Senior Manager
Bank of America
Total years of experience :14 years, 5 Months
Part of Cyber Security Defense team.
Leading Security Governance team handling exceptions against Security Policy.
Overlooking 24*7 operations of the team spread across different locations.
Work closely with other teams within Cyber Security Defense to stop data exfiltration and increase threat hunting capability.
Automation, to reduce manual efforts in triaging of events.
Proxy/Firewall rule governance and management.
Process related risk management and review with Risk Assessments team.
BCP/DRP planning to avoid disruptions.
Trusted security and compliance adviser for clients.
Project Management for SOC and Product team service deliverables as per SLA.
Deployment of SecureVue (SIEM), installation of Qualys scanner, setting up Vulnerability scans as per SOCVue
service agreements.
Mentoring SOC Monitors, SOC Analysts, Senior Analysts and Product Support Engineers. Performance Appraisals for SOC and Product teams.
Helping sales team in pre-sales and post-sales activities.
Conduct regular status meetings with key internal and client stakeholders.
Identification of product enhancements gathered during service delivery. Properly document and communicate these to the Product Management team.
Help internal team on Risk Management and Contingency (BCP/DRP) planning.
Technical Lead for offshore team, providing SIEM services to international client (Banking sector).
Helping Compliance team during certification of new application and annual re-certification of existing applications.
Deploying new use cases and modifying existing ones.
Deploying new custom parsers or editing existing custom parsers as per requirements (Universal Device Support
- UDS).
Events analysis for finding RCA when attacks are detected.
Integration of event sources such as Windows, UNIX, firewalls etc. with SIEM.
Designing ad hoc reports for request from client or other stakeholders as per PCI standards.
Troubleshoot problems of log interruptions from event sources.
Use of tripwire for checking file integrity.
Helping Information Security team in developing and implementing security policies.
Security advisories to Information Security team.
Designing new use cases and enhancing existing use cases.
Real time monitoring of network using SIEM.
Designing of customize reports for various stakeholders as per agreed upon SLAs.
RSA enVision System Administration.
Follow Incident Management lifecycle as per SLAs.
To do RCA of security incidents.
Backup Management of logs as per Telecom Registry Authority of India (TRAI) standard.
Universal Device Support code developments for devices not supported by RSA enVision.