Vadan Karamchedu

*

Executed projects which involve discussing, planning, testing, Proof of Concept for the Security Solutions and ensured customer success via implementation, maintenance and functioning w.r.t. security solutions.

*

Trained and supported teams to help customers learn and implement a variety of security solutions such as EDR, DLP, SIEM, SOAR, Cloud Security (AWS).

*

Worked with diverse teams to gain insights into clients' needs and demands, to deliver tailored security solutions that are in line with their business goals.

*

Defined robust endpoint security controls such as groups, policies, exclusions, reports, file categorization and overlooked deployment of latest versions of EDR solutions such as SentinelOne and Cisco AMP on the Endpoints throughout the environment to ensure compliance.

*

Applied the EDR solutions to quickly understand root causes and the history of events leading up to any suspicious activity or potential threat.

*

Provided consultation to the customers by reviewing and evaluating the existing security systems and infrastructure to identify weaknesses and recommend the right measures and fixes.

*

Worked in a cross-functional environment with multiple teams to ensure that the security solutions are compliant with security frameworks such as MITRE ATT&CK, HIPAA, NIST and PCI-DSS.

*

Helped the clients to implement User Access Management, Role-based access, MFA and executed Security Profiling, User Access Management, Report Generation, Licensing and Data retention.

*

Proactively responded to requests for changes, updates, and improvements to endpoint policies, ensuring optimal security posture.

*

Demonstrated strong communication and documentation skills effectively with high proficiency of Microsoft Office Suite.

*

Continuously monitored and evaluated the effectiveness of Security solutions and adapted strategies based on emerging threats and findings.

*

Captured and shared best-practices, participated, and contributed as a Sr. Cyber Security Consultant to achieve security goals.

*

Collaborated and coordinated with different teams and stakeholders to ensure streamlined and systematic functioning of respective projects.

*

Supported a wide range of Security technologies such as Email Security, Database Security, SIEM, Web Filtering, DLP and Certificate Management.

*

Undertook the maintenance and administration of IBM Guardium DB security solution for the client.

*

Assisted client to run and generate Guardium reports based on the requirement to review activity on a daily basis, annual and monthly basis.

*

Served as a key member of the Security Team in helping the clients to define and deliver the overall security strategy for the segment.

*

Provided security guidance and recommendations necessary to promote successful engagements with the customers.

*

Worked on multiple security projects for different clients with the goal of exceeding compliance objectives.

*

Adept at deciphering malicious activity through log analysis, incident response, and strategic policy optimization.

*

Possess a deep understanding of malware, threats, IOCs, vulnerabilities, and their potential impact on diverse environments.

*

Enabled Aggregation, correlation, and analysis of log data from network devices, security devices and other key assets using Qradar SIEM Solution.

*

Created QRadar based custom views, reports and automated alerting for both operational and security use cases.

*

Provided the architectural guidance and recommendations necessary to promote successful engagements with software partners worldwide.

*

Designed, implemented and tuned DLP Policies for detection of any incidents which are indicative of compromise of sensitive data.

*

Analyzed, identified, and documented best practices to ensure optimal Cybereason EDR-NGAV functionality.

*

Performed capabilities and gap analysis, deployed and tested new versions of Cybereason Test Packages to ensure optimal performance in the production environment.

*

Teamed with Vendors to discuss key findings and issues related to the functioning of endpoint security and escalated them wherever necessary.

*

Effectively applied Mimecast for reviewing suspicious emails, conducting sandbox analysis, creating new and updating existing email security policies. Blocked/Allowed external emails, email IDs, and ensured email backup for particular requirements.

*

Administered access and permissions of various end-users using Microsoft Active directory.

*

Effectively implemented Secure Multi-Factor Authentication in the environment using DUO.

*

Configured various Smartphones and Tablets via Airwatch to help set up highly secure Medical Applications.

*

Ensured proper adherence to all the mandated HIPAA guidelines in implementing various Security Controls for medical personnel.

*

Provided Level 2 support and identified key Malware incidents/campaigns for SOC using Splunk ES, Symantec MSS, Sourcefire, Forescout, Proofpoint, and Phishme.

*

Conducted analysis on email-based malware via Proofpoint and reported suspicious activity.

*

Maintained the overall system health of the SIEM and Smart Connectors by monitoring their performance via active channels and dashboards.

*

Identified, designed, and tuned use cases that addressed specific enterprise needs for effective alert triggering and firing of Security Events to meet enterprise goals.

*

Effectively administered the SIEM with respect to users and permissions.

*

Created reports and trend analyses in the SIEM tool to facilitate the classification and availability of the data being interpreted.

*

Coordinated with On-call, Threat Intelligence, and other departments to analyze threat-related issues, resolve malware outbreaks, identify new security issues, and provide effective resolutions wherever applicable.

*

Monitored phishing activities, enforced controls to bring them down, and reported malicious/uncategorized domains to Websense for appropriate categorization.

*

Conducted daily reviews of McAfee ePO logs and took necessary actions.

*

Monitored the IDS for suspicious network traffic, malicious activity, and potential DDoS attacks.

MS (ISACA Certified course), 2010

University of Salford, United Kingdom

Major: Information Security

BS, Computer Science, 2008

Jawaharlal Nehru Technological University, India (JNTU)

Major: Computer Science