Sharath Reddy

Fine-tuned detections across Sentinel and Defender using KQL/XQL to reduce false positives and improve threat
accuracy.
Designed and implemented Sentinel analytics rules, SOAR playbooks, and automated response workflows using
PowerShell/Python to enhance Security efficiency.
Led detection engineering efforts including rule creation, integration, and implementation across SIEM and
security platforms.
Implemented Zero Trust architecture, micro-segmentation, and network segmentation to secure workloads and
restrict lateral movement.
Collaborated with cross-functional teams and clients using IR playbooks/SOPs for effective incident response
and recovery.
Built and maintained security dashboards (Power BI/Sentinel Workbooks) for threat visibility, reporting, and
operational insights.
Documented threat hunting activities, detections, and Security improvements to standardize and mature security
operations.
Performed advanced threat hunting using behavioral analytics, threat intelligence, and hypothesis-driven
approaches to identify stealthy and unknown threats.
Correlated multi-source telemetry (EDR, SIEM, Firewall, Email Security like DMARC) to detect complex, multi
stage attacks and improve response time.
Continuously optimized detection coverage by mapping use cases to MITRE ATT&CK and validating
effectiveness through real-world attack scenarios.

Fine-tuned detection rules across XSIAM, Sentinel, and Defender; built KQL/XQL queries and custom detections
to reduce false positives and improve accuracy.
Built Sentinel analytics rules, SOAR playbooks, and automated detection/response using PowerShell/Python to
enhance Security efficiency.
Implemented Zero Trust, micro-segmentation, and network segmentation to secure workloads and limit lateral
moveme
Collaborated with cross-functional teams using IR playbooks/SOPs; documented threat hunting and
improvements via Power BI.
Fine-tuned detection rules across XSIAM, Sentinel, and Defender; built KQL/XQL queries and custom detections
to reduce false positives and improve accuracy.
Built Sentinel analytics rules, SOAR playbooks, and automated detection/response using PowerShell/Python to
enhance Security efficiency.
Implemented Zero Trust, micro-segmentation, and network segmentation to secure workloads and limit lateral
movement.
Conducted cybersecurity assessments to identify vulnerabilities and strengthen system defenses.
Experienced in evaluating security controls, risk analysis, and recommending mitigation strategies.
Collaborated with cross-functional teams using IR playbooks/SOPs; documented threat hunting and Security
improvements via Power BI.

Monitored, correlated, and analyzed security events by integrating Microsoft, network, endpoint, application, and
third-party logs into Azure Sentinel/SIEM, ensuring proper ingestion and visibility.
Performed malware analysis, identified malicious behavior, executed remediation, and handled threat escalation
including blocking malicious URLs/phishing via O365 Security Center.
Developed and fine-tuned KQL detections mapped to MITRE ATT&CK to detect behavioral threats and reduce
false positives.
Led risk-based vulnerability assessments; integrated vulnerability data with threat intelligence, SOAR, and IR
workflows for proactive defense.
Monitored security across Firewall, IDS/IPS, Proxy, DLP, and Antivirus while protecting users from social
engineering attacks (phishing, spear phishing, shoulder surfing).
Improved Operations processes, SOPs, and IR procedures; documented incidents, playbooks, workflows, and
provided leadership updates.
Built Sentinel workbooks for reporting/visualization; applied analytics to identify anomalies, trends, and patterns
in large datasets.
Stayed updated on emerging threats, attack patterns, and compliance requirements.

Performed malware analysis to identify types/behavior and execute remediation; evaluated application
vulnerabilities using OWASP Top 10 and applied mitigation via Defender VM Console.
Monitored, investigated, and mitigated Microsoft Sentinel alerts; delivered L1 threat response, escalated
suspicious traffic, and blocked malicious URLs/phishing via O365 Security Center.
Supported SOC process, SOP, and IR workflow improvements to reduce response time and enhance
efficiency; documented incidents and provided leadership updates.
Hands-on with Firewall, IDS/IPS, Proxy, DLP, Antivirus, and managed network security devices and endpoints
for vulnerability/malware monitoring.
Deployed sensor servers, configured SIEM agents, and managed NxLog installations/uninstallations.
Applied strong networking knowledge (IP, ports, DNS, DHCP, OSI, TCP/UDP, NAT/PAT, subnets, VPN) to
monitor traffic, protect data integrity, optimize performance, and detect anomalies.
Protected users from social engineering attacks (phishing, spear phishing, tailgating, shoulder surfing,
malware).