Security
Injazat Data Systems
Total years of experience :15 years, 5 Months
IT Security Professional
Integration and operations of log sources of multiple clients for their compliance and security requirements as an MSSP.
• End to End ownership of the SIEM infra structure.
• Creation of Flex connectors, correlation rules, reports and dashboards creation in ArcSight 6.x for regular operation.
• Security Incident Analysis using cutting edge threat intelligence platforms.
Managing a team of 8 L1/L2 Security (SOC) Analysts and communicating at CISO, CTO and CIO level for Cyber Security meetings, updates and status reports.
Control, monitor and report on Project Scope, Time, Quality, Risk and project performance.
Create and modify use security policy/reports based on various threat alerts and compliance respectively.
Manage configuration of SOC technologies and implement new data feeds or collectors into the SIEM environment.
Develop content / reports for the log sources integrated.
Identify risk and network exposure including those related to malicious programs, viruses, improper system access, unauthorized systems, and improper network use.
Helping Technical Security Services team in conducting logical access review
Conducting self-assessment and risk assessment
Provide Security event management solution using SIEM (EnVision \Arcsight) deployed in client data centers globally.
•Provide security monitoring, analysis, triage, incident alerting and provide operational, management and compliance reports as per PCI DSS/ JSOX norms.
•Installation, administration and management of SIEM Appliances.
• Integration of identified log sources in real time and near real time. Develop parsers/ Flex Connectors for out of box applications.
• Perform inventory validation per log source and provide reports as requested by client.
•Provide a generic weekly report on possible external/internal threats across client platforms.
•Detect, analyze and classify the vulnerabilities for all servers within the Managed Infrastructure and databases into the following categories based on system classification provided by Client.
•Performed vulnerability scanning and remediation recommendation depending on the clients infrastructure
•Implemented process for vulnerability management and Remediation of the vulnerabilities for Managed Infrastructure by coordinating with The Supplier internal teams
•Tracked remediation and re-review to ensure the controls are operating effectively.
•Coordinating/executing change management activities within the windows server O/S and desktops during pre-defined maintenance windows.
•Participated in IT operational change management to agree with relevant IT teams on a patch deployment schedule.
•Perform reporting on a weekly / Monthly / Quarterly basis for Anti-virus, Patch and vulnerability management on all Managed Infrastructure
•Managed and maintained vendor and client relations within Company's network security environment
courses: CISSP - Certified Information Systems Security Professional Certificate Number: 575086 •CA-ACX R12.5: Implementation & Administration •Qualys Guard Vulnerability Management •EC Council Certified Security Analyst & LPT •IBM Certified Associate - Security QRadar v7.0 MR4 •HP ArcSight ESM 5.5 Security Administrator and Analyst
India