Security Services Manager
London Stock Exchange Group
Total years of experience :27 years, 3 Months
DevSecOps
Responsibilities:
• Managing and maintaining a highly skilled, eficient and efective team of Cybersecurity Analysts in meeting the MSSP SOC requirements.
• Triaging and Responding to alerts from the various monitoring/detection systems and platforms within defined SLAs.
• Developing detailed processes and procedures to Analyze, Respond and Escalate cyber security incidents.
• Participate in Agile Scrum meetings representing InfoSec, collaborate with other infrastructure, DevSecOps and application engineers to understand the product, technology and business needs.
• Ensuring a comprehensive and smooth hand-over between the global teams as shifts end and begin.
• Monitoring security appliance health and perform basic troubleshooting of security devices. Notify security Engineering/Onboarding teams for malfunctioning equipment.
• Analyzing malicious artefacts obtained from network monitoring with a focus on generation of new threat intelligence feeds and service improvement.
• Definition and follow up of incident reconstruction plans
• Malware analysis, reverse engineering, Deals with incidents from L2, L3 and check of applied recommendation for L3 incidents
• Performance management, guidance and development of the Cybersecurity Analysts.
Security Delivery
Tools: ITRM, ISMS, Security Policy Document
Responsibilities:
• Possesses comprehensive knowledge of business processes, tools, security, risk and policies and a broad background in helping others to
interpret security requirements.
• Participate in DPE driven management meetings where strategic operation of IT security is discussed.
• Implement and maintain security policies, Services and procedures
• Ensure and track Policy Exceptions, Amendments and Security change management are in place for violations/deviations of policy.
• Conduct risk assessments to identify and prioritize potential threats and vulnerabilities.
• Perform spot and periodic security controls, security process and Security Policy document.
• Handling multiple teams/Groups, chairing weekly & monthly meetings on Security Operations and review of Technical Security controls.
• Rendering Subject Matter Expertise during client meetings and consultative security expertise to support the client in making key decisions in the area of security
• Acting as single point of contact for all security-related activities for the client account; liaising with clients, and analyzing risk statements related to deviations from Security Policy
• Ensure executing security health check on OS and application systems against IBM security standards
• Conducting risk assessment by evaluating vulnerabilities, threats, loss & impact, and providing security recommendations
• Identifying new security technologies & practices and recommending additional security services as required
• Holding regular policy review meetings with client to present tracking & reporting of activities
• Streamlining configuration items, security logs and alerts from all platforms to support analysis of the event trigger, Security policy exceptions and hardening the efected information assets
Previous Employment Details 4:
Organization: Genpact India, Hyderabad Period: Aug 2015 to March
Designation: Senior Security Analyst Project: Security Operation Centre
Tools: Logrhythm and Splunk
Responsibilities:
• Developed & deployed process for all security incidents in Security Operations Center; worked on Advance Threat Analytics using Fire Eye Tool
• Implemented plan of action for FireEye critical alerts, IDP signature logs, phishing mails and spam mails
• Used Splunk as security information and event management for log repository
• Conducted network trafic analysis for malicious activities like Malware, Botnet, & Backdoor, as well as defined remediation steps for critical Virus Alerts, Host based IDS Alerts, Spam/Phishing Mails, IDS/IPS Logs and Proxy Trafic
• Performed vulnerability scanning using McAfee Vulnerability Manager; managed critical alerts from Symantec End Point Antivirus
• Steered Application Whitelisting Services with Carbon Black Software and all security incident reporting &trend analysis on monthly basis
Designation: Network Security Engineer Client:Multi Clients
Responsibilities:
• Addressed SIEM tickets, analyzed suspicious events generated through SIEM, and coordinated with concerned teams on SIEM tickets
• Maintained antivirus section of the network up to date with current versions of antivirus software, latest signatures and relevant documentation
• Worked on Cisco Access Control Server (ACS 4.1), Cisco Security Agent (CSA) and Cisco Security Monitoring, Analysis and Response System (CSMARS)
• Performed installation/upgrade of antivirus server and provided end point security with Trend Micro Ofice scan
• Managed Trend Micro Products - IWSS, IMSS, Control Manager and IWSVA and web security using Trend Micro InterScan Web Security Virtual Appliance (Proxy)
• Configured & troubleshot Checkpoint and ASA Firewalls, as well as Checkpoint Firewall in IPSO, Secure Platform and GAIA Platforms
Special diploma electronics and communication engineer A 3 years 6 months course Covers Electronics and communication Computer Networks Programming languages Mathematics