Hema Pooja
Cyber Security Analyst
About Me
csAnalyst@gmail.com
(91) 8459726378
I am cybersecurity enthusiast with strong knowledge in network security, ethical hacking and threat analysis. I enjoy identifying vulnerabilities and securing systems against cyber threats.
Work Experience
2024 - Present
Cyber Security Analyst
Vertex Managed Defence Solutions, Chennai
Monitored security events for 40+ external corporate clients using Microsoft Sentinel SIEM, analyzing over 10,000 alerts daily. Maintained a 99% compliance rate with client Service Level Agreements (SLAs) by triaging and resolving critical incidents under 15 minutes. Conducted threat hunting operations across diverse client environments, discovering and neutralizing a hidden ransomware strain before deployment.
2020 - 2024
Information Security Analyst
Apex Financial Group, Coimbatore
Secured internal financial applications and cloud infrastructure by integrating CrowdStrike EDR across 5,000+ corporate endpoints. Collaborated with compliance teams to perform quarterly risk assessments, ensuring network infrastructure aligned with PCI – DSS and SOC 2 Standards. Led internal incident response for a major business email compromise (BEC) attempt, successfully preventing data exfiltration and preserving evidence.
Education
2018 - 2020
M.Tech in Cyber Security
National Institute of Technology, Tiruchirappalli, TN
Advanced Electives: Malware Analysis & Reverse Engineering, Cloud Security Architecture, Cryptography, Network Cyber Defence. Master’s Project include machine learning model to detect zero-day DDoS attacks in cloud environments, reducing false-positive alerts by 22%. Lab Expertise: Conducted extensive hands-on threat hunting and vulnerability assessments using Wireshark, Nessus and Metasploit.
2014 - 2018
B.TECH in Computer Science and Engineering (Cyber Security)
Vellore Institute of Technology , Vellore , TN
.Relevant Coursework: Cryptography, Network Security, Penetration Testing, Ethical Hacking, Cloud Security. Academic Projects include custom intrusion prevention system (IPS) utilizing python to automatically block anomalous IP traffic on a simulated campus network.
Skills & Expertise
Incident Response and Triage
The ability to rapidly detect, contain and recover from security breaches, malware outbreaks or unauthorized network access.
Analysts must accurately assess the severity of an alert, isolate affected systems to prevent the threat from spreading and follow structured playbooks to restore normalcy without destroying digital evidence.
Traffic and Network Log Analysis
The practice of auditing data transmission paths, packet behavior and system event messages to decode network activities.
It allows you to reconstruct the timeline of an attack. By interpreting patterns in system logs, you can differentiate between normal daily activities and malicious anomalies.
Vulnerability Management
The continuous process of identifying, evaluating, categorizing and reporting security weaknesses in an organzation’s infrastructure.
Instead of waiting for an attack, analysts proactively find flaws in system configurations or outdated software code, advising technical teams on what needs patching first based on risk level.
Threat Intelligence and Hunting
Actively searching through networks to detect hidden, advanced threats that have bypassed standard security defenses, using global threat data.
Passive monitoring is not enough for sophisticated hackers. Analysts use known attacker behaviors, malicious indicators, and open-source intelligence to catch stealthy adversaries before they inflict damage.
Cloud Security Architecture Concepts
Understanding security design principles, shared responsibility models, and access controls unique to cloud-hosted environments.
As businesses move computing power off-site, analysts must know how to secure data storage, handle virtual identity permissions, and ensure remote configurations do not leave data exposed to the public internet.
Regulatory Compliance and Framework Alignment
Knowledge of international security frameworks, industry standards, and data privacy laws governing how organizations must protect data.
Analysts ensure the company’s daily defensive practices align with legal mandates, helping the organization pass external security audits and avoid massive legal penalties.
Projects
Blue Team SIEM Deployment & Incident Response Simulation
Network Vulnerability Assessment & Penetration Testing
Automated Security Log Parser and Threat Hunting Tool
Secure Cloud Architecture & Identity Management Implementation
Products I’ve Worked With
csAnalyst@gmail.com
Phone
(91) 8459726378
Chennai, India