Senior Information Security Specialist
Gems Education
Total years of experience :17 years, 4 Months
● Implemented SOC as a service.
● Onboarded WAF, VAPT, ITSM, Patch Management Solutions.
● Authored security architecture design documentation and standard operating procedures.
● Leading the implementation of Security Framework (ISO 27K & NCA).
● Introduced use of security metrics to mitigate the vulnerability by analyzing historical threats, addressing risks/gaps/violations, and implementing improved protocols.
● Serving as technical lead in responding to information security events and performance of initial diagnostics.
● Evaluate and recommend new and emerging security solutions and best practices.
● Lead the project of implementation of Multi-Factor Authentication (MFA)
● Performs architecture assessments of systems and networks.
● Implements an enterprise-wide definition of security, establishes and maintains data, network, and system security-related infrastructure, and applications and processes.
● Manage security risk software vendor relationships to improve the use of automated security risk assessment tools.
● Contribute to the definition, development, and oversight of a global security management strategy and framework.
● Perform Change Management, Configurations, Design, and Implementation of Security products & Systems.
● Performs analysis, design, and development of security features for system architectures.
● Perform and manage Onsite Risk Assessments as per process documents.
Leading team of SOC Analyst/Operation team
•Monitor & Analyze security events for suspicious traffic
•Follow-up with customers & vendors to resolve the open issues
•Network & Security device management (administration and configuration tasks)
•Working in SOC and keeping track of day to day security operations.
•Review reports and ensures compliance to security policies and SLAs as applicable.
•Perform in-depth analysis of events and logs for Detecting malicious applications and network activity, Common attack techniques that compromise hosts, Detecting and analyzing system and network vulnerabilities and Continuous process improvement by discovering the root causes of incidents
•Work to resolve major security incidents in conjunction with respective resolver groups. Experience configuring security incident and event management(SIEM) tools including creating event filtering and correlation rules and reports.
•Ability to work with customer and product specialists to weed out false positives and improve efficiency of the Security operations
•Creation of knowledge base which will be used by SOC analysts for performing their roles.
•Development of customized use cases based on the applicable threats to client infrastructure,
•Creation of ad-hoc reports and Dashboards as per customer requirements
•Software/Version upgrade of SOC monitoring tools.
• Maintain and monitor different IT Security systems (Proxy, ACS, AV…)
• Defend the network against Malware, viruses and all threats that negatively impact confidentiality, integrity, and availability
• Managing Anti-Virus (Symantec & Kaspersky) technologies for DC/Campus
• Performing Vulnerability Assessment (McAfee) scans on all the servers
• Executing Patch management system from Security perspective
• Creating & maintaining VPN accounts for operation team and vendors
• Providing daily reports and working on day to day activities/ issues for Security domain
• Providing monthly reports on various technologies as per customer request.
• Managing Mail Gateway and Mail Security (Symantec) and implementing best practices as per customer requirements
• Maintaining and implementing best practices in Web Proxy (Fortinet)
• Worked with various vendors for implementing multiple products & POC setups
• Handle all assigned customer requests within the agreed service level agreement.
Education •