🤝 Sai Puneeth Gundamraju

Threat Hunting- Blue/Purple Team simulations at fiserv - M.S in information Assurance and computer security

Alpharetta, GA, United States

Details

Education: Master of Science - MS

Information Assurance and Computer Security

Dakota State University Graduate School

2017 : 2018

Bachelor of Technology (B.Tech.)

Information Technology

SRM University

2012 : 2016

Experience: Cyber operations- Threat Hunting and Intelligence

Crowdstrike Falcon- hunting, incident response, custom IOA rule creation.

Anomali Threat stream, Splunk ES, QRadar SIEM, Resilient Use Case and automated workflows Threat modeling.

Operationalizing Threat Intelligence.

2020 : Present

Fiserv

information security V, Advisory I

SOC-Email security- Triage -Threat hunting- Malware analysis

corporate Endpoints security.

• Assisting Malware and forensics team as a forensics Investigator for the corporate environment.

• Maintaining, Analyzing and Incident response for Phishing Emails for Malicious Emails.

• Threat Hunting for protecting corporate endpoints using multiple sources and manually importing to the integrated - Anomaly threat stream.

• Assisting Malware analysis with Incident Triage using Carbon Black Response.

• Email Security Using Fire Eye ESS, O365 Security Appliance.

• Managing and closing Service Now Tickets.

• Tire II Endpoint Incident response using Carbon black Response and Cloud strike.

• Developing & assisting Mail policies and Improving email security.

• Using Yara Rules to detect and analysis of malware.

• An active member of Cyber security Incidence response team.

• Phishing expert.

• WAF imperva- Incapsula monitoring and analysis.

2018 : 2020

Fiserv

CSIRT Security analyst/Forensic Investigator Tech lead - Fiserv (Client)

SOC | SIEM | INTERNAL SELF RISK & Cyber-security ASSESSMENT

Threat intelligence- Incident handling- Forensic analysis - Security Engineering.

Maintaining technical proficiency in the use of tools, techniques, and countermeasures.

Monitor social media, blogs, and vendor product websites for recently emerging Threats and presenting to the team.

Configuring and Automating Backups.

Communicating tactical threat information to assist in defensive mitigations.

Creating a comprehensive cybersecurity risk assessment tool by integrating NIST -800-53, ISO 27001 : 2013 and HIPAA Security Rule 45 for Internal, Vendor, and Meaningful usage.

configuring and creating Vulnerability Reports, SIEM -Log monitoring and User behavior Investigations

Firewall administration and log investigation, IPS, Email Security using Industry standard Softwares and products.

2018 : 2018

Sanford Health

Intern- IT Security

Madison, South Dakota

Scanning network infrastructure for security vulnerabilities.

Exposing any vulnerabilities in host network and analyzing risk rate.

Documentation and testing of vulnerabilities found and report on safety measures to safeguard from attacks.

Social Engineering attacks/ Training .

Security audits and analysis of different branches of IT.

2018 : 2018

HealthPOINT Security Services

Penetration Tester at CAHIT - Healthpoint

Was an active crew member of Sodexo kitchen and catering services by making Pizza, cleaning the tables and managing the cashier's window and cash.

2017 : 2018

Sodexo

Crew Member

Company: Fiserv

Years of Experience: 9

Spoken Language: English, Hindi, Tamil, Telugu

Skills

Communication, Computer Security, CSIRT, Cybersecurity, Cyber Threat Hunting (CTH), Cyber Threat Intelligence (CTI), Digital Forensics, ECSA, Emerging Trends, Ethical Hacking, Firewalls, Forensic Toolkit (FTK), Incident Response, Information Security, ISO 27001, Leadership, Linux, Management, Mitigation Strategies, Nessus, Network Administration, Network Management Applications, Network Security, NIST 800-53, penetration Testing, Photography, Python (Programming Language), Risk Assessment, Risk Management, Security, Security Information and Event Management (SIEM), Security Operations, Servers, SQL, Threat & Vulnerability Management, Threat Analysis, Threat Detection, U.S. Health Insurance Portability and Accountability Act (HIPAA), Unix, Vulnerability Assessment

About

• 4 + years of research-driven Information and IT security professional with solid knowledge in CSIRT ,Penetration Testing, SOC analysis, and Risk management.

• Successfully completed Penetration testing projects for Financial Institutions, Non-profits, Healthcare, Media and IT Services domains.

• Experience in Monitoring and configuring Endpoint Security tools such as Cisco AMP ,Visibility, Umberella, Checkpoint Firewall, Cisco Firepower with Sourcefire(IDPS), and LogRythm SIEM.

• Understanding and

• Certified Ethical Hacker v9 (April 2016 to April 2019) and Ec- Council Certified Security Analyst v9 (Apil 2017 to April 2020).

• Created Infroamtion Security policies, Standards, Guidelines and security awareness campings for startups for maintaining IT security and protecting their assets.

• Performing Risk-Based External Audits for compliance and adequacy review of Small Business. Review and update Systems security plans against HIPPA, NIST 800-53 and ISO 27001 requirements.

• Initiated and achieved the capabilities of detecting and alert suspicious activity by monitoring logs of network and user activity.

• Efficiently communicated through written and verbal means to co-workers, clients and senior leadership.

• Familiar with Forensic Investigation methodologies, tools like FTK, Registry Viewer, and Flywire. Good at pattern analysis with strong moral and ethical code.