Abhinaya N G
Bengaluru
Summary
Information security professional with solid foundation in safeguarding organizational data and systems. Known for analyzing and addressing security vulnerabilities in dynamic environments, resulting in enhanced security posture. Valued team player with focus on achieving results and effectively adapting to evolving security challenges. Proficient in risk assessment, threat management, and policy development.
Overview
5
5
years of professional experience
1
1
Certification
Work History
Senior Information Security Analyst
Skill mine Technology Consulting Pvt Ltd
09.2020 - Current
- I have a comprehensive understanding of Vulnerability Management Operations in the infrastructure security part and a proven track record of successfully onboarding many Entities/OPCOs into Qualys for vulnerability scanning.
- As part of the job, I am solely responsible for Entity onboarding requests, in which I reach out to the POC with the list of questionnaires, schedule a kick-off call with the Entity, create new Networks, Domains and Asset Groups for the Entity in Qualys and also help in deploying a new scanner appliance for further performing Network based scans if required.
- Deployed a new Qualys Network Scanner Appliance promptly, which helped the entity resolve the scanner appliance offline issue.
- Handled complete Qualys User Management for users both within the team and for other Entities - Creation of the user accounts, modification of the existing user accounts, account deletion, password resets, and enabling SAML for Qualys login through OKTA.
- I have proactively worked to detect, assess, and remediate vulnerabilities in SPE information systems to maintain an adequate security posture.
- Performed vulnerability scans to detect vulnerabilities in SPE information systems. Here, vulnerability scans were performed internally as well as externally. Vulnerability scans will be conducted on the network, host, and application levels.
- Create and track issues with the Qualys Technical support team and schedule Bi-weekly calls with the TAM from technical support to discuss and resolve outstanding technical issues.
- Handled Server and Workstation decommissioning through created incidents and change requests from various entities in ServiceNow, which is a ticketing tool used to set up systems that define, manage, automate, and structure IT services for companies.
- Creation of report templates, search lists, and option profiles, scheduling new vulnerability scans and reports as per the requirements of the Client.
- Asset View Dashboard handling based on specific requirements – Creation, modification, and deletion of new widgets to the dashboards. Created Vulnerability Metrics dashboard for each entity for both Subsidiaries & Corp IT teams.
- Regular onboarding of new websites into Qualys for vulnerability scans, update requests, decommissioning requests, and scheduling cans, monitoring critical severity 4 and 5 vulnerabilities using Qualys WAS.
- Worked on policy exception or extension requests for vulnerabilities submitted by each technology owner or delegate.
- Created various Standard Operating Procedure documents containing step-by-step instructions to guide the team members on how to perform a technical, repetitive process within our organization.
- Maintaining full visibility and security control of instances and VMs that are spun up and down quickly and frequently using Total Cloud, Global Asset View, and Cloud Connectors modules.
- Continuously worked on monitoring and assessing multi-cloud services and resources for active exploitation, malware, and unknown threats within the organization using the Total Cloud module in Qualys.
- Started cloud coverage activity from scratch and worked on connector reconciliation and QCA deployment on all the active AWS accounts to monitor the vulnerabilities present. Created connectors for all the AWS accounts and removed connectors for the decommissioned accounts.
- Worked on Qualys Cloud Agent and EC2 instance end-to-end process, for both Green Field/Brown Field cloud accounts to deploy Qualys and monitor the vulnerabilities on the cloud accounts. Since this was a very manual and tedious task, I automated this 8-hour-long weekly report using Splunk and Power BI.
- Contributed actively to other projects apart from daily business as usual activities such as “Vulnerability Prioritizing Remediation using AI/ML” which was a use case where Artificial Intelligence / Machine Learning concepts can be implemented to reduce the manual efforts of prioritizing and remediating vulnerabilities and increased the efficiency in managing overall security posture.
- Active participation in another project from proof of value to production for a new Cybersecurity Asset Management (CSAM) tool called the Axonius, this tool provides unprecedented levels of visibility and control for all assets in any organization’s IT estate, as well as any SaaS applications used by employees, contractors, and authorized third parties.
- Vendor: SONY India Software Centre Pvt Ltd
Education
Post Graduate Diploma - Cybersecurity
IIIT Bangalore
Bangalore01.2023
Bachelor of Engineering -
Visvesvaraya Technological University
Bangalore01.2020
Intermediate -
Schoenstatt St. Mary’s Women’s PU College
Bangalore01.2016
Matriculation -
Schoenstatt St. Mary’s High School
Bangalore01.2014
Skills
- Infrastructure Security
- Qualys - Vulnerability Management Detection and Response
- Total Cloud
- Global Asset View
- Asset View
- Web Application Scanning
- Cloud agent and Connectors
- Web Application Security
- Cloud Security
- Service Now
- Threat Intelligence - Recorded Future
- Axonius - CSAM Tool
- Standard operating procedure documentation
- MS Office Applications (Word, Excel, PowerPoint)
- Threat intelligence
- Compliance monitoring
Certification
- AWS Certified Cloud Practitioner Certification (CLF-C01)
- Qualys VMDR
- Qualys WAS
- Certified Ethical Hacker (CEH) - Pursuing
Accomplishments
- Ability to lead client meetings and communicate in a professional and upbeat manner.
- Corporate level Information security awareness and training.
- Spot award for my outstanding performance in Sony for the first quarter of 2021.
- Best enabler award for my outstanding contribution in the “Vulnerability Prioritizing Remediation using AI/ML” project in the year 2022.
- For the same project, I also received an Infosec annual award at Sony, 2022.
- Received best employee of the quarter award for automating an 8 hour long weekly report to 20-25 minutes report using Splunk and Power Bi, 2023.
- Received appreciation from clients on deploying new Qualys Network Scanner Appliance at a timely manner which helped the entity resolve the scanner appliance offline issue.
- Proactively worked to detect, assess, and report vulnerabilities to the Entities which in turn helped to remediate the vulnerabilities quickly.
LANGUAGES
English
Malayalam
Tamil
Kannada
Hindi
Telugu
Disclaimer
I hereby declare that the above information given by me is true and correct to the best of my knowledge. Abhinaya N G Information Security Analyst
Timeline
Senior Information Security Analyst
Skill mine Technology Consulting Pvt Ltd
09.2020 - Current
Post Graduate Diploma - Cybersecurity
IIIT Bangalore
Bachelor of Engineering -
Visvesvaraya Technological University
Intermediate -
Schoenstatt St. Mary’s Women’s PU College
Matriculation -
Schoenstatt St. Mary’s High School
Similar Profiles
Srikanth Reddy ThangellaSrikanth Reddy Thangella
Zscaler Engineer at Skill-Mine TechnologyZscaler Engineer at Skill-Mine Technology
Swanson NakkaSwanson Nakka
Process Lead at Skill Mine For ICICIProcess Lead at Skill Mine For ICICI
Kartikeya Pati TripathiKartikeya Pati Tripathi
Sr. Business Development Specialist at Skyquest Technology Consulting Pvt. Ltd.Sr. Business Development Specialist at Skyquest Technology Consulting Pvt. Ltd.
Ankit RajAnkit Raj
Technology Account Manager at IBMTechnology Account Manager at IBM
Lavanya JoshiLavanya Joshi
Program Manager at Amazon Development CentreProgram Manager at Amazon Development Centre