Cyber Security Delivery Manager
Capgemini
مجموع سنوات الخبرة :13 years, 0 أشهر
Have experience in managing Cyber security
teams - Network Security (Firewall team),
Vulnerability Management, PAM, MFA, GRC,
Certificate Management, Endpoint and Email
Security
Maintaining the SLAs as per contract
Adhere to incident management and change
management process to avoid SLA breach
Adhere to contractual obligations and reviewing
them with all the team leads as and when
needed
Maintaining weekly, monthly, and quarterly and
CxO reports for client calls
Maintaining client's internal security posture on
monthly basis
DSTUM with team members to track the open
tasks, issues, challenges etc.
Prioritizing and leading security related P1 tickets
on Major Incident Management call depending
upon business impact
Maintaining daily health check reports of
important tools
Creating SOWs for project
Creating resource unit data for billing purpose
Alignment of resources on mutualized and
dedicated account basis
Daily call with onshore Engagement Manager
and Security Manager to be aligned with client's
expectations and daily task
Establish performance goals and priorities
Actively participate in hiring of new team
members, adheres to policies and procedures
Working as an advisory lead for SOC comprises of
Vulnerability Management, SIEM and Firewall
team
Helping SIEM team in the use case creation and
log source integration
Regular inspection of health check related to Log
Sources and adding new devices for better
monitoring coverage through SIEM tool
Enabling the right logs by having regular calls
with different support teams to optimize utilization
of memory and monitoring
Monitoring and ensuring necessary preventive
maintenance tasks carried out to improve
application service
Regular inspection of health check related to Log
Sources and adding new devices for better
monitoring coverage through SIEM tool
Conduct postmortems, create recommendations
from lessons learned, report the identified
successful & unsuccessful project elements
Coordinate with external vendors for hardware
issues in data centers, RFQs for fixing the issue
from the respective vendor
Preparation of SOP or playbook
Generation & formatting of reports for
Vulnerability scans performed
Expertise in different report preparations (Weekly,
Bi-weekly, and Monthly based), Deck call
presentations to the client and the monthly
Roasters for the team
E2E responsibility for incidents and problem
management issues related Security in
coordination with other teams
Assisting VM team in prioritizing the vulnerable
assets, mitigating the risk by patching,
upgrading, and hardening
Liaison with different stakeholders handling Linux
servers, citrix, VDI, internet facing servers to
ensure reported incidents and vulnerabilities are
worked on time
Responsible for the timely completion of work
packages under Red Team Exercise carried out
by CISCO to fill the gaps
Sharing status of each work package,
vulnerability management report, SIEM alert
report with Director of SOC and Project Manager
on a weekly call
Creation of organizational policy document
based on ISO standards to uplift the current
information security posture of the organization.
Configuration of syslog messages on security
devices and forwarding logs to Algosec solution
and Splunk
Troubleshooting failed syslog forwarding to
Algosec tool using tcpdump
Learnt Splunk and had hands-on exp on lab and
client's environment
Helped clients to integrate Algosec with Splunk
Manually added and pushed new rules on
firewall as per the change request
Troubleshoot audit log issue, risk/regulatory
/Baseline compliance and assisting clients in
achieving expected compliance
Investigating log files for errors and warnings and
collecting artifacts for investigation
Investigating and simulating the client's issue in
the lab machine and took further action based
on simulation result
Monitoring the opening of ticket with R&D in case
a bug is suspected
Updating both R&D and clients about the case
status
Allocating cases to Tier 2 Engineers, assisted them
and provided training if required
Setting up weekly calls with clients to discuss the
currents status of the issues, next action plan and
other problematic areas
Monitoring & resolving issues of big and critical
APAC, US and EMEA customers with large
environment.
Designed on premise data center for the
migration of DuPont to Axalta Coating System
project which includes installation of routers,
switches and firewalls into the rack, cabling,
assigning physical IPs
24*7 monitoring of global sites using SolarWinds
Knowledge of routing and switching
Knowledge of VPN - Site to Site and Remote
Access
Conducted Change Management activities under
the supervision of seniors.
Led the installation and maintenance of IBM
System x, HP P-class, C-class Blade Servers,
Gen8 Servers, and Workstations to track
customer's visit for IRCTC DC
Monitored the configuration and installation of
Windows Server 2003/2008 and VMware
ESX3.5i for server virtualization
Installed Broad Vision Application, Oracle 10g
Client, HP RTR, MKS Tool Kit
Conducted Server Health Administration that
includes scanning viruses and routinely checked
antivirus (CA E-Trust, McAfee Anti-virus) status
Checked WSUS (Windows Server Update Services)
Training on Checkpoint Firewall
Tested CA E-Trust, McAfee, and Symantec
antivirus during installation of antivirus server
لقد تم حذف الرابط بسبب انتهاكه لسياسة الموقع. يرجى التواصل مع قسم الدعم لمزيد من المعلومات.