existing rules to be customized based on identified trends, attack methodologies and emerging threats.
- Creation of MDR Content and development of new detection rules based on MITRE ATT&CK framework, new use case creation and finetuning of existing use cases to reduce false positives.
- Installation and configuration of EDR tools such as CrowdStrike and SentinelOne in the client environment for monitoring of end points.
- Experience in administering EDR tools like CrowdStrike and SentinelOne.
- Helping in creation of policies and developing prevention rules in the EDR tools to block suspicious threats.
- Integration of incremental threat feeds and gathering threat intelligence from multiple external sources.
- Implemented a threat hunting program from scratch, including the development of playbooks and automation scripts, resulting in early detection of critical security incidents.
- Conducted in-depth investigations into security alerts and incidents, successfully identifying and neutralizing previously undetected threats.
- Creation and continuous review and update of Incident Response plans and playbooks on a recurring basis. Creation of RFP documents for new clients, assisting sales and business development teams to help land new clients.
- Developed custom threat hunting queries in securonix to detect and respond to advanced persistent threats, enhancing the organization's security posture.
- Led a team in proactively identifying and mitigating security threats through threat hunting techniques, resulting in a 30% reduction in potential security incidents.
- Configuration of vulnerability scans to identify vulnerabilities in client environment and preparation of reports to review the security posture of the client.
- Work with Business Development (Sales) teams to provide technical demonstrations of the MDR, EDR and VM solutions to prospect clients and identify areas to upsell the services to existing clients.
- Conduct weekly, monthly, and quarterly reviews for clients to review their security posture and help them secure their environment.
- Manage a team of 28 security analysts and engineers and mentor them to grow technically and professionally.
- Monitor the internal KPI’s of the SOC Team and maintain the SLA’s agreed with the clients.
- Conduct quarterly performance reviews with the team and identify improvement areas to provide better services to clients.
Senior SOC Analyst
G42 (Kaspersky)
4 2021 - 06.2023
- Analyzing the logs from different network and endpoint devices that are forwarded to the SIEM tool Splunk and Corelight NDR, utilizing MITRE ATT&CK and Cyber Kill Chain frameworks for enhancing investigation
- Made sure to meet service level agreements regarding response time and client notification
- Documented, contained security incidents detected on network and documented weekly & monthly reports of security incidents and shared it with clients
- Working closely in tuning, evaluating and resolving security incidents escalated by team and occasionally performing threat hunts by correlating information
- Create process documents and run-books for analysts for new use cases moving in production
- Identification and designing of use cases that address specific enterprise needs for effective alert triggering and firing of Security Events
- Test new correlation content provided by engineering team and use cases using Splunk SIEM filters, rules, data monitors, and proper identification of incidents and their pattern and suggested tuning recommendations and new content to engineering team to provide more value. Recommend improvements in security systems and procedures
- Played key role by suggesting multiple tuning requests in bringing down alert volume (from ~200/week to ~40/week) on daily basis
- Also, worked on ad-hoc requests as received and helped them in identifying potential risks in their environment
- Responsible for knowledge sharing sessions to analysts teams which include ongoing security threats, Security tool knowledge, Networking concepts
- Gained profound knowledge on Splunk with exposure to multiple Splunk projects
- Also, certified Splunk Power User and currently pursuing Splunk Certified Admin certification
Senior Security Consultant
IBM
05.2020 - 04.2021
- Served as operations lead for SOC team and L3 threat analyst supporting core IT Security processes which includes AV/Malware, Sandbox testing and Reporting
- Organized knowledge sharing sessions to both L1 and L2 teams which include ongoing security threats, Security tool knowledge, Networking
- Review existing content, to work on fine tuning and reducing the false positive count and threat hunting by correlating information from multiple sources for identifying hidden vulnerabilities in the environment and reporting to the client
- Serving Ad-hoc requests for clients by helping them with detail and in-depth investigation on malware operations and providing them suitable recommendations and actionable items
- Responsible to handle entire team across 3 shifts 24/7 which include training, plus one, review, creating shift schedules and feedback reports for Analysts
- Received multiple client appreciation awards and EDR team of the year 2021 award
- Handling client calls and creating weekly and monthly reports of Infrastructure and work delivered for client using PowerBi and PowerPoint presentation.
Senior Security Analyst
NETSURION TECHNOLOGIES
01.2020 - 05.2020
- Work involved to deal with SIEM specific event analysis using SIEM tool Event Tracker
- Good working experience on End point security tools- Carbon Black, Crowd strike and SEP
- Performed several threat hunts by correlating information from multiple sources
- Understanding tickets raised by L1 team and carry on investigations, escalate them to client
- Thoroughly understand technological requirements for client systems and assist in providing guidelines to effectively mitigate security risks
- Create process documents and runbooks for analysts for multiple use cases
- Handle issues with proxy services that effect internet availability to users and handling emergencies in this front.
Senior Cyber Security Analyst
DELOITTE
04.2016 - 01.2020
- Served as primary SPOC and L2 analyst
- Attended SANS SEC504 training at Miami, USA and gained good knowledge on various attacker tools and methodologies
- Critically analyze virus samples and new software in multiple sandboxing environments like Any run, Cuckoo, Joe Sandbox, IBM exchange and so on
- Experience in evaluating and resolving Network Security incidents escalated by L1 team
- Received Spot Award thrice and Outstanding Award once for analysis in Threat hunt and for raising high number of tuning requests for client at Deloitte
- Supporting core IT Security processes and technologies including Internet content/filtering, DLP, AV/Malware, Sandbox testing, DB monitoring, IT System Compliance with Security Policy/Standards, Reporting
- Raised 27 tuning requests for US Client over very short time, thus reducing workload
- Threat hunting for identifying hidden vulnerabilities in environment and reporting to client
- Schedule SPOC for SOC team, to ensure all availability of analysts for backup and client coverage to provide 24x7 monitoring
- Speaker of complete QRadar training in USA as well India for new onboarding analysts
- Tuning, whitelisting, and writing rule logics for new use cases in QRadar and Splunk SIEM.
- Serving Ad-hoc requests for clients by helping them with detail and in-depth investigation on malware operations and providing them suitable recommendations and actionable items
- Provided multiple knowledge sharing sessions on security tools, to L1 analysts
- Created multiple Playbooks/Runbooks which help new hires to understand use case and how to handle alerts
- Created multiple dashboards and saved searches in QRadar to simplify process of analysis, monitor IOC hits. SIEM specific event analysis using SIEM tools but are not limited to QRadar, Nitro, and Splunk
- Looking for suspicious and malicious activities, categorizing the events & raise necessary cases such as Operational, Health and Tuning request aspects along with security incidents for the issue resolution/security investigation
- Worked for “Threat Intel Analytics” team to gain knowledge on Brand Monitoring alerts, Key Word alerts and creating threat notification reports.
CSA
AMAZON
08.2015 - 04.2016
- CSA for Amazon UK returns and replacement team
- To help customers to all their queries, related to returns and replacements as per UK policies and guidelines handling more than 120 customers every day
- To take care of escalation chats from customers from erred customers.
Education
Bachelor of Engineering - Electronics And Communications Engineering
M.V.S.R Engineering College
Hyderabad 01.2011 - 2015.04
Skills
Splunk
QRadar
Securonix
CrowdStrike
Symantec Endpoint Protection
Threat Connect
Cybereason
Wireshark
Corelight NDR
ProofPoint
Employee performance evaluation
Performance Evaluation
Hiring and Training
Certification
CISSP (Ceritified Information Security Professional)
Accomplishments
- Delivered multiple trainings on security threats and mitigation procedures across USA and India and received multiple spot, outstanding and client appreciation awards.
- Received multiple awards from clients and management during my tenure with IBM, G42 and Alliant Group. Leader of best EDR team of the year 2021.
- Performed comprehensive investigations of security breaches and implemented appropriate solutions.
- Supervised team of 10 analysts in IBM.
- Supervising a team of 28 analysts comprising of L1s, L2s and Team leads.
Timeline
Associate Manager
AlliantGroup Talent India PVT LTD
07.2023 - Current
Senior Security Consultant
IBM
05.2020 - 04.2021
Senior Security Analyst
NETSURION TECHNOLOGIES
01.2020 - 05.2020
Senior Cyber Security Analyst
DELOITTE
04.2016 - 01.2020
CSA
AMAZON
08.2015 - 04.2016
Bachelor of Engineering - Electronics And Communications Engineering
M.V.S.R Engineering College
01.2011 - 2015.04
Senior SOC Analyst
G42 (Kaspersky)
4 2021 - 06.2023
Similar Profiles
Harika KoppisettiHarika Koppisetti
Service Desk Associate at Alliantgroup India Talent Private LimitedService Desk Associate at Alliantgroup India Talent Private Limited
Devender VeeramneniDevender Veeramneni
Associate Manager at Alliantgroup India Talent Private LimitedAssociate Manager at Alliantgroup India Talent Private Limited
Raghuram TungalaRaghuram Tungala
Associate Manager at Alliantgroup India Talent Private LimitedAssociate Manager at Alliantgroup India Talent Private Limited