Sr security risk analyst
Snowflake
Total years of experience :14 years, 10 Months
I am working in IT Risk management team as an Authorized officer. Performing Gap assessment, Risk assessment and performing Risk mitigation techniques to timely assess and identify risk and reduce it to acceptable level.
Scanning databases and other depository for the client confidential Data, PII data to make sure of data compliance requirements.
Information security audit consultant working for a Government project . Assisting in implementing ISO Security controls, IT general controls, performing GAP assessment, implementing NESA security controls. Risk assessment activity, managing Risk register. Policy and procedures review, writing InfoSec policies for the organization.
i am working as an Information security manager, implementing ISMS and ISO 27001 policies across organisation, working in governance risk and compliance
➢ Wipro InfoTech Pune Dec 2013:
I Joined Wipro as Technical Lead L3 for Network & Security.
Currently I am working in a Business IT team and working for BFSI domain. My role here is Associate Consultant. Major role is to understand client's requirement and accordingly providing them solution to build their Offshore development center in India. We need to understand their connectivity and other hardware requirement and reaches to vendor and internal procurement team to fulfill the needs.
We also need to design their high and low level Network diagram which indicates how the connectivity will established. After approval it will reach to our Operations team, where we guide them how to establish the connectivity. Ours is overall role from the first point of interaction with client till the ODC been established.
Prior to this: I was working in a project in which client is an International Finance and Insurance leader.
I used to manage a team of 5 people and was handling Network and Security issues.
In phase 1 we were implementing the device in a new ODC.
Configuring lease line and MPLS Router, and user defined Firewall.
Later we used to implement VPN between client ODC to onsite location and assisting users to connect to their remote servers located onsite through IPsec VPN client and SSL VPN.
➢ Tech Mahindra (Pune) (September 2012 - December 2013):
I Was Working at Credit Suisse, on the payroll of tech Mahindra, as a Security Analyst.
Under the project as follow:
1) Derivative Connectivity Review.
2) Global Firewalls Rules review process ( Audit Review)
We had to verify all the Rules created at America Firewalls and check the hit counts on it and accordingly we have to delete/ remove or remediate the rules and thus optimize the Firewall. Rules review process actually includes serious monitoring and verification of the rules, so that the unwanted rules (which is not is use currently) shall be removed by taking necessary Approvals.
➢ Orient Technologies Pvt. Ltd (May 2011- August 2012):
➢ I was working as Technical Consultant for Network and Security. Handling Techno commercial role for Fortigate, Checkpoint, Palo Alto, Cisco ASA and Juniper Firewalls. Providing Technical Solutions to end customers related to their Networking and Security Issues.
➢ Implementation part was handled by me for new clients. I have worked with Fortigate, Checkpoint and Palo Alto Firewalls.
➢ Dealing with tickets generated by clients and accordingly works on configuration of the Firewalls.
➢ Firewall auditing, strengthening the policy, Firewall clean up.
➢ I was handling Network Designing and Solution Architecture role.
➢ Educating customer with new Technologies.
➢ Provided training to the customers about the implementation and device management.
➢ Ingram Micro India LTD (June 2010- May 2011):
➢ Joined as Sr. Associate Product Support Engineer
• Managing firewall and implementing policies as per customer request by following the change management process.
• Dealing incident management process.
• Firewall Auditing: cleanup & optimization of rules (scripts)
• Firewall patching & Hardening - Fine tuning of policies - Incidence response & management
Taking backups of configuration on routine basis
• Managing the rule base and policies of the Juniper firewalls (SSG 20, SSG 320, SSG 550M SRX JUNOS)
• Handling change management as per customer requirement
• Day-to-day operational support and maintenance of Network and security devices
• Configuring Juniper firewalls (SSG 20, SSG 320, SSG 550M SRX JUNOS) in HA mode for redundancy and fault tolerance
• Building and implementing security policies for the network using and Cisco ASA 5500 Series and Juniper SSG series firewall
• Taking regular backups of firewalls and applying upgrade patches
• Configuration & managing VPN, IPSec tunnels in Juniper firewalls (SSG 20, SSG 320, SSG 550M SRX JUNOS) and Cisco ASA 5500 Series firewalls
• Interaction with other departments and teams for implementation of new services and or changes to current architecture.
➢ STP Systems India PVT LTD (July 2009- June 2010):
➢ Joined as Network Security Engineer and worked with Network security devices like Routers, Firewalls and UTM devices.
✓ Worked with Fortigate, Juniper (SSG 5, SSG 20, SSG 320, SSG 550M SRX JUNOS), sonic wall firewalls.
✓ Worked with Cisco, D-link and Foundry (Brocade) switches.
✓ Worked with Cisco enterprise level Routers and all other networking devices.
➢ Joined D-Link India LTD in Aug 2008 as Network support Engineer for all D- Link devices.
(Aug- 2008 - June 2009)
✓ In D-Link I worked with Layer 2 and 3 Switches, ADSL and Cable Modems.
International MBA in Information technology from United Business Institute, Belgium (2012) (Distance Learning)
B.E. in Electronics & Communications from Bansal College of Engineering Bhopal (2007)