Download PDF

Summary

Information Security professional with experience in Banking & Financial industry and having expertise in Threat hunting, Incident response, Threat intelligence and Cyber Forensics. Well-versed in direct and remote analysis with strong critical thinking, communication and people management skills. Able to thrive in fast-paced and challenging environments where accuracy and efficiency matters.

Work experience

July 2016Aug 2016

Information Security Lead

IHS Markit
  • Maintain compliance with ISO 27001 and PCI-DSS

  • Implementing and managing  policies on Cloud Proxy ( Zscaler ) and other Cloud infrastructure.
  • Analyze typical threat actor profiles, the typical indicators associated with those profiles, and to synthesize the two
    to develop innovative techniques to detect threat actor activity.
  • Demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity,
    organized crime/fraud groups and both state and non-state sponsored threat actors.
  • Analyze available data sources, security tools, and threat trends and lead security monitoring and analysis
    techniques to identify attacks against the enterprise.
  • Analyze logs, normalize and perform automated log correlations utilizing big data analysis or hunt tools to identify
    anomalous and potentially malicious behavior.
  • Digital forensics on host or network from malware perspective, ability to identify anomalous behavior on network
    or endpoint devices
  • Fine tuning information security tools such as an enterprise SIEM solution, IDS/IPS, endpoint security, and security
    monitoring solutions (NSM,DLP,Insider, etc).
  • Preparing SOP for blue team, perform POC for new products.
  • Tools & Technology: RSA SA, Splunk, Palo Alto, CyberArk, Darktrace, Crowdstrike, Zscaler, Encase, RSA Archer, SeviceNow
Dec 2015June 2016

Senior Security Engineer

M&T Bank
  • Creating Policies on Symantec Data Loss Prevention.
  • Managing Infrastructure part of Endpoints, Network , Storage modules.
  • Monitoring DLP incidents and escalate in concern departments. 
  • Installing and configuring new modules like mobile and cloud prevent. 
  • Tools & Technology: Symantec DLP
May 2015Dec 2015

Security Analyst

Ocwen Financials
  • Security solution deployment and monitoring.
  • Deployment, Monitoring, Managing and Maintaining security devices like Firewall, IPS/IDS, Web Application Firewall, Secure Email Gateway, DLP, Enterprise Proxy, Enterprise Anti-Virus Solution in SOC.
  • To perform Vulnerability Management Process to Identify and remediation of vulnerabilities in Organization.
  • Performing security/vulnerability reviews of network, application, database and UNIX environments.
  • To do root cause analysis of security related incidents and its investigation.
  • Creating and fine tuning of DLP related policies and procedures based on business process requirements.
  • Monitor security incidents handling, server performance, health-check, update and Root cause analysis/Troubleshooting server related issues.
  • Tools & Technology: Arcsight, Qualys, Symantec SEPM, Bluecoat, Encase, RSA Archer
May 2014May 2015

Project Engineer

CERT-In
  • To do real time analysis on DDoS Attack and put controls to stop them.
  • To give recommendation to ISPs to mitigate DDoS attack.
May 2012Jun 2013

Project Engineer

Interface Infosoft Solutions
  • Performing vulnerability assessment and penetration testing on PCEHR web portal using Acunetix tool
  • Preparation of the detailed reports of the vulnerability assessment
  • Identify network and system vulnerabilities and evaluate attack vectors 

Education

IT Tools and Technology

Languages Python

Penetration Testing: Metasploit, Nessus, QualysGaurd, Cenzic, Acunitix

Operating Systems: Linux, Windows Server

SIEM: ArcSight, Splunk, RSA SA, AlienVault, DarkTrace

Firewall: Palo Alto, Cisco ASA

Endpoints Technologies: Crowdstrike, Symantec

Web Application Firewall: Imperva, Modsecurity

Vulnerabilty Scanning & Penatration Testing: Qualys, Veracode, Trustwave, Metasploit, Nessus, Kali Tools.  

Other Tools: Zscaler, Ironport, Bluecoat Proxy, Symantec DLP, Tripwire FIM, F5 Loadbalancer, AppDynamics, RSA Archer, Damballa, CyberArk, EnCase, FTK, SANS Investigative Forensics Toolkit, Wireshark.   

Certifications

  • Certified Incident Handler
  • Certified Ethical Hacker ( CEH ) V8
  • ISO 27001:2013 LA
  • Qualys Vulnerability Management
  • CCNA

Area of Interest

  • Threat Hunting and Intelligence Gathering
  • Infrastructure & Enterprise Security 
  • Malware and Exploit Research
  • Cyber Forensics

Personal Details

Nationality: Indian
Languages known : English, Hindi