Technical Specialist
HCL Technologies Ltd
Total years of experience :28 years, 9 Months
Banking Project.
•Deployed the Qualys Guard tool internal and cloud controlled service to perform vulnerability scan on weekly basis to all critical infrastructure.
•Analyze windows servers based on the vulnerability report, forward the queries to respective SME to identify the solution and remediate based on severity.
•Follow up with ISP team on the severity and vulnerability age based on ISP managed routers. Progress will be maintained & managed week on week.
•The monthly reports will be shared with client and on demand basis.
•Design and deploy scalable SIEM infra, optimize its architecture to assist Security Incident Response Team in effective monitoring.
•Deploy components and integrate critical devices with SIEM for compliance and to help Security Incident Response Team in monitoring.
•12. Administrate and Manage SIEM Infrastructure to achieve availability of serviceIdentified privileged accounts are monitoring and reviewed to ensure the accounts are used only for authorized activities as per PCI compliance and share the same to management for review.
•Critical logs are escalated to respective SME within 4 hours of time frame.
•Deployed multiple security tool and policies to enable enterprise level security of banks isolated network. All desktop, server and network devices will undergo configuration review on quarterly basis to confirm AV, Patches and DLP component are up to date.
•Process Monitoring - Monitor critical processes and setup alert threshold in all servers, perform remediation process once get alert when a particular process fails.
•Attending client audit and fixing finding and closer of audit successfully.
•Windows Performance Counters -Monitor the Windows performance counters values through WMI
•Symantec - Advanced technologies to detect unknown threats and prevent zero day attacks including ransomware Memory exploit prevention for popular applications and operating systems.
•Antivirus - Alerts from antivirus server on any attempt or compromise of systems with virus attacks for devices supporting Bank Dedicated Vendor Network.
•Host Intrusion Prevention System - Alerts from the HIPS server on any attempt or real intrusion on any systems supporting Bank Dedicated Vendor Network
•All Windows servers and EUC must check and get virus definition updates within 24 hours.
•Data Loss Prevention - Alerts from the DLP server on any attempt to connect USB drives supporting all system in Bank Dedicated Vendor Network.
•Critical Service Monitoring - Analyze normal system and user usage to determine if any critical service is disabled/stopped but is required for supporting Bank Dedicated Vendor Network
•Installing MFA, firewalls, data encryption and other security measures
•Attend meeting with client and project for RFI and RFP.
•Raise CAPEX and Create Purchase Orders for any new or revamp/enhance existing security product.
•Evaluate products and technologies that helps in incident response operations and assist management by creating evaluation report to make a decision on the product.
•Represent team in external and customer audits
Proxy Infrastructure, DLP COE, Symantec VIP, Cisco ACS and Cloud Access Security Broker (CASB)
Key Roles & Responsibilities:
•Currently managing a team of five security engineers who were responsible for building/deploying proxy infrastructure across cognizant locations both Pan-India as well as Rest of World.
•Create project plan and project status report for higher management approval and review.
•Evaluation different proxy and DLP product and submit POC documents with conclusions.
•Create sustenance document and arrange KT session with operation team for further infra maintenance.
•Participating P1 calls for troubleshooting, reviews RCA and approve to submit compliance team.
•Attend meeting with client and project for RFI and RFP.
•Raise CAPEX and Create Purchase Orders.
•Planning, environment setup and installation of Netskope tenant with the help of Vendor
•Active Directory importer installation and configuration with the help of DNS/AD team to import user information to cloud tenant
•Parent proxy configuration in all proxy server to divert cloud application diverting directly to cloud tenant for analysis and DLP policy implementation
•Netskope agent preparation and rollout to endpoints thru SCCM tool
•Create sustenance document of new proxy implementation and arrange KT session with operation team for further infra maintenance
•Upgrade and manage MFA servers to latest code
•Raise CAPEX and Create Purchase Orders for any new or revamp/enhance existing security product.
•Evaluate products and technologies that helps in incident response operations and assist management by creating evaluation report to make a decision on the product.
•Represent team in external and customer audits.
•Lead for phase-2 application integration with MFA authentication
•Integration of various network device with TACACS authentication and manage servers
SME - Websense Web and DLP, Imperva WAF, McAfee Application Control, Vulnerability Assessment, Virus Scan and Disk Encryption, RSA SecureID
Key Roles & Responsibilities:
•Handle the installation, configuration and updates of web and Data Security gateway Application in a multi—platform (SaaS and Appliance) and virtualized environment.
•Periodical Vulnerability assessment to all security and management server and advice team to applying patch.
•Create server task like AD configuration for LDAP Access the System Tree to view the machine's properties, and validate that EEPC/
Key Roles & Responsibilities:
•Install wide range of network devices which are used for security device for communicate each other.
•Keep network infrastructure up-to-date and secure by updating surety policies and monitoring complaints
•Troubleshoot various network issues with staffs and with outside vendor to resolve the issues.
•In charge of ongoing HCL Technologies projects and existing site Maintenance.
•Technical Head for Fire alarm, Integrated Access Control, Security system, BMS, PA system and CCTV System.
•Responsible to design the system using AUTO CAD from civil architectural drawing, this will include conduit diagram, device position, and wiring etc., before proceeding projects.
•Preparation of AMC, and allocating service Engineers for Service calls, AMC Calls for Integrated Access Control, BMS, CCTV and Fire Detection and Alarm Systems, by different proponents.
•Supporting to Service engineers in critical complaint calls, when they find difficult.
•Responsible to contact training classes/orange training class from the various product suppliers for new joiner and customer service engineers
Building Management System
In charge of ongoing HCL Technologies projects and existing site Maintenance.
•Technical Head for Fire alarm, Integrated Access Control, Security system, BMS, PA system and CCTV System.
•Deploy, configure and manage network devices used for physical security systems and services
•Manage servers and desktops which are connected in physical security devices in various client places.
•Laying LAN cables for network and communication devices.
•Responsible to design the system using AUTO CAD from civil architectural drawing, this will include conduit diagram, device position, and wiring etc., before proceeding projects.
•Preparation of AMC, and allocating service Engineers for Service calls, AMC Calls for Integrated Access Control, BMS, CCTV and Fire Detection and Alarm Systems, by different proponents.
•Supporting to Service engineers in critical complaint calls, when they find difficult.
•Responsible to contact training classes/orange training class from the various product suppliers for new joiner and customer service engineers.
Company : AL-Nasser Trading and Contracting Establishment, KSA
Attended all complaint call regarding all types of Fire Detection and Alarm Systems, by different proponents within Saudi Aramco. This also includes trouble-shooting and of any system discrepancies.
•24 hours on call duty to respond to every false alarm received by the local (Abqaiq) Fire Control Unit. Responsible for identifying unknown source of alarm and restoring the system normal.
•Perform Preventive Maintenance (PM) on every Fire Detection and Alarm System within are of responsibility. Provide assistance (when requested) to local Fixed System Service Group in conducting their routine Test & Inspection of all Fixed Fire Systems.
•Also involve in the design, installations and commissioning of new and/or revamp system through minor tickets, work orders or job order.
•Installing LAN cables for network and physical security devices.
•Deploy, configure and manage network switch and router for small offices
In charge with the installation of various system such as Fire Detection & Alarm, Access Control, Intruder Alarm and closed Circuit Television (CCTV).
•Close monitoring of a project from installation to until commissioning and throughout the whole warranty period.
•Provide assistance to proponent or customer in preparation for project turnover, this will include giving them system basic, its limitations and capabilities, functions and step by step instruction in using. Operating and maintaining their systems.
•Designing the various systems like Fire alarm, Intruder Alarm and closed circuit television system as per the local standard.
•Conducting training classes or seminars to trainee installation engineers
(
(