Information Security Officer2019 - PRESENTConfidential
Technologies: Cloud Security, IT Security, Threat Hunting, Threat Intelligence, Strategy, Malware Analysis, Vendor Management, MDR, Audits, ATT&CK, Security Framework, Secure Access Service Edge (SASE), Cloud Access Security Broker (CASB), Data Protection, Security Automation, Azure Security, AWS Security, NetFlow, DNS, Proxy Servers, YARA, Snort, Penetration Testing, Bro Logs, IDS/IPS, TTP, IoC, Python, Windows PowerShell, Network Hunting, ISO 27001, PCI DSS, SOC 1, SOC 2, NIST, CISSP, Azure, Sentinel, Proofpoint, TAP, TRAP, Carbon Black, CrowdStrike, Endpoint Detection and Response (EDR), DevOps, Identity & Access Management (IAM), Risk Management, Security Testing, Dynamic Application Security Testing (DAST), Security
- Acted as the incident commandant reporting to the CISO. Conducted open-source and classified research on emerging and trending threats and vulnerabilities. Led complex projects cross-functionally and globally.
- Led a team of cybersecurity professionals responsible for the design, implementation, attack mitigation, and ongoing support of security systems of high complexity to fulfill the business needs.
- Rewrote the complete IR process, including the SOPs, playbooks, workbooks, and security automation, and mapped the use cases with security frameworks such as MITRE ATT&CK.
- Managed threat intelligence, threat hunting (IOC vs. TTP), forensics, data protection, EDR, email security, cloud security, malware analysis, and reverse engineering.
- Reduced the blast radius from a cloud security perspective and managed the cloud security posture assessment. Oversaw the vulnerability management program and prioritization of vulnerabilities.
- Led the company-wide deployments of multiple security products to secure all resources, infrastructure, applications, and storage. Created 30+ use cases with security automation capabilities.
- Worked completely on AWS cloud and maintained the current infrastructure from a security perspective.
- Gained experience in AWS native tools, including AWS VPC, AWS IAM, EC2, subnets, networking, CloudTrail, GuardDuty, Macie, Inspector, and Security Hub.
Staff Engineer2015 - 2019STMicroelectronics
Technologies: Cloud Security, Audits, Data Protection, CISSP, DevSecOps, VAPT, Microsoft, AWS, Security Framework, Cyber Forensics, Threat Intelligence, Threat Hunting, Azure, Strategy, Cloud Transformation, Security
- Managed the SOC and security engineering team, which included leading and mentoring over 13 security experts and meeting business goals. Acted as the incident commandant of the Indian region.
- Acted as the key member of the digital transformation group that oversaw transitioning to the cloud in a hybrid approach and securitization in Azure.
- Ran the specific programs such as threat detection, content development, EDR transformation, cloud security, SOPs for incident response, and security audit, including PCI-DSS, SOC 1/2, ISO27k, and GDPR.
- Assisted DevOps team in SSDLC, including threat modeling, penetration testing, zero-trust security model, and using the shift-left approach for CI/CD pipelines with Jenkins. Created a baseline for Windows, Mac, and Linux from a security standpoint.
Senior Security Specialist2012 - 2015BT Group
Technologies: Data Protection, Application Security, Security Architecture, Incident Response, PKI, Cryptography, Audits, Email Security, Infrastructure Security, Network Operations Center, SecOps, SIEM, User and Entity Behavior Analytics (UEBA), Security
- Acted as the shift operations manager for specific customers, including LBG, PepsiCo, Philips, Novartis, and Nestlé.
- Deployed the SOC for multiple customers, including Dixon and Mars. Provided consultancy services to several customers from SOC and security architecture perspectives.
- Oversaw the POC for any new tool and technology. Collaborated with the presales team to onboard new customers.
- Onboarded multiple use cases in SIEM tools to enhance threat detection capabilities. Conducted multiple open-source and classified research projects on emerging and trending threats and vulnerabilities.
- Used a number of tools and technologies, including SIEM, WAF, DLP, IPS, IDS, firewall, proxy, FireEye APT, AV, REMnux, DDoS, Proofpoint, Wireshark, Burp Suite, PAM, ATT&CK framework, OWASP Top 10, Python, Nipper, and HLD/LLD.
Security Engineer2010 - 2012Orange Business Services
Technologies: Incident Response, Malware Analysis, Threat Hunting, Audits, PCI DSS, Threat Intelligence, ISO 27001, SecOps, Threat Modeling, Threat Detection, Infrastructure Security, Email Security, Application Security, Vulnerability Management, Software Development Lifecycle (SDLC), Security
- Investigated the abnormal events, classified the potential security breaches, raised the security incident alerts, performed the technical and management escalation, and implemented the second-level mitigation action to confirm security incidents.
- Led the risk and vulnerability assessments and systems security audits of the servers and provided support in clearing the discrepancies according to PCI-DSS and ISO 27001.
- Performed host-based forensics and managed the threat intelligence program, hunting program, and DLP data protection program to secure sensitive data.
- Appointed as a shift lead and oversaw creating the SOC matrices data for the management.
Security Analyst2008 - 2010HCL Technologies
Technologies: Endpoint Security, Infrastructure Security, Incident Response, Application Security, Certified Ethical Hacker (CEH), CCNA Security, Firewalls, Proxy Servers, Software Development Lifecycle (SDLC), SecOps, Vulnerability Management
- Managed the cyber project outsourced by the National Informatics Center for the Indian Government, including the Ministry of External Affairs, Prime Minister, Ministry of Home Affairs, all states, and Bhawan.
- Deployed multiple tools for day-to-day operations, including the Check Point and Cisco firewalls, Blue Coat proxy, Trend Micro and MacAfee AV, netForensics (SIEM), MacAfee IDS/IPS, and Snort.
- Updated the security patches and vulnerabilities, manually hunted for IOCs using security tools, and responded to the security alerts.
- Performed audits of security tools and created security dashboards for specific platforms.