Vedasai V

Skills

Technical Skills:
SIEM Tools: QRadar, Splunk, Symantec MSS
EDR: Crowd strike, MS-Defender ATP, Mcafee, Cylance, carbon black
Security/Vulnerability: Snort, Wireshark, Insight Vm Nexpose, Nessus, Qualys Appscan, Web inspects, Fortify
Firewalls: Checkpoints, Palo Alto next gen PA820, PA3200, PA220 FortiGate 1500,3600,3700
Compliance: SOX (CoBIT, Coso) PCI, NIST SP 800-53,53A, HIPAA, HITRUST, MARS-E 2.0, FISMA
Networking Protocols: TCP/IP, HTTP/HTTPS, SSH, SSL, DNS, SNMP
Networking Monitoring: Routers, Switches, Load balancers, Cisco VPN, NAC/NAP
Email Security Tools: O-365 Suite, Barracuda-spam firewall, Guava-E-mail Filtering Service
MFA & SSO: Ping Identity (Ping-one, Ping-Federate)
Encryption: Two fish, Blowfish, AES
Threat Management: Fire eye, MacAfee _epos & Hips, Websense, I prism (URL filtering service), Fortinet’s
Network Monitoring: ScienceLogic, Solar winds (NPM, SAM)
Patch Management: Lumension-Prism, SCCM
Operating Systems: Linux (kali Linux, red hat Linux), Windows
Ticketing Systems: Service Now, Remedy, Heat, Clarify
DAM: IBM Info Sphere Guardium
DLP & EDR TOOLS SYMENTEC, digital guardian, McAfee

About

Professional Summary:
• Eight plus years of experience in IT Security design & planning operations in Threat Detections, SIEM, Vulnerability Assessment& AWS & Azure cloud services, Incident Response, and Forensics IOC Engineering, Sandboxing.
• I'm an enterprise cybersecurity professional with experience in software engineering, integration & automation, information systems & technology, research & development, and technical writing.
• Security re-engineering plan simulator of Security incident response plan for American Honda Motors, Delta Dental corporation& State of Ohio
• Involved in designing network segmentation project for ISP Change from ATT to Verizon
• Custom rule set creations for SIEM platforms (Splunk, Qradar, MSS)
• Super Admin for SIEM Facility (QRadar), vulnerability management (Rapid7-insight vm Nexpose), Threat Management (Fire Eye) And Email Security (Baracuda, Guava), solar winds (NPM, SAM)
• Perform Compliance based scanning and assist with compliance auditing to ensure customer networks conform to all relevant compliance standards, including FERC Wing (NERC segment-Compliance & Enforcement-section 215(e) of the Federal Power Act as well as 18 C.F.R. §39.7) NIST-800-53,53a access controls.
• Framework familiar with are NIST, CIS - CSC, CoBIT, HIPAA, CoSo, ISO,
• Experience in risk control and assessing third party critical assets for any potential vulnerabilities and threats.
• Familiar with FIPS 199, FIPS 200 & NIST Special Publications 800-30 & 37, 800-39, 800-53A & Rev4, 800-60, 800-70, 800-115, 800-137, and CSF framework etc.
• Identifying threats, vulnerabilities and gaps in the design and on-perm and cloud environments before it is implemented.
• Experienced with Vulnerability Scanning tools like Nessus, Rapid7 and Qualys cloud-based scanning
• Implemented and Maintained SIEM infrastructure using QRadar and Splunk
• Deploying CLOUD agent-based scanning using Qualys
• Architect of Sec-Ops team for Incident Response plans and layouts
• Automation (AD-Hoc) integration for client phase tools to SOAR, EDR, MDR Tools
• Network Hardening processes performed by the infrastructure teams and performed.Hardening Validation testing
• Good understanding of disk dissection & memory issues as part of Incident Response
• Involved in enhancing the stature of the project by initiatives like Threat Modelling, Compliance awareness Security sessions, Dormant & Never Logged IDs clean-up
• Good Knowledge in SAML-Ping Federate Servers & ping one MFO & SSO’S add on extra Authentication for secure Re-Direction of applications
• Worked on SAST and DAST tools to check the potential of application and SAST for white box testing
• Manage a team across the world performing vulnerability assessment on web and mobile applications before each release
• The team reviews both SAST and DAST results to identify critical and high exploitable vulnerabilities with a 7-day SLA from receiving submission to reporting
• Leverage security tooling automation to identify low risk releases and support CI/CD
• Building a best-in-class team by maturing the people, process, and technology with a data-driven approach
• Good knowledge in monitoring and management system that performs discovery, dependency mapping, monitoring, alerting, ticketing, run book automation, dash boarding and reporting for networks, compute, storage and applications.
• Maintain proper auditing standards of SSAE 16, ISAE 16, SAS70, AT101
• Good knowledge in compliance requirements and understanding of SERIES standards based on (NVD) National vulnerability databases
• Good exposure to System/Network Analysis, Intrusion Detection, and Malware Analysis
• Involved in managing documentation to support IT security processes
• Provide root cause analysis and remediation techniques for management regarding security incidents and governance documents
• Good knowledge of threats analysis and remediation efforts about Intrusion prevention and penetrations
• Good knowledge in writing Firewalls rules and reviewing in seem, and Database Activity Monitoring (DAM)
• Ability to identify network and application vulnerabilities and create a remediation plan
• Good Understand of OWSAP Top 10 and SANS vulnerabilities.
• Knowledge of networking concepts - LAN/WAN, TCP/IP, Routing & Switching and OSI Layers
• Strong troubleshooting, reasoning, and problem-solving skills.