Hello, I'm
Supushpitha Atapattu.

Configuring SIEM, EDR tools for incident resolution.

• Administering and managing Wazuh, providing real-time analysis of security events and incidents. Responding to and reporting on alerts triggered to enhance threat detection.
• Configuring EDR tools monitoring endpoint activity for malicious behavior and performing in-depth analysis of alerts for effective incident response.
• Documenting and reporting on security incidents, including detailed analysis of incidents triggered by EDR tools and Wazuh using PowerBI, and collaborating with teams for continuous improvement in incident response processes.

Contributed to SIEM alert analysis and incident resolution.

• Security monitoring and analyzing the alerts triggered by the SIEMs (FortiSIEM, Microsoft Sentinel, LogRhythm, QRadar) using a combination of search queries and pivots to resolve incidents and alerts using the ServiceNow ticketing system.
• Develop and implement automations and playbooks for security orchestration, automation, and response (SOAR) systems to streamline incident response workflows and improve efficiency.
• Utilize EDR (Endpoint Detection and Response) tools to monitor endpoint activity and respond to threats in real-time.
• Investigate security incidents using combination of tools and recommend proper solutions based on analysis.

Led security investigations, implementing SIEM, EDR and vulnerability assessments.

• Conducted security breach investigations, Vulnerability Assessment, and Penetration Testing (VAPT).
• Implemented, optimized, consulted on, developed, troubleshooted, and deployed information security systems and solutions, including SIEM, EDR, WAF, and cloud-based tools.
• Configured and monitored firewalls to safeguard the organizations network infrastructure.

Comprehensive Security Operations and Incident Response Management

• Managed security operations, overseeing SIEM (Splunk, QRadar), automated threat detectors, and Endpoint Protection Management (EPM) for threat detection and incident response. Developed use cases to improve threat detection and streamline.
• Conducted reviews per OWASP standards, PCI-DSS and PA-DSS compliance, showcasing collaborative skills with development.
• Monitored network traffic and security alerts using firewalls and intrusion detection systems (IDS). Analyzed logs for suspicious activities, performed threat analysis, and maintained network security integrity by demonstrating flexibility in threat detection.

Incident Response, Forensics, and Security Compliance Management

• Handled malware, DDoS/DoS attacks, defacement, and hacking incidents for the Ministry of Defense Sri Lanka. Skilled in threat detection and incident management.
• Managed forensic investigations, evidence handling, and reports for payment card fraud, email forensics, and data recovery through strong investigation.
• Maintained NIST and ISO 27001/27002 policies, ensuring compliance and enhancing security posture, demonstrating commitment and effective risk management.