Summary
Overview
Work History
Education
Skills
Websites
Certification
Availability
Work Authorization
Project Highlights
Core Competencies
Timeline
Generic

Sriram Vaddepelli

Charlotte

Summary

Dynamic SOC Analyst with proven expertise at Fannie Mae, achieving a 20% reduction in false positives through advanced threat investigations. Proficient in Splunk and Python, specializing in automation of security processes. Strong collaboration skills enhance team effectiveness in security posture and incident response. Detail-oriented focus on vulnerability management drives continuous improvement.

Overview

5
5
years of professional experience
1
1
Certification

Work History

SOC Analyst

Fannie Mae
05.2024 - Current
  • Investigated advanced threats with Splunk, resulting in 20% reduction of false positives.
  • Conducted root-cause analyses and post-incident reviews for zero-day threats.
  • Automated recurring SOC tasks through Python, saving over 10 hours weekly.
  • Collaborated with engineering teams to patch vulnerabilities, achieving 95% SLA.
  • Evaluated current policies to identify gaps in existing controls.
  • Conducted vulnerability assessments of IT systems and applications.
  • Developed and implemented strategies to detect emerging cyber threats.
  • Analyzed logs from various sources including web servers, application servers, databases, IDS and IPS systems. for possible security breaches.
  • Developed scripts and automation tools for efficient log management operations.
  • Maintained up-to-date knowledge of cyber threat landscape by researching latest attack trends and techniques used by attackers.
  • Collaborated with internal teams to improve system performance and enhance overall security posture of the organization's infrastructure.
  • Investigated advanced persistent threats in order to understand their behavior patterns.
  • Installed firewalls, intrusion detection systems, anti-virus software and other security measures to protect networks from outside attacks.
  • Responded promptly to any reported issues or alerts related to system or network security.
  • Created detailed reports outlining the findings of investigations into security events or incidents.
  • Assisted in designing effective risk mitigation plans based on identified risks.
  • Conducted regular penetration tests to assess the effectiveness of existing controls against known vulnerabilities.
  • Provided ongoing support during incident resolution process ensuring successful containment and eradication of malware infections.
  • Monitored network traffic for suspicious activity using SIEM tools such as Splunk and LogRhythm.
  • Identified security threats, vulnerabilities and potential malicious activities through log analysis.
  • Performed incident response and root cause analysis on security incidents.
  • Implemented processes to ensure compliance with industry regulations such as PCI DSS, GDPR, HIPAA.
  • Ensured that all security protocols are being followed within an organization's environment.
  • Coordinated security updates to avoid outages and downtime.
  • Investigated information security breaches to identify vulnerabilities and evaluate damage.
  • Analyzed security procedure violations and developed plans to prevent recurrence.
  • Educated individuals on complex computer terms using easy-to-understand wording.
  • Designed, implemented, and maintained security systems and controls.
  • Conducted record searches and coordinated with other units on procedural problems involving complex cases.
  • Collaborated with stakeholders to implement and update disaster recovery plans.
  • Analyzed system risk to identify and implement appropriate security countermeasures.
  • Designed and implemented plans to secure computer files against breach, destruction, or accidental modification.
  • Audited networks and security systems to identify vulnerabilities.
  • Learned about latest security threats from blogs and online publications.
  • Reviewed security bulletins and vulnerability patch releases.
  • Built firewalls and encrypted data to secure confidential information.
  • Worked closely with fellow security personnel to remedy and alleviate technology issues.
  • Promoted security awareness among employees and clients to alleviate risks and breaches.
  • Researched and designed advanced computer forensic tools.
  • Updated computer security policies and procedures upon learning of new risks.
  • Used penetration testing tools to identify weaknesses in security systems.
  • Made recommendations to improve security procedures and systems.
  • Mentored junior employees in departmental activities and procedures.

SOC Analyst (Part-Time)

Campbellsville University
08.2023 - 05.2024
  • Monitored endpoint activity, firewall, and system logs utilizing Splunk for threat detection.
  • Investigated phishing attempts, insider threats, and brute-force login anomalies to enhance security posture.
  • Conducted vulnerability scans and documented findings to support effective patch management.
  • Performed web application penetration tests to identify misconfigurations and injection vulnerabilities.
  • Created incident reports for university IT leadership, leveraging MITRE ATT&CK mapping for clarity.
  • Assisted in designing effective risk mitigation plans based on identified risks.
  • Evaluated current policies to identify gaps in existing controls.
  • Collaborated with internal teams to improve system performance and enhance overall security posture of the organization's infrastructure.
  • Created detailed reports outlining the findings of investigations into security events or incidents.
  • Identified security threats, vulnerabilities and potential malicious activities through log analysis.
  • Analyzed logs from various sources including web servers, application servers, databases, IDS and IPS systems. for possible security breaches.
  • Installed firewalls, intrusion detection systems, anti-virus software and other security measures to protect networks from outside attacks.
  • Conducted vulnerability assessments of IT systems and applications.
  • Developed and implemented strategies to detect emerging cyber threats.
  • Conducted regular penetration tests to assess the effectiveness of existing controls against known vulnerabilities.
  • Performed incident response and root cause analysis on security incidents.
  • Implemented processes to ensure compliance with industry regulations such as PCI DSS, GDPR, HIPAA.
  • Monitored network traffic for suspicious activity using SIEM tools such as Splunk and LogRhythm.
  • Maintained up-to-date knowledge of cyber threat landscape by researching latest attack trends and techniques used by attackers.
  • Provided ongoing support during incident resolution process ensuring successful containment and eradication of malware infections.
  • Ensured that all security protocols are being followed within an organization's environment.
  • Responded promptly to any reported issues or alerts related to system or network security.
  • Developed scripts and automation tools for efficient log management operations.
  • Investigated advanced persistent threats in order to understand their behavior patterns.
  • Audited networks and security systems to identify vulnerabilities.
  • Conducted record searches and coordinated with other units on procedural problems involving complex cases.
  • Made recommendations to improve security procedures and systems.
  • Investigated information security breaches to identify vulnerabilities and evaluate damage.
  • Collaborated with stakeholders to implement and update disaster recovery plans.
  • Built firewalls and encrypted data to secure confidential information.
  • Researched and designed advanced computer forensic tools.
  • Worked closely with fellow security personnel to remedy and alleviate technology issues.
  • Used penetration testing tools to identify weaknesses in security systems.
  • Updated computer security policies and procedures upon learning of new risks.
  • Learned about latest security threats from blogs and online publications.
  • Promoted security awareness among employees and clients to alleviate risks and breaches.

SOC Analyst

Media Mint
Hyderabad
06.2021 - 04.2022
  • Executed threat detection, incident response, and vulnerability scanning processes.
  • Contributed to internal red-teaming efforts, producing actionable reports.
  • Developed PowerShell scripts for log parsing, enhancing threat visibility.
  • Supported web penetration testing of campaign portals, escalating high-risk issues.
  • Evaluated current policies to identify gaps in existing controls.
  • Conducted vulnerability assessments of IT systems and applications.
  • Analyzed logs from various sources including web servers, application servers, databases, IDS and IPS systems. for possible security breaches.
  • Developed and implemented strategies to detect emerging cyber threats.
  • Developed scripts and automation tools for efficient log management operations.
  • Maintained up-to-date knowledge of cyber threat landscape by researching latest attack trends and techniques used by attackers.
  • Collaborated with internal teams to improve system performance and enhance overall security posture of the organization's infrastructure.
  • Investigated advanced persistent threats in order to understand their behavior patterns.
  • Installed firewalls, intrusion detection systems, anti-virus software and other security measures to protect networks from outside attacks.
  • Responded promptly to any reported issues or alerts related to system or network security.
  • Created detailed reports outlining the findings of investigations into security events or incidents.
  • Assisted in designing effective risk mitigation plans based on identified risks.
  • Conducted regular penetration tests to assess the effectiveness of existing controls against known vulnerabilities.
  • Provided ongoing support during incident resolution process ensuring successful containment and eradication of malware infections.
  • Monitored network traffic for suspicious activity using SIEM tools such as Splunk and LogRhythm.
  • Performed incident response and root cause analysis on security incidents.
  • Identified security threats, vulnerabilities and potential malicious activities through log analysis.
  • Implemented processes to ensure compliance with industry regulations such as PCI DSS, GDPR, HIPAA.
  • Ensured that all security protocols are being followed within an organization's environment.
  • Coordinated security updates to avoid outages and downtime.
  • Investigated information security breaches to identify vulnerabilities and evaluate damage.
  • Analyzed security procedure violations and developed plans to prevent recurrence.
  • Educated individuals on complex computer terms using easy-to-understand wording.
  • Designed, implemented, and maintained security systems and controls.
  • Conducted record searches and coordinated with other units on procedural problems involving complex cases.
  • Collaborated with stakeholders to implement and update disaster recovery plans.
  • Analyzed system risk to identify and implement appropriate security countermeasures.

Cybersecurity Intern

Adiroha Solutions OPC Pvt. Ltd.
Hyderabad
05.2020 - 08.2020
  • Performed manual and automated web application penetration testing using Burp Suite, OWASP ZAP, and Nikto.
  • Identified and reported critical vulnerabilities such as SQL injection, XSS, IDOR, and security misconfigurations.
  • Conducted security assessments aligned with the OWASP Top 10 framework and provided remediation strategies.
  • Collaborated with developers to fix high-risk flaws and retested for validation.
  • Documented technical findings in structured vulnerability reports and presented them to senior engineers.
  • Gained experience with reconnaissance tools and methodologies used in ethical hacking workflows.
  • Tracked reported incidents using ticketing systems for further investigation.
  • Provided technical support to end users regarding computer security issues.
  • Conducted risk assessments of existing information systems.
  • Developed and implemented security protocols to protect corporate networks and systems.
  • Documented processes for responding to cyber threats in accordance with industry standards.
  • Coordinated with remote IT personnel to resolve any issues related to network security.
  • Assisted in the development of incident response plans, procedures, and policies.
  • Evaluated the effectiveness of existing security infrastructure by running penetration tests.
  • Analyzed log files for suspicious activities related to cybersecurity events.

Education

Master of Science - Computer Science

Campbellsville University
Campbellsville, KY, USA
05.2024

Bachelor of Technology (B.Tech) - Information Technology

CMR Engineering College
Hyderabad, India
06.2021

Skills

  • Splunk
  • QRadar
  • LogRhythm
  • AlienVault
  • Nessus
  • Qualys
  • OpenVAS
  • Nexpose
  • Kali Linux
  • Metasploit
  • Burp Suite
  • OWASP ZAP
  • Nikto
  • OWASP Top 10
  • SQLi
  • XSS
  • CSRF
  • RCE
  • SSRF
  • Wireshark
  • Snort
  • Suricata
  • VPNs
  • IDS/IPS
  • AWS (IAM, S3)
  • Azure (NSG, IAM)
  • Python
  • Bash
  • PowerShell
  • Threat hunting
  • Phishing analysis
  • Log correlation
  • NIST
  • MITRE ATT&CK
  • ISO 27001
  • HIPAA
  • CIS Controls
  • Threat detection
  • Incident response
  • Vulnerability management
  • Log analysis
  • Scripting automation
  • Security assessments
  • Network security
  • Data analysis
  • Risk assessment
  • Collaboration skills
  • Attention to detail
  • Mobile security
  • Wireshark usage
  • Physical security
  • TCP and IP protocols
  • Endpoint security
  • Security analysis
  • Bash scripting
  • Threat intelligence
  • Encryption techniques
  • Data loss prevention

Certification

  • CompTIA Security+ (SY0-701), CompTIA, 05/01/28
  • Certified Ethical Hacker (CEH)
  • Usable Security, University of Maryland (Coursera), 05/01/20
  • Learn Ethical Hacking and Penetration Testing Online, Udemy, 05/01/25
  • Python Complete Course for Python Beginners, Udemy, 05/01/25
  • Wireshark: Packet Analysis and Ethical Hacking Core Skills, Udemy, 05/01/25

Availability

Immediate

Work Authorization

OPT – Open to H1B Sponsorship

Project Highlights

  • Developed SOC playbooks for phishing, insider threat, and ransomware.
  • Reduced alert fatigue by 30% by optimizing correlation rules.
  • Delivered cyber risk dashboards for executive reporting.
  • Participated in pen-testing simulations, closing 15+ high-priority vulnerabilities.
  • Conducted web app vulnerability assessments (XSS, SQLi, CSRF) and documented impact reports.
  • Mentored junior analysts on triage and escalation procedures.

Core Competencies

Splunk, QRadar, LogRhythm, AlienVault, Nessus, Qualys, OpenVAS, Nexpose, Kali Linux, Metasploit, Burp Suite, OWASP ZAP, Nikto, OWASP Top 10, SQLi, XSS, CSRF, RCE, SSRF, Burp Suite, Wireshark, Snort, Suricata, VPNs, IDS/IPS, AWS (IAM, S3), Azure (NSG, IAM), Python, Bash, PowerShell, Threat hunting, phishing analysis, log correlation, NIST, MITRE ATT&CK, ISO 27001, HIPAA, CIS Controls

Timeline

SOC Analyst

Fannie Mae
05.2024 - Current

SOC Analyst (Part-Time)

Campbellsville University
08.2023 - 05.2024

SOC Analyst

Media Mint
06.2021 - 04.2022

Cybersecurity Intern

Adiroha Solutions OPC Pvt. Ltd.
05.2020 - 08.2020

Master of Science - Computer Science

Campbellsville University

Bachelor of Technology (B.Tech) - Information Technology

CMR Engineering College

Similar Profiles

CREATE PROFILE
Sriram Vaddepelli