Gabbi Sivakumar

Bangalore, 560036 E-Mail: [email protected]

Experience: 6+ years Mobile: +91-8050661777

Objective:

Seeking an opportunity to boost my career as successful information security professional with a major
global organization.

Summary:
➢ Having 6.2 Years of experience in Security Operations Centre, SIEM,Monitoring and Security
implementation in information security.
➢ Presently associated with Deloitte , Bangalore as Assistant Manager.
➢ Skilled at utilizing Security Information and Event Management (SIEM), Intrusion Detection &
Prevention (IDS/IPS), and Malware Analysis Tools.
➢ Skilled at utilizing Azure Sentinel & Qradar for analyzing logs and monitoring Alerts.
➢ Adopted industry accepted Information Security and IT standards & guidelines for recommending
solutions, improvements, managing assessment, identification / remediation of enterprise
information technology and security risks
➢ Analytical, skilled and quality-oriented professional with an eye for detail.
➢ Comprehensive understanding of networking concepts pertaining to LAN, WAN, Security networking
& Security devices.
➢ Involved in Incident Response, Malware Analysis, and IDS/IPS Analysis.
➢ Good understanding of security solutions like Antivirus, Proxy, Firewall, IPS, Email security etc.

Professional Experience:
February 2024 to Till with Deloitte , Bangalore as Assistant Manager
• Responsible for monitoring & managing the 24*7 SOC operation.
• Actively we have to monitor Resilient SOAR, Handling the High Priority Cases Such as Malware, Phishing
& High risky user & Network related alerts.
• Must perform route cause analysis for all malware & Phishing cases.
• If any true positive cases found ,We have to collect all IOCs block at respective security tools
• For phishing cases – we have to block the sender domain at Abnormal security level & purge the all
the email at Abnormal security Level.
• For the low & Medium cases which are handled by the L1 people need to perform the QC.
• Need to assist to L1 people ,If they face any challenges.
• Need to check the service now cases which are escalated by the end users.
• For analyzing the alerts ,We are using MDR,XDR,EDR & cofense & SOAR technologies

October 2021 to February 2024 with Cognizant, Bangalore as Associate Consultant

• Responsible for monitoring & managing the 24*7 SOC operation.
• Monitoring the alerts in Qradar, Azure sentinel and Symantec DLP.
• Analyze the alerts, finding out the incident whether its legitimate or false positive or true positive
incident.
• Doing the health checks in azure sentinel by using the tab of workbook.
• Monitoring and analyzing the incidents in Symantec DLP find out any data leakage in that mail, if any
leakage found escalate issue to respective superior.
• Adding the IOCs in the Microsoft 365 defender.
• Also Analyze the alerts in Microsoft 365 defender.
• Generating the reports as per the client requirement daily & weekly.
• Analyze mails in shared mailbox, find out that mail is legitimate, spam or malicious mails.
• Completing the tasks before SLA.
• Supporting 24/7
OCT 2019 to OCT 2021 with Sify technologies Limited, Bangalore as Security Engineer
• Monitoring and analysis of network traffic through security appliances like McAfee
• Analysis of events and alerts in McAfee ESM for whole organization.
• Gathering report of analyzed noisy and global hit alerts and events on McAfee ESM
• 2Monitor real-time security events on SIEM (ArcSight) console and Event Analysis and Investigating
and mitigation.
• Working on incidents and reviewing the alerts and do detailed analysis on alerts.
• Hands on experience on the Incident Response activities like malware analysis.
• Working on assign ticket queue and understanding and exceeding expectations on all
• tasked SLA commitments.
• Track and report on closure of tickets as per SLA.
• Escalating issues to level2 (or) level3 and management when necessary.
• Knowledge of SIEM technologies and platform such as Q-Radar.
• Watch Active Channels/ Dashboards and create annotations Investigate incidents using
• Active Channels/ Dashboards/Events/Graphs/Annotations and reports.
• Regular health checks monitoring, log analysis and reporting.
• Perform security SIEM operational task-Analysis, Optimization, Filters, Active channels,
• Reports, Field sets.
• Good understanding on different types of attacks.

November 18 – SEP19 with Genpact India Pvt.ltd, Hyderabad as Soc Analyst

• Monitoring and analyzing 2nd Level Offenses in Realtime Events from the Security
• Also Analyses the Malware Incidents in Symantec MSS tools
• Takes care of Incidents with Different Domain.
• Also takes care of MAC Binding in Genpact Network Single handedly.
• Work in Resilient for Ticketing Purpose for all the triggered offenses.
• Good understanding on IPS and working on Wi-Fi access in Mojo tool.
• Monitoring traffic related to browsing activity of the users with the help of UBA (User Behavior
 Analytics).
• Demonstrable experience of analyzing and interpreting system, security and application logs to
diagnose faults and stop abnormal behaviors.
• Aggregate, correlate, and analyze log data from network devices, security devices and other key assets
using Qradar.
• Tracking organization level spam email reported by the resources and sending out inputs to leadership.
• Finding false positive, fine tuning and escalating Security events.

Training & Certifications:

• Ceh V10: ECC6152843097

• AZ900-I388-6481

• SC-900-I493-5162
• CCNA (Trained)

Technical Skills and Tools Worked:

• Network/Security: Palo Alto & Zscaler
• SIEM – Microsoft Sentinel, IBM Qradar, ArcSight ,Google Chronicle & McAfee ESM
• Open-Source Tools:IP Void ,Abuse IP DB,IP quality Checker ,Browserling,URL Void ,Virustotal,URL
scan.IO ,MX tool box ,IBM x force ,Wireshark, & Nmap ,Cisco talos
• Ticketing Tools: Service Now, Resilient & SCCD.
• Phishing Tools: Cofense ,Abnormal Security ,PhishMe Triage and Proofpoint
• Vulnerability Mgmt. Tool: Rapid 7 & Nessus
• Penetration Testing Tool: Burp suite
• EDR: Microsoft 365 defender,Crowdstrike & Mcafee
• DLP TOOL: Symantec endpoint Protection
• XDR : Microsft Defender for XDR
• MDR : Vectra
• Cloud Security: Microsoft defender cloud application security (MDCA)
• Sandbox : Any.run & VMray

Education:
Bachelor of Technology in the Field of Electrical and Electronics Engineering from JNTUA, 2014.

Personal Profile:

Name: Mr. Gabbi Sivakumar

Father’s Name: Mr. Gabbi Subbarayudu
D.O.B: 01st Oct 1992
Languages: English, Telugu

I do hereby declare that all information Furnished above is True to the best of my knowledge.

Date: 26/09/2024 Gabbi Sivakumar