Download PDF

Summary

Information Security professional with expertise in Threat hunting, Vulnerability management and Cyber Forensics.
Well-versed in direct and remote analysis with strong critical thinking, communication and people skills. Able to thrive
in fast-paced and challenging environments where accuracy and efficiency matter.

Work experience

July 2016Til Now

Information Security Specialist

IHS Markit
  • Analyze typical threat actor profiles, the typical indicators associated with those profiles, and to synthesize the two to develop innovative techniques to detect threat actor activity.
  • Demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors.
  • Analyze available data sources, security tools, and threat trends and lead security monitoring and analysis techniques to identify attacks against the enterprise.
  • Analyze logs, normalize and perform automated log correlations utilizing big data analysis or hunt tools to identify anomalous and potentially malicious behavior.
  • Digitial forensics on host or network from malware perspective, ability to identify anomalous behavior on network or endpoint devices
  • Fine tuning information security tools such as an enterprise SIEM solution, IDS/IPS, endpoint security, and security monitoring solutions (NSM,DLP,Insider, etc).
  • Preparing SOP for blue team, perform POC for new products.
  • Tools & Technology: RSA SA, Splunk, Palo Alto, CyberArk, Darktrace, Crowdstrike, Encase, RSA Archer
Dec 2015June 2016

Senior Security Engineer

M&T Bank
  • Creating Policies on Symantec Data Loss Prevention.
  • Managing Infrastructure part of Endpoints, Network , Storage modules.
  • Monitoring DLP incidents and escalate in concern departments. 
  • Installing and configuring new modules like mobile and cloud prevent. 
  • Tools & Technology: Symantec DLP
May 2015Dec 2015

Security Analyst

Ocwen Financials
  • Security solution deployment and monitoring.
  • Deployment, Monitoring, Managing and Maintaining security devices like Firewall, IPS/IDS, Web Application Firewall, Secure Email Gateway, DLP, Enterprise Proxy, Enterprise Anti-Virus Solution in SOC.
  • To perform Vulnerability Management Process to Identify and remediation of vulnerabilities in Organization.
  • Performing security/vulnerability reviews of network, application, database and UNIX environments.
  • To do root cause analysis of security related incidents and its investigation.
  • Creating and fine tuning of DLP related policies and procedures based on business process requirements.
  • Monitor security incidents handling, server performance, health-check, update and Root cause analysis/Troubleshooting server related issues.
  • Tools & Technology: Arcsight, Qualys, Symantec SEPM, Bluecoat, Encase, RSA Archer
May 2014May 2015

Project Engineer

CERT-In
  • To do real time analysis on DDoS Attack and put controls to stop them.
  • To give recommendation to ISPs to mitigate DDoS attack.
May 2012Jun 2013

Project Engineer

Interface Infosoft Solutions
  • Performing vulnerability assessment and penetration testing on PCEHR web portal using Acunetix tool
  • Preparation of the detailed reports of the vulnerability assessment
  • Identify network and system vulnerabilities and evaluate attack vectors 

Education

IT Tools and Technology

Languages C, Python

Penetration Testing: Metasploit, Nessus, QualysGaurd, Cenzic, Acunitix

Operating Systems: Linux(Kali Linux, Fedora, Debian), Windows Server

SIEM: ArcSight, Splunk, RSA SA, AlienVault, DarkTrace

Firewall: Palo Alto, Cisco ASA

Endpoints Technologies: Crowdstrike, Symantec

Web Application Firewall: Imperva, Modsecurity

Vulnerabilty Scanning & Penatration Testing: Qualys, Veracode, Trustwave, Metasploit, Nessus, Kali Tools.  

Other Tools: Zscaler, Ironport, Bluecoat Proxy, Symantec DLP, Tripwire FIM, F5 Loadbalancer, AppDynamics, RSA Archer, Damballa, CyberArk, EnCase, FTK, SANS Investigative Forensics Toolkit, Wireshark.   

Certifications

  • CISSP - Certified Information Systems Security Professional 
  • Certified Incident Handler
  • Certified Ethical Hacker ( CEH ) V8
  • ISO 27001:2013 LA
  • Qualys Vulnerability Management
  • CCNA

Area of Interest

  • Threat Hunting
  • Infrastructure & Enterprise Security 
  • Malware and Exploit Research
  • Cyber Forensics

Personal Details

Nationality: Indian
Languages known : English, Hindi