AMIT Kumar
Cyber Security Professional
Chennai,TN
Summary
Experienced Information Technology Manager well-versed in Incident Response, Cyber Threat Intelligence, Malware Analysis, Host forensics, Network security, Incident management and Security operations with 17 years of experience in IT. Recognized for operational streamlining and positive leadership style.
Overview
18
18
years of professional experience
5
5
years of post-secondary education
Certification and Training
CrowdStrike Certified Falcon Hunter (CCFH) - 2024
Microsoft Certified: Azure Security Engineer Associate – AZ500 – 2023
CrowdStrike Certified Falcon Responder (CCFR) - 2022
CEH: Certified Ethical Hacker V11 2022
SANS: Intrusion Detection In- Depth Completed in 2022
SANS: Malware Reverse Engineering Completed in 2020
Education
Executive MBA -
Loyola Institute of Business Administration
Chennai, India 01.2013 - 04.2015
B. Com Computers - undefined
Osmania University
Hyderabad, India 01.2004 - 04.2006
Skills
SIEM - Qradar
SOAR- Resilient
EDR -Symantec EDR, CrowdStrike
Network Forensics and Network Security- Wireshark, TCP Dump, Scapy, tshark, Snort, Zeek, Cisco Firepower IPS, SiLK, Observer, Familiar with writing IDS/IPS rule
Malware Analysis - Proficient in Static, Behavior and Interactive Behavior analysis
E-mail Forensics - Header analysis, Attachment analysis
Host Forensics - Redline
Memory Forensics - Volatility, FTK Imager
E mail Security Solution - Symantec, Mimecast, Proofpoint, Cofense
Cloud Security - Azure Cloud Security, Wiz IO, AWS Cloud Security
Operating Systems - Windows family, Linux
Threat Intelligence
Endpoint Protection
Security Awareness Training
Incident Management
Incident analysis
Work History
Incident Response Manager
Genpact
10.2022 - Current
- Manage a cross functional incident response 24/7 team.
- Manage the operations providing incident response/investigation and remediation support for security alerts/incidents
- Works towards achieving the defined goals by the leadership
- Help identifying relevant use cases, design detections and playbooks for the response process
- Leverages emerging threat intelligence (IOCs, updated threat scenarios, etc.) to identify affected systems and the scope of the attack
- Provides support to the team for complex computer/network exploitation and defense techniques to include deterring, identifying, and investigating computer and network intrusions
- Performs research into emerging threat sources and develop threat profiles
- Perform root cause analysis of critical incidents and conduct lessons learned with the team
- Document key risks post incident closure and drive remediations
- Perform simulation exercises with team for process assessment
- Work with internal and external audit teams.
Incident Response Team Lead
Ford Motor Company
01.2021 - 09.2022
- Manage an incident response team
- Hire and Train new talent
- Proactively monitor the environment to detect and implement steps to mitigate cyber-attacks before they occur
- Review, investigate, and respond to real-time alerts within the environment
- Protecting from Social engineering attacks like Phishing, Spear Phishing, Smishing
- Monitor Firewall /IPS alerts and investigate accordingly
- Work on Cloud Security alerts on Azure and Google Cloud Platforms
- Monitor online security-related resources for new and emerging cyber threats
- Help to deliver cybersecurity awareness training
- Develop playbook/ procedure to streamline the process
- Collaborate with global teams on critical incidents, and coordinate with Cloud or Application team to implement strong security controls.
SOC Analyst
Ford Motor Company
07.2018 - 12.2020
- Respond to enterprise computer security incidents, record and report incidents through real-time monitoring and analysis
- Follow Cyber Kill Chain Model to detect and react to Security Incident
- Perform incident response investigations, containment, and root cause analysis
- Phishing e-mail analysis and take necessary mitigation and remediation steps
- Host and Memory forensics using tools like Redline, FTK Imager and Volatility
- Malware Static, behavior and code analysis including detailed technical analysis of malicious e-mail attachment, Executable analysis and behavioral analysis of Malware samples
- Work on Cloud Security alerts on Azure and Google Cloud Platforms
- Monitor Firewall alerts and investigate accordingly
- Monitor end point alerts and perform host forensic as per requirement
- Develop use cases for standard operations for Cyber Defense Center.
Threat Intel Analyst
Ford Motor Company
04.2017 - 06.2018
- Provide cyber risk and threat identification by proactively and continuously monitoring the internal and external landscape for relevant events, risks and threats related to malicious code, vulnerabilities, and attacks
- Tracking potential threats associated with attempted intrusions, network & host-based attacks, and coordinating incident response efforts with Detection and Response team
- Acquiring threat intelligence and technical indicators from external sources
- Produce Threat Intelligence Reports, providing detailed analysis on cyber events, including relevant political, economic, and geopolitical variables
- Determine root cause of identified anomalous and or malicious activity through analysis and report generation as applicable in accordance with organizational computer network directives
- Collaborate with external entities and authorities to collect and share Indicators of Compromise (IoC) and discovered intelligence
- Collaborate with Incident Response and Threat Detection personnel for the investigation and remediation of identified threats
- Watching the internet for emerging threats
- Investigating materials on the Internet.
Data Modeling and Quality Assurance
Ford Motor Company
04.2012 - 03.2017
- Create Data Model of vehicles to be launched as per schedule using DMTT tool
- Perform Quality assurance on Data Model created using Automatic Static and Configuration testing
- Create test cases for Data model testing
- Coordinate with upstream and downstream teams for timely launch of vehicles on Ford Websites.
Collection Analyst (Non-IT)
Ford Motor Company
07.2010 - 03.2012
- Download various receivable reports for different Ford Business unit
- Analyze the report to know Receivable status against different business unit and send follow up e-mail for Aged payable items
- Upon receiving of payment perform the cash application activity
- During month close, process the accrual entry for cash in transit or goods in transit in People soft.
Debit Balance Analyst
Ford Motor Company
01.2009 - 06.2010
- Download various reports and analyze it for finding the reason for supplier in debit balance
- Recovery of money form supplier through various means which includes processing of manual Debit and credit memo to offset the debit from future payment and in case of supplier without a future payment, contact them for recovery
- Handle e-mails and calls received from supplier and customers
- Schedule monthly meetings with customers and suppliers to discuss various issues
- Work with Receivable team to account refund check received from supplier
- Providing important reports like status of supplier's debit balance and future payments to other teams
- Perform the reconciliations of Refund account and Expense account on daily basis
- Prepare and present monthly Metrics to the management
- Calculate the reserve and process the Journal entry in People Soft.
Payable Analyst
Ford Motor Company
01.2007 - 02.2009
- Primary responsibilities were processing of Utility invoices with TAT of 3 days
- Handling any query mails and calls regarding payment from supplier with TAT of 1 day
- In case of any discrepancy in invoices, contact the required person (Buyer, requestor, Approver or Supplier) to solve the issue
- Circulating daily Metrics to team and Management
- Preparing monthly metrics and present to management.
Timeline
Incident Response Manager
Genpact
10.2022 - Current
Incident Response Team Lead
Ford Motor Company
01.2021 - 09.2022
SOC Analyst
Ford Motor Company
07.2018 - 12.2020
Threat Intel Analyst
Ford Motor Company
04.2017 - 06.2018
Executive MBA -
Loyola Institute of Business Administration
01.2013 - 04.2015
Data Modeling and Quality Assurance
Ford Motor Company
04.2012 - 03.2017
Collection Analyst (Non-IT)
Ford Motor Company
07.2010 - 03.2012
Debit Balance Analyst
Ford Motor Company
01.2009 - 06.2010
Payable Analyst
Ford Motor Company
01.2007 - 02.2009
B. Com Computers - undefined
Osmania University
01.2004 - 04.2006
Languages
English
Advanced (C1)
Hindi
Bilingual or Proficient (C2)