G Narendra

Operations Associate

Bengaluru, Karnataka, India4 yrs 5 mos experience

Highly Stable

Key Highlights

Expert in SIEM monitoring and incident response.
Proficient in Microsoft Sentinel and EDR investigations.
Strong background in threat detection and reporting.

Stackforce AI infers this person is a Cybersecurity Analyst specializing in incident response and threat detection.

Contact

Skills

Core Skills

Incident Response & Soc OperationsSecurity Information And Event Management (siem)

Other Skills

Microsoft Defender for EndPoint (EDR)Microsoft Azure Logic AppsKusto Query Language (KQL)Microsoft SentinelPhishingSecurity MonitoringEmail SecurityThreat Detection & Log AnalyticsNetwork SecurityCyber Kill Chain FrameworkInformation SecurityCybersecurityCloud SecuritySumo LogicMicrosoft Defender for EndPoint

About

As a SOC Analyst at Wipro since October 2021, I contribute to 24/7 operations by ensuring robust cybersecurity through SIEM monitoring, incident response, and EDR investigations. My work involves using Microsoft Sentinel and Sumo Logic to analyze security alerts, distinguish true positives from false positives, and address potential threats like brute-force attacks and suspicious logins. I collaborate with the team to investigate incidents and maintain operational health through structured processes and detailed handovers. My technical expertise includes utilizing Microsoft Defender for Endpoint, KQL, and Azure Logic Apps to support threat detection and automation through SOAR playbooks. I also reference the MITRE ATT&CK framework to classify threats and stay updated on emerging attack patterns. Holding multiple Microsoft certifications, I am committed to building a secure environment and contributing to the development of comprehensive SOPs and security reports aligned with client needs.

Experience

Wipro

SOC Analyst

Oct 2021 – Present · 4 yrs 5 mos · Hyderabad, Telangana, India · Hybrid

I'm part of the 24/7 SOC operations team, where I focus on continuous monitoring and structured incident response. My role is centered on the daily operational health of the environment from managing the incident ticketing Life-Cycle to ensuring detailed shift handovers so that no security event goes unaddressed.
Core Responsibilities:
SIEM Monitoring & Triage: I use Microsoft Sentinel and Sumo Logic daily to monitor dashboards and detect potential threats. I focus on analyzing alerts to accurately distinguish between True Positives and False Positives, especially regarding brute-force and suspicious logins.
EDR Investigations: When host-level alerts trigger, I utilize Microsoft Defender for Endpoint to perform deep-dive investigations. I analyze process trees and device timelines to identify any malicious activity at the endpoint level.
Email Security: I investigate phishing reports and potential Business Email Compromise (BEC) attempts using ProofPoint to analyze email headers and malicious attachments.
Reporting & Documentation: I prepare daily, weekly, and monthly security reports to track incident trends. I also actively update SOP Runbooks for recurring alerts to ensure the team follows a consistent response process.
Technical Exposure & Growth:
Beyond my core duties, I have recently started participating in Root Cause Analysis (RCA) for complex incidents. I have begun referencing the MITRE ATT&CK framework and Threat Intelligence feeds during my investigations to better understand adversary tactics. Furthermore, I am gaining hands-on exposure to our SOAR playbooks and Logic Apps for basic response automation, such as automatically blocking malicious IPs or isolating compromised accounts. I have also started exploring Sentinel’s AI features to identify behavioral anomalies.

Microsoft Defender for EndPoint (EDR)Microsoft Azure Logic AppsKusto Query Language (KQL)Security Information and Event Management (SIEM)Microsoft SentinelIncident Response & SOC Operations+9