Details
Skills
• Monitoring tools
• SEIM: IBM QRadar, Splunk, Datadog’s and SolarWinds SEM
• SOAR: Good understanding on Palo Alto – Demisto with Python.
• EDR/MDR/XDR: Sentinel One, Microsoft defender, CrowdStrike.
• Network and IT infrastructure: SolarWinds, Manage Engine (APM, APP Manager, MOM, OP Manager, Analytics, site 24*7), VROPS, Deep Insight, SCOM, SolarWinds. AppDynamics and Dynatrace.
• ITSM Tools: BMC Remedy, Ivanti, Manage Engine, Service Now and Jira
• Networking and securities: Cisco ASA/Firepower, Fortinet, Palo Alto, F5, Citrix and Junipers devices.
• Programming/Scripting: Good knowledge on SQL, PL/SQL, T-SQL, Unix Shell Scripting & Windows Batch Scripting
• Good Knowledge on WAF: F5 ASM, Barracuda
• PAM: CyberArk, FortiOS.
• DLP and Email Security: - Symantec DLP14, McAfee, Proofpoint, RSA, Forcepoint and Netskope
• Data Classification: Boldonjames
• Proxy: - Bluecoat, Zscaler (Cloud)
• Vulnerability and Configuration Management: Nessus (Tenable), Qualys and Vulcan
• Database Security: Imperva DAM / Scuba
• Configuration Audit: - Nessus
• Penetration Testing: External Black Box Infrastructure Security Assessment
• Virtualization: Very good understanding and knowledge on cloud-based technology like VMware, Hyper-V and Dell VxRail
• Hyperconverged Infrastructure, also Azure, AWS and Oracle cloud.
• System Admin: Worked on UNIX (Sun Solaris & Red Hat Linux) & Window.
• ITIL and SMS: Incident, problem, change, assets and release management.
• Pre-sales activities: RFP response, SOW validation, Pricing strategies, Competitor analysis, Staffing and Purchasing.
• MDM: Kandji
About
• An accomplished IT professional with over 18 years of diversified experience, including more than 8 years in Information Security, Security Governance, Risk Management & Compliance, over 5 years in IT Operations and Project Management, and more than 5 years in System and Database Administration.
• Expertise with hands on experience in Cyber Threat Intelligence (CTI) Program, Incident Response (IR) plan and execution and CSIRT responsibilities integration with Disaster Recovery Planning and Business Continuity, SIEM monitoring and Management, Patch Management, Threat/Vulnerability Management (TVM), Threat Modeling, Application Security and manual Penetration Testing.
• Extensive expertise as a Security Analyst, including hands-on experience with emerging security technologies, cloud security (Azure and AWS), On-premise, and advanced networking concepts such as DNS, OSI model, DHCP, public vs. private IPs, and MAC addressing.
• Excellence in information Security framework and compliance against ISO 27001, PCI DSS, NIST and SOC2 and other standards as per organization needs.
• Led the implementation and management of Okta as the primary IAM platform to streamline and secure user authentication and access across the organization's IT infrastructure and applications.
• Participated in audits and compliance checks to ensure adherence to security frameworks such as PCI-DSS, NIST and ISO 27001.
• Proficient in technical and non-technical writing with a proven ability to create and update incident response plans, playbooks, and runbooks. Demonstrated experience in application development processes with strong knowledge of programming and scripting languages such as Python, PowerShell, and Java. Skilled in the implementation of security controls and effective use of Vulnerability Scanning tools (Nessus, Burp Suite, Rapid7) and SIEM tools (MS Sentinel, QRadar).
• Continuously monitored security alerts and events from various tools such as SIEM systems, firewalls, IDS/IPS, and endpoint (EDR/XDR) protection software.
• Performed detailed analyses of security incidents, identify the root causes, and recommend remediation actions.
• Conducted regular vulnerability assessments and risk evaluations to detect potential security threats.
• Collaboration with IT teams to enhance security protocols, ensuring alignment with industry standards and best practices.
• Assist in developing and enforcing security policies, procedures, and guidelines. Stay informed about the latest cybersecurity threats, trends, and best practices.
• Prepared detailed security reports for management, highlighting findings, risks, and recommended actions.
• Driven, tangible improvements in people, process & technology aspects of information security; Steered continuous improvement through Awareness programs, Phishing Simulations.
• Led and coordinated multiple security and IT projects and activities related to process quality and efficiency to ensure continuity of best practices and quality improvement across all IT spheres Operation, applications and PMO.
• Served as the Communication Lead, acting as the first point of escalation and contact to govern and ensure smooth resolution of major incidents related to Information Security or operational issues.
• As part of the Change Management process, responsible for coordinating CAB (Change Advisory Board) activities and performing security validation for all IT infrastructure and application changes.
Profile Photo
