Deloitte (USI), Bengaluru Aug '21 – Present
Skills: Trend Micro (Apex, OfficeScan, Deep Security), Dell Cylance, Tanium, FortiSOAR, Carbon Black, ITSM: Cherwell
Responsible for the migration and implementation of Trend Micro as the new AV in the client infrastructure with a size of 100K+ machines (Workstations/Server/Laptop/Virtual Machines).
Administrating security solution exceptions, agent updates, patches, and configuration changes.
Ensuring that the endpoint security protection in the infrastructure is up and running along with timely delivery of all deliverables for reporting and governance purposes.
Assisting AV team in responding to the technical queries and complex troubleshooting calls as solution SME.
Supporting in firm contribution for internal Deloitte teams/individuals to upskill and cross learn emerging technologies in Cyber by providing them knowledge as a trainer/mentor.
PricewaterhouseCoopers (PwC India), Bengaluru July '19 – July '21
Skills: Endpoint Security Products: Cylance (EDR), Windows Defender Firewall, McAfee ePO, ITSM: ServiceNow (SNOW)
Successfully deploying EDR solution on 180K+ devices over 150 countries includes laptops, workstations, and server-class machines in strategically planned phase along with the policy use case configuration.
Handled administration of EDR Agents along with stabilizing and creating services documents for the Operations.
Structured policies, developed plans, and processes around security applications for monitoring and governance for avoiding security breaches.
Shaped daily, weekly and monthly operations activities for the service providers as per their KPI.
Formed deployment strategies for Business Units for migrating from current legacy AV to the EDR solution in a phased planned approach
Undertaking threat hunting from various searches/investigations, Indicators of Compromises (IOCs), log sources, in case of any security event, and mitigating any environmental threats.
Performing Root Cause Analysis (RCA) and identifying the chronology of events for the incident that occurred to make sure the organization protection and incident response are active.
G'Secure, Gateway Group, Ahmedabad Jan '18 – June '19
Skills: SIEM – (Splunk, Sumo Logic, ELK Stack), EDR – [Falcon (CrowdStrike), Cylance (Blackberry), CounterTack (GoSecure), Digital Guardian, Secdo (Palo Alto)], Sophos XG Firewall (XG310)
Implementing SIEM’s for the Client along with configuration and fine-tuning based on the required use cases which help in monitoring the events and mitigating the incidents for the Client’s and creating a custom Dashboard as needed
Conducting Vulnerability Assessment for the Organization to figure our security holes in the Infrastructure.
Creating and executing security policies, plans, and procedures for the network and other communications systems
Developing plans to safeguard computer files against accidental or unauthorized modification, destruction, or disclosure and to meet emergency data processing needs
Structuring policies about computer security, installing security software, monitoring networks for security breaches, responding to cyber-attacks, gathering data and evidence to be used in prosecuting cyber crime
Conferring with users to discuss issues such as computer data access needs, security violations, and programming changes
Redefine Technologies, Remote Jan '16 – Oct '17
Skills/Tools: McAfee – ePO, SIEM - DNIF
Monitor computer networks and systems for threats and security breaches.
Prepare reports on security alert generated and provide technical advice to clients and/or training employees in security awareness and procedures.
Wipro Technologies, Chennai Jan '15 – June'15
Worked on Infrastructure Security-related Tools and Technologies :
SIEM : ArcSight ( L1 ),
Checkpoint Firewalls and VPN ( L1 ),
McAfee Antivirus Endpoint Protection Solution - EPS ( L1 ),
Windows Provisioning ( L1 ),
UNIX Provisioning ( L1 ),
LDAP Provisioning and Operations ( L1 ),
Security Log Monitoring ( L1 )