ARPITA DUBEY
INFORMATION SECURITY SPECIALIST
Pune
Summary
Experienced Information Security specialist with a proven track record of enhancing organizational security posture through the implementation of robust information security measures. Proven expertise in identifying, assessing, and mitigating security risks. Seeking an opportunity to contribute my skills and knowledge to enhance the cybersecurity posture of a dynamic organization.
Overview
8
8
years of professional experience
Work History
Information Security Specialist
Deutsche India Private Limited
01.2022 - Current
- Driving Vulnerability Management program within the
organization - Tracked compliance across the software development lifecycle.
- Conducted regular vulnerability assessments using Nessus,
Veracode, leading to a significant reduction in high-risk
vulnerabilities. - Collaborated with cross-functional teams to develop and
implement effective security measures aligned with industry
standards. - Responded to and mitigated security incidents, ensuring
minimal impact on business operations. - Threat Assessment framework – Implemented a threat
assessment framework for Bank - .Threat assessment – Identifying and reporting vulnerable
host machines upon informed by threat intelligence (SOC)
team. - Generating regular reports for Senior Management,
encompassing Security Training, Vulnerability Management,
and Patching updates. - Collaborated with auditors, acting as a liaison, and
overseeing issue closure. - Coordinating and monitoring the resolution of tickets/findings in critical areas, including IT Operational and Information Security Risks, Control Self Assessments, and Internal/External Audit findings
- Engineered , maintained and repaired security systems and programmable logic controls.
- Managed information system regulatory compliance to meet updated guidelines.
- Collabarated with IT department members to minimize exploits on system coverage.
- Managing Configuration Audit processes.
- Managing migration from Tiggs (in-house tool) to Brinqa.
- Managing Disaster Recovery process for our in house tool.
Support Analyst
Nomura India Services Pvt Ltd
5 2019 - 01.2022
- User access management lifecycle
- Worked as a part of Identity and Access Management team and performing Provisioning, Deprovisioning, Reconciliation and Recertification as per defined guidelines
- Handled Application onboarding for IAM domain
- Provided training on newly onboarded applications to the team members
- Worked upon requirement gathering to onboard all the applications on a Centralized Access central platform
- Used Database and SQL queries to fetch data and perform testing
- Handled Joiner, Leaver and Transfer (JLT) activity (Inter & Intra Region Transfers)
- Managed access rights to more than 400 applications
- Good knowledge of Incident/Change/Problem management problem (ServiceNow)
- Hands on experience in doing RCA, Ticket response, SLA compliance and support processes
- Handled infra and application breaks (part of reconciliation process)
- Analysis on extra access in application, database and resolving them
- Managed 3rd party applications
- Handled RSA token assignment to users
- Managed seed file assignment for vendors
- Managed SFTP creation for vendors for file sharing
- Faced audits specific to Identity and Access Management.
Analyst- IT Security
PPMS Networks Pvt Ltd (Project- Nomura)
03.2018 - 05.2019
- Handled Nomura Services Pvt Ltd’s Identity and Access Management team as Consultant for above mentioned role.
Engineer- EUS (L1)
MicroLand LTD (Project- Kotak Life Insurance)
10.2016 - 03.2018
- Creation of User IDs, generic IDS & DLs in AD & Microsoft Exchange 2008(R2)
- Modifications in DLs & User IDs (Addition/Removal/Account Extension/Password Expiry)
- User access management in Exchange Server 2008 (R2)
- Application Management: ID creation, deletion & access management in below applications: Life Asia, Group Asia, MKL, Content Manager, Krux, Kris, Mfund
- Made the reports on daily tasks and sharing the same with customers on monthly & quarterly basis
- Scheduled activities such as monthly, quarterly reconciliation of user & application IDs
- Further caring out SFTP reconciliation activity on half yearly basis
- Scheduled weekly meeting with customers and based on the feedback from customers, identify the improvement areas in End User Support services and show continual improvement in services
- Faced audits specific to user access management
- Gathered the evidences & sharing it with internal, externals auditors as per requirement.
Education
B.Tech. - Electronics And Communications Engineering
United College of Engineering & Research
Prayagraj, India 04.2001 -
Skills
Vulnerability Management
Vulnerability Assessment
SIEM
Configuration Management
Threat Assessment
Vulnerability & Patch Management
Security Tools (eg, Nessus, Qualys, Rapid7, Splunk, Tableau, Veracode, Flexera)
Ticket Management (JIRA, Service- Now)
Disclaimer
I hereby declare that the details provided by me above are correct and I have knowingly not omitted/ misrepresented any information. I am aware that the company can use this data for verification purposes and any material inconsistency identified between the details shared above versus actual information would have a bearing on my employment, based upon company policies.
Timeline
Information Security Specialist
Deutsche India Private Limited
01.2022 - Current
Analyst- IT Security
PPMS Networks Pvt Ltd (Project- Nomura)
03.2018 - 05.2019
Engineer- EUS (L1)
MicroLand LTD (Project- Kotak Life Insurance)
10.2016 - 03.2018
B.Tech. - Electronics And Communications Engineering
United College of Engineering & Research
04.2001 -
Support Analyst
Nomura India Services Pvt Ltd
5 2019 - 01.2022