A Umar Farook

• Application Security and Control adherence review for internal and external applications
• Driving IT Security governance meeting - Vulnerability remediation status, DB Patching, SIEM Onboarding, Security exceptions and other key KPIs are covered
• Implementing Cyber security projects driven by the central team – Strong authentication, weak password remediation etc
• Application inventory management- Ensuring the inventory is compliant and up- to-date
• Software obsolescence managements, DB and MW obsolescence and tracking for remediation
• Client RFPs and DDQs – Filling up client DDQs for cyber security questionnaires
• Server compliance report validation and tracking for closure
• Security Patch Management – Tracking on the remediation of the reported security patches
• Validating and approving the risk cards from IT team, which are approved by the business for the risk acceptance and security exceptions
• Coordinating Data Centre DR Drills & live play exercises between IT, APS and the DR team for APAC applications.
• ICP Dashboard update, Periodic review of AIA and DR plan.
• Organizing APAC ICO and HK steer-co meetings.
• Enhanced organizational resilience by conducting thorough risk assessments and identifying potential vulnerabilities.
• Improved disaster recovery response times by developing and implementing comprehensive plans and protocols.
• Reduced potential vulnerabilities through regular security audits and software updates.
• Enhanced IT risk management by implementing comprehensive assessments and monitoring processes.

• NIST Cybersecurity assessment for India location.
• Understanding the risk appetite of the senior management and identifying the risks during the project phase and defining risk owner and remediation plan.
• Quantitative and Qualitative risk analysis for all applications.
• Performing risk assessment by analyzing the threats and vulnerabilities, finding likelihood and impact and recommending control measures & assessing the inherent and residual risk.
• Validating and approving the risk cards from IT team, which are approved by the business for the risk acceptance and security exceptions.
• Registering all the risk in the risk register and monitoring for the closure of the remediation plan.
• Managing risk assessments for Shadow and light applications and recorded in the inventory.
• Developed customized risk mitigation plans for various business units, ensuring the protection of critical data.
• Improved incident response times by establishing a cross-functional team dedicated to addressing IT risks promptly.
• Ensured compliance with industry regulations through continuous monitoring and updating of internal policies.
• Mitigated potential threats by conducting thorough background checks on new hires and third-party vendors.

• Working in SIEM (Security Information and Event Management) Platform
• SIEM Tool used: IBM QROC.(Qradar On Cloud)
• Conduct proactive monitoring, investigation, and mitigation of security incidents
• Analyze security event data from the network (G Suit, SIEM)
• Perform static malware analysis on isolated virtual servers
• Ensure the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.

• Experience in customizing SIEM for monitoring, Application Management and security per customer requirements Producing project related documents and day to day reporting
• Daily tasks include Log monitoring & analysis, Incident response, Computer forensics, and Malware analysis
• Experience working in SOC environment; monitoring, research, assessment and analysis on Intrusion Detection and Prevention tools as well as Anomaly Detection systems, Firewalls, Antivirus systems, proxy devices
• Monitoring and analyzing the security event arises through threat intelligence.

• User Provisioning tasks like User Onboard/Offboard
• Bulk user account creation using SAM Tool (Oracle IDM)
• Providing access for the users based on the access levels mentioned in user provisioning form
• Creating / deleting Mailbox for the users
• Monitoring Ticketing tool, assigning Request Tickets and its respective Task tickets
• Processing name change request for Employee/Non- Employees in Workday
• Running the script to move exited users to Disabled OU
• Generating report and update the team with Updated Queue details.

• Working on IBM QRadar for monitoring and investigations.

• Advanced endpoint and extended detection and response, threat hunting, and endpoint isolation.

• Conduct log analysis using IBM Qradar.

• Identify suspicious/malicious activities or codes.

• Worked in a 24x7 Security Operations Center

• Monitoring and analysis of security events to determine intrusion and malicious events.