Experience

CyberProof

• United States
• Computer and Network Security
• 200 - 300 Employee

• EDR Platform Engineer

  • Apr 2021 - Present

  • Managing EDR platforms like Crowdstrike Falcon, Cybereason and Windows Defender ATP.• Configuration of policies as per Standard requirement and tunning according to the client environment.• Generating reports on weekly and monthly basis related to Sensors health and detections.• Creating exclusions and custom rules to enhance the efficiency of investigation by reducing the False-Positives.• Troubleshooting the Platform issues related to Sensors.• On a regular basis uploading the IOC’s related to malwares which are active in wild and sweep the network.• Creating Playbooks for automation of actions to be taken by SOC. Show less

• Cyber Security Engineer

  • Apr 2020 - Apr 2021

  • Management of Security tools such as Cylance protect, Cybereason, CyberArk, Mimecast, Cloudflare and Palo Alto firewall/Prisma.• Monitor cloud security platform such as Azure and AWS, performing threat simulations to detect possible risks, monitoring security access, providing security recommendations and work with the infrastructure team towards fixing the issues.• Worked on Mimecast and Tessian to investigate suspicious/malicious emails.• Assisting in proof of concept evaluations of new security devices and services.• Perform deployment activity, upgradation of Cybereason Endpoint tool across install base and mitigate in case of failure.• Monitor, analyze and resolve the security alerts and incidents on daily basis.• Document all activities during an incident and providing leadership with status updates during the life cycle of the incident.• Provide latest security advisory alerts to customers based on the assets list provided by the customer. Show less



Philips

• Netherlands
• Hospitals and Health Care
• 700 & Above Employee

• Security Analyst

  • Aug 2018 - Jan 2020

  • Management of Security tool such as Cylance protect, McAfee EPO Server, Thycotic PAM Solution and Symantec DLP. • Performed real-time monitoring, investigation, analysis, reporting and escalations of security events. • Cylance protect Implementation, support and service validation. • Perform deployment activity, upgradation of McAfee Endpoint tool across install base and mitigate in case of failure. • Generate Endpoint Compliance Reports on regular basis and present it to the Management to define the compliance and coverage. • As the part of an Incremental build, built Virtual Machines in the production environment. • Using YARA tool, trying to identify the pieces of malware if any and proactively monitoring the infra using existing IOC’s. File analysis and email analysis. Show less



ABB

• Switzerland
• Automation Machinery Manufacturing
• 700 & Above Employee

• Information Security Analyst

  • Nov 2017 - Aug 2018

  • Managing client phishing mailbox and corresponding phishing investigations using FireEye NX and Cacti. • Investigation of various use cases including security violations, attempts to gain unauthorized access and brute force login failure cases using Microsoft Azure. • Handling virus infections and Ransomware (WannaCry) cases using McAfee EPO etc. • Coordinating responses with the client Incident response team on high and critical incidents. • Create weekly and monthly reports related to incidents handled. • Documenting SOP's and play books for security incident management. • Collecting required evidence for incident response investigations. Show less



CDC BUSINESS SOLUTIONS LLP

• United Kingdom

• Cyber Security Consultant

  • Mar 2017 - Oct 2017

  • Managing the SIEM tool (Splunk) - rule’s modification and creation. • Investigated alerts for various use cases including malware infection, brute force, domain account creation/deletion events. • Escalated incidents to L3 team when required with complete investigation summary and recommended actions. • Created custom dashboards and reports based on requirements. • Performed risk analyses to identify appropriate security countermeasures. • Reviewed violations of computer security procedures and developed mitigation plans. Show less



EY

• United Kingdom
• IT Services and IT Consulting
• 700 & Above Employee

• Security Analyst

  • Mar 2014 - Mar 2017

  • Experience in access monitoring and Video surveillance tools – American Dynamics Victor, Ccure 9000 monitoring station and Administration panel. • Worked on global projects that oversees security monitoring for US and Canada. • Real time incident management and reporting. • Activation of security smart cards, database management and biometric- enrolment. • Worked with the Security operations team to integrate Physical security devices into SIEM devices primarily Splunk. • Triaging, Assessing and investigating alerts and filtering true positives. • Performed risk analyses to identify appropriate security countermeasures. • Analyzing security incidents and liaising with customers on security instructions. Show less