CYBER SECURITY ANALYST
Kerala Police
Total des années d'expérience :7 years, 1 Mois
Collaborated on project planning, configuration, and system implementation for various departments under Kerala Police Ensured seamless execution of security initiatives to protect critical assets.
1. Assisted in implementing strategic network and security designs by collaborating on developing and deploying robust Security solutions (ISMS). Ensured adherence to industry best practices, including ISO 27001 standards.
2. Overhauled Security Policies and controls, ensuring compliance and robust PII data protection. Implemented advanced measures like DLP, SIEM, encryption, and IDS/IPS in collaboration with CIO.
3. Provide security awareness training initiatives for employees and publish articles on internal forums to enhance overall cybersecurity awareness within the Government department.
Ensuring quality by enhancing Splunk for activity monitoring through the creation of reports, dashboards, queries, and auto alert notifications.
Conducted Red Teaming assessments and found critical vulnerabilities like SSRF. CSRF, XSS attacks etc. to strengthen government website security.
Demonstrated expertise in identifying, exploiting, and remediating common web security vulnerabilities, with the ability to independently complete complex penetration testing projects in challenging environments
Experienced in identifying and exploiting vulnerabilities, conducting Red Teaming assessments, and discovering critical vulnerabilities such as SSRF, CSRF, and XSS attacks to strengthen security.
Conducted comprehensive network penetration testing using advanced exploitation tools (C2 tools) such as Cobalt Strike, Empire, and Metasploit to identify and exploit vulnerabilities in client (Govt: Departments) systems.
Utilized offensive techniques, including social engineering, password cracking, and exploit development, to assess the security posture of networks and applications.
Performed in-depth analysis of network traffic using tools like Wireshark and TCP dump to detect anomalies and potential security breaches.
Experienced in identifying threat actors and analyzing their TTPs to enhance organizational cybersecurity defenses and response strategies.
Developed and implemented custom scripts and tools to automate the penetration testing process and improve the efficiency of security assessments.
Collaborated with the defensive team to recommend and implement security controls, such as firewalls, intrusion detection/prevention systems (IDS/IPS), and security information and event management (SIEM) solutions, to mitigate identified risks.
on various cyber threats, sharing insights through wikis and git repositories, and mentoring others in adversary techniques.
Skilled in Python development and experienced in code auditing, vulnerability mining, and analysis, allowing for the research and implementation of advanced offensive and defensive techniques to enhance the organization's security posture.
Led the implementation of advanced method cyber threat data forensics techniques, boosting conviction rates by 40% and accelerating case resolution by 25%.
Conducted comprehensive penetration tests, including web application (thick client, API, mobile SDK, web) and network (external, internal, Wi-Fi) assessments, utilizing black, gray, and Whitebox perspectives.
Experienced in identifying threat actors and analyzing their TTPs to enhance organizational cybersecurity defenses and response strategies.
Creation of reports, queries & filer for the logs generated in SIEM tools - SPLUNK, based on severity & priority of events weekly.
Enhancing Splunk for monitoring Activity by Creating Reports /Dashboards / Query /Auto Alert Notification.
Proficient in both Linux and Windows environments, with hands-on experience in network security, including PCAP interpretation, protocol understanding, and the ability to traverse network segments.
Spearheaded detailed research on identity theft, hacking, online financial fraud, and cyber abuse; devised proactive measures that led to an 80% decline in criminal activities.
Applied cutting-edge digital forensics techniques to analyze data and evidence, leading to a 50% increase in cybercrime convictions and significant contributions to vital evidence discovery in criminal investigations.
Collaborated with cross-functional teams to develop cybersecurity strategies, reducing security incidents.
Led the implementation of advanced cyber threat data forensics techniques, boosting conviction rates by 40% and accelerating case resolution by 25%.
Directed cross-functional teams in leveraging threat intelligence reports to stay informed on cybersecurity trends, leading to a 60% reduction in phishing incidents over a 12-month period.
Achieved a 50% reduction in complaint response time and enhanced victim satisfaction by 20% through close collaboration with the development team, implementing streamlined processes and tools to optimize victim support services.
Managing and Optimizing the Police departments telecommunications infrastructure through strategic network improvements, resulting in a notable 25% increase in operational efficiency, streamlining emergency response procedures.
Streamline operational procedures to enhance the efficiency of day-to-day activities in the state control room (Emergency Response Support System).
Conducted frequent scans to monitor system vulnerabilities on servers and infrastructure devices using threat and vulnerability security solutions, thereby strengthening law enforcements confidential data.
Collaborated closely with IT security teams to analyze and resolve communication interruptions, successfully reducing system downtime by 40% and greatly enhancing user experience across the organization.
Monitoring Network performance using the CA Spectrum monitoring tool.
Securing and filtering the network using Access lists. Configuring CISCO Routers, Switches, and Firewalls, Install LAN/WAN connectivity, and Troubleshooting Cisco L2 and L3 Switches.