Cyber Security Consultant
KPMG Services
Total years of experience :17 years, 5 Months
1. Malware Handling and Monitoring IDS/IPS and SIEM consoles.
2. Internet Fraud, Phish and Brand Abuse cases.
3. Content Filtering (Email and Web Security) on premise and cloud.
4. End point Security, DLP & Advanced Malware Protection
5. PKI and Certificate Management
6. Security Frameworks and compliance w.r.t ISO 27001 & ISO 20000
7. Knowledge in BCP and DR
8. Vulnerability Assessments
9. Security Administration.
1. Daily reviews of ePO logs and raise Incidents on problematic machines.
2. Review of McAfee .DAT and Product compliance against the agreed standards and action.
3. Review exclusions of OAS and ODS on servers and approve.
4. Provide higher level of support to all Encryption Issues using EFS.
5. Provisioning of internal CA and external Entrust SSL certificates to the servers.
6. Providing support to the issues relating to User and SSL certs.
7. Providing support to the scheduled management of internal and external Certificates.
8. Providing high level of support to Email SPAM related issues.
9. Approving White list and Black list email domains and guiding Filter process.
10. Review white list/Blacklist URL’s, approve and guide URL filtering process in Scan Safe.
11. Perform technical Audit on Service Operations Center when required w.r.t ISO 20000 Security Standards
12. Perform Vulnerability Assessment using Nexpose when required and guide users to patch the high priority risks on various machines.
13. Review of Check Point IPS Logs, Weeding out False Positive alerts, Review and action
Franklin Templeton Investments International Services Center - Hyderabad from
Specialist - Network Operations Security Center. (NOSC)
Security Operations (SOC):
1. 24*7 monitoring of Franklin Networks in terms of Security to ensure uninterrupted conduct of FT
business.
2. Proactive Detection and respond to Suspicious and Malicious traffic to and fro from FT.
Environment.
3. Initiate Incident Response and recommend steps to mitigate the threat.
4. Coordinate with the Server, Desktop and Network support groups to implement changes in the FT
Environment
5. Identifying Assets and Users who are not compliant with the FT policies, potential areas of risk
and raising Compliance requests.
6. Review incidents in progress and revise as appropriate
7. Research the incidents and events and escalate to relevant groups
8. Identify false positives and initiate the Filter Creation Process
9. Create formal incident reports
10. Performs trending/analysis to identify emerging issues that may require tuning of the Monitoring
infrastructure (tools, event sources, reporting).
Network Operations (NOC):
11. 24*7 monitoring of Franklin Networks and its devices in order to ensure uninterrupted conduct of
FT business.
12. Detect and respond to the Network Outages on the Consoles.
13. Eliminate false alarms and communicate to the Business accordingly.
14. Alert ISP’s and site Engineers to resolve the outage and request for RFO’s
15. Report high Network traffic and CPU loads.
16. Coordinate with the Network support in order to implement the changes.
Jun 07 to Mar 10
HSBC - Electronic Data Processing India Pvt Ltd
Assistant Manager - IT Security \{Threat & Incident Management\}
Handling Phishing Cases:
1. Reviewing emails from Customers and take appropriate action on 419 (AFF) emails.
2. Handling Brand Abuse Cases targeting HSBC.
3. Handling Phish cases.
4. Reviewing Web trend reports and reporting any Phishing URL's and Brand Abuse cases
targeting HSBC domain.
5. Reviewing Iron Mail Reports and reporting statistics to business on monthly basis.
6. Taking fraudulent websites (phishing websites) down reported internally or by the customers.
7. Investigate all Phishing attack events against HSBC US, UK or against HSBC group and ensure that appropriate groups are notified.
8. Document Phish for further investigations.
9. Update the Phish URL on Net craft and Digital Phish net.
Vulnerability Alerting & Administration:
1. Reviewing Vulnerability Alerts issued by I-Defense Labs on 24X7 basis.
2. Rating Vulnerabilities in accordance with HSBC Policies based on severities.
3. Technology list updating on VR2.
4. User Account Management and Revalidation of User Accounts on VR2 Module.
5. Following up with the several departments in implement patches and work around for
High impact Vulnerabilities through Incident Tracking.
Vulnerability Assessments:
1. Conducting Scheduled Scans on Various Databases in HSBC Environment.
2. Preparing Detailed Reports.
3. Communicating Vulnerabilities to the System Engineering Team.
4. Ensure that the Vulnerabilities are addressed with proper Work Around, Vendor Fixes and Patches through Incident Tracking.
Malware Handling:
1. Review the McAfee ePO logs on a daily basis, identify suspicious or multiple
detections and follow-up with local support for resolution.
2. Updating out of date .DAT files identified while scanning.
3. Determining a user's USB dispensation status.
4. Analysis of Malware through Virus Total and Sandbox approach.
5. Submit Malware samples to McAfee for .DAT updates
Network Security and Monitoring:
1. Analysis of Alerts generated by the Intrusion Detection System on Site Protector Console.
2. Reporting Suspicious and Malicious events to the concern departments in preparing
defensive action against the fraudulent hosts.
3. Reporting False Positives to the Business in order to tune the IDS Signatures.
4. Initiating Proxy Blocking request for Malicious URL's reported on IDS.
5. Recording Vulnerability Assessments and correlating data with IDS Logs.
Data Loss Prevention:
1. Review content and attachments for all outgoing Mails whose size is more than 2 MB.
2. Report any Data Breach to the Business and take legal actions.
Dec 06 to Jun 07
Brigade Corporation Ltd, Hyderabad from
Technical Support Executive.
1. Trouble shooting of OS and Network related problems
2. Assisting the customers in all the possible ways isolating the issue related to HP
Notebooks and HP Desktops
3. Troubleshooting wireless issues, web cam issues, DVD Drive issues and the remaining
1. Graduation i.e. BTECH in Information Technology from JNTU in 2005
Bachelor of Technology in Information Technology
BTECH - IT