Summary
Overview
Work History
Education
Skills
References
Global Certification
Timeline
Generic

Deepak Shrivastava

Pimpri Colony

Summary

A go-getter with immense will power to accomplish the task assigned. An individual who maintains his calm in all situations and aspires to do the best. Confidence of handling all tasks with responsibility & offering best results. Extensive exposure to Cyber Security practices and processes related to Infosec. Actability to new concepts & ideas. Self-discipline, motivation, positive attitude and flair for hard work.

Proactive and versatile professional with a dedication to quickly adapting to new challenges. Strong problem-solving abilities and a proven track record of fostering strong relationships with clients and team members. Focused on supporting team success and achieving positive results.

Overview

11
11
years of professional experience

Work History

Expert Cyber Security Incident Responder

Finastra
01.2023 - Current
  • Leading and managing the SOC and Threat Hunting Teams, providing strategic direction, mentorship, and professional development
  • Develop and enforce policies, procedures, and best practices for SOC and Threat Hunting operations
  • Align the SOC and Threat Hunting activities with the organization's strategic security goals and objectives
  • Keeping Up to date Incident Management Policy and SOC Playbook
  • Identify areas of opportunity where security services can be optimised to improve to experience or reduce operational costs
  • Identify and implement process improvements to enhance the efficiency and effectiveness of SOC and Threat Hunting operations
  • Optimize workflows to eliminate bottlenecks and improve incident response times
  • To ensure cohesive security operations, foster collaboration between SOC, Threat Hunting, Vulnerability Management and other organizational teams
  • Conducting Table Top Exercise and Postmortem report post Table Top Exercise
  • Oversee the development and deployment of advanced threat detection methodologies and tools
  • Continuously evaluate and refine detection and response strategies to counter evolving security threats
  • Lead the analysis of security incidents to identify root causes and implement preventative measures
  • Direct the SOC and Threat Hunting Teams in responding to security incidents, ensuring timely and effective mitigation
  • Coordinate incident response activities with other teams, including IT, legal, and communications
  • Maintain comprehensive incident records and provide regular reporting on incident trends and metrics
  • Driving the adoption of automation technologies to reduce manual tasks and improve the accuracy and speed of threat detection and response
  • Evaluate, select, and integrate cutting-edge security technologies to enhance SOC and Threat-hunting capabilities
  • Collaborate with IT and development teams to ensure seamless security tools and automation frameworks integration
  • Monitor industry trends and emerging threats to ensure SOC and Threat threat-hunting teams are prepared to address potential risks
  • Implement continuous improvement initiatives to enhance SOC and Threat Hunting processes, tools, and team capabilities
  • Foster a culture of innovation and continuous learning within the SOC and Threat Hunting Teams
  • Communicate SOC and Threat Hunting activities, metrics, and outcomes to senior management and other stakeholders
  • Act as a liaison between the SOC, Threat Hunting Teams, and other departments to ensure effective collaboration and alignment of security efforts
  • Represent the SOC and Threat Hunting Teams in internal and external meetings, conferences, and forums
  • Ensure SOC and Threat Hunting activities comply with relevant regulations, standards, and organizational policies
  • Prepare and present regular reports on SOC and Threat-hunting performance, including key metrics and improvement initiatives

Sr. Consultant

NaviSite
05.2021 - 01.2023
  • Leading security incident management for Navisite and Its Customer
  • Develop and enforce policies, procedures, and best practices for SOC and Threat Hunting operations
  • Align the SOC and Threat Hunting activities with the organization's strategic security goals and objectives
  • Keeping Up to date Incident Management Policy and SOC Playbook
  • Identify areas of opportunity where security services can be optimised to improve to experience or reduce operational costs
  • Investigation of Critical and high alerts escalated by L2
  • Investigation and analysis of Event towards internal/external environment
  • Qualys Guard for Vulnerability Management
  • Working on SOPHOS/Crowdstrike EDR Incidents
  • Monitoring for emerging threat patterns and vulnerabilities
  • Investigation of infected Host Through Endpoint controls and monitoring
  • Phishing incidents investigations
  • Execute, and suggest improvements to the documented and repeatable security processes that ensure the Security of Navisite and for its customer Driving the adoption of automation technologies to reduce manual tasks and improve the accuracy and speed of threat detection and response
  • Administration of Tripwire FIM
  • Managing AWS Cloud Security
  • Working on Microsoft Defender, Azure Sentinel
  • EDR Solutions
  • Administration, Monitoring of DLP and Investigation of DLP Incidents
  • Coordinating with different stakeholders - technology teams, application specialists and business units
  • Identify security incidents and breaches and prepare and seek review of reporting and remediation activities
  • Communicates with management on incident updates
  • Manage and improve information security documentation as required
  • Conducting Table Top Exercise and Post Mortem report post Table Top Exercise
  • Compiling SOC (Security Operation Centre) Runbook
  • Review and Fine Tune for SIEM alerts
  • Making report on Current IT Threat landscape and upcoming trends in security
  • Ensure SOC and Threat Hunting activities comply with relevant regulations, standards, and organizational policies
  • Prepare and present regular reports on SOC and Threat-hunting performance, including key metrics and improvement initiatives
  • Participating in internal audit

Sr. Lead Security Analyst

One97 Communication Ltd (Paytm)
12.2020 - 05.2021
  • Leading security incident management for Paytm
  • Identify areas of opportunity where security services can be optimised to improve to experience or reduce operational costs
  • Providing Training Session on Cyber Security Topics to Team for Mentorship
  • Report on and suggest improvements to identified security metrics to gauge the effectiveness of Paytm security
  • Conducting Table Top Exercise and Post Mortem report post Table Top Exercise
  • Execute, and suggest improvements to the documented and repeatable security processes that ensure the Security of One97
  • Manage and improve information security documentation as required
  • Review and Fine Tune for SIEM alerts, DLP alerts
  • Monitoring for emerging threat patterns and vulnerabilities
  • Coordinating with different stakeholders - technology teams, application specialists and business units
  • Identify security incidents and breaches and prepare and seek review of reporting and remediation activities
  • Communicates with management on incident updates
  • Compiling SOC (Security Operation Centre) Runbook
  • Perform security monitoring, Investigation and analysis of Event towards internal/external environment
  • Log Analysis and event traffic patterns investigation
  • Investigation of infected Host Through Endpoint controls and monitoring
  • Managing Prisma tool (For Cloud Compliance)
  • Working on Palo Alto Cortex / CrowdStrike EDR Incident
  • Digital Forensic Investigation - Static and Dynamic
  • Providing Training Session on Cyber Security to Team
  • Analysis of Phishing Incidents
  • Administration, Monitoring of DLP and Investigation of DLP Incidents
  • Review of recurring activity for Automation
  • Making monthly report on Vulnerability
  • Managing AWS Cloud Security
  • Ensure SOC and Threat Hunting activities comply with relevant regulations, standards, and organizational policies
  • Prepare and present regular reports on SOC and Threat-hunting performance, including key metrics and improvement initiatives
  • Participating in internal audit

Infrastructure Security Engineer II

Innovaccer
10.2019 - 10.2020
  • Managing AWS Cloud, Azure Cloud Security
  • Administration, Monitoring of DLP and Investigation of DLP Incidents
  • Administration of Wazuh SIEM tool
  • Security Monitoring for AWS Cloud, Azure Cloud
  • Conducting Table Top Exercise and Post Mortem report post Table Top Exercise
  • Digital Forensic Investigation - Static and Dynamic
  • Monitoring for emerging threat patterns and vulnerabilities
  • Coordinating with different stakeholders - technology teams, application specialists and business units
  • Execute, and suggest improvements to the documented and repeatable security processes that ensure the Security of Innovaccer
  • Identify security incidents and breaches and prepare and seek review of reporting and remediation activities
  • Identify areas of opportunity where security services can be optimised to improve to experience or reduce operational costs
  • Manage and improve information security documentation as required
  • Perform security monitoring, Investigation and analysis of Event towards internal/external environment
  • Log Analysis and event traffic patterns investigation
  • Review and Fine Tune for SIEM alerts, DLP alerts
  • Investigation of infected Host Through Endpoint controls and monitoring
  • Analysis of Phishing Incidents
  • Report on and suggest improvements to identified security metrics to gauge the effectiveness of Innovaccer's security
  • Managing Compliance and Audit for HIPPA, ISO
  • Communicates with management on incident updates
  • Compiling SOC (Security Operation Centre) Runbook
  • Making monthly report on Vulnerability
  • Review DLP Daily and Weekly Reports

Consultant

Virtusa
07.2018 - 10.2019
  • Produce and maintain Standard Operating Procedures and appropriate documentation for SOC
  • Leading and managing the SOC and Threat Hunting Teams, providing strategic direction, mentorship, and professional development
  • Develop and enforce policies, procedures, and best practices for SOC and Threat Hunting operations
  • Align the SOC and Threat Hunting activities with the organization's strategic security goals and objectives
  • Keeping Up to date Incident Management Policy and SOC Playbook
  • Identify gaps, disseminate findings and reports to the system owners and follow up for closure
  • Analyse new security solutions, identify potential security concerns, develop approaches that can be used to mitigate identified risks and works with IT teams to implement recommendations
  • Classification of risk associated with data leakage
  • Identify and implement process improvements to enhance the efficiency and effectiveness of SOC
  • Research new and emerging threats to gain insight and understanding of the evolving threat landscape
  • Conducting Table Top Exercise and Post Mortem report post Table Top Exercise
  • Optimize workflows to eliminate bottlenecks and improve incident response times
  • To ensure cohesive security operations, foster collaboration between SOC, Threat Hunting, Vulnerability Management and other organizational teams
  • Conducting Table Top Exercise and Postmortem report post Table Top Exercise
  • Review and Fine Tune for SIEM alerts, DLP alerts
  • Oversee the development and deployment of advanced threat detection methodologies and tools
  • Continuously evaluate and refine detection and response strategies to counter evolving security threats
  • Lead the analysis of security incidents to identify root causes and implement preventative measures
  • Identify threat scenarios, quantifying the risks and working out and executing effective mitigation controls including evaluates security incidents and determines what response, if any, is needed and coordinates organization's responses, including technical incident response teams, when sensitive information is breached
  • Working on Microsoft Defender, Azure Sentinel
  • And CrowdStrike EDR alert
  • Taking remediation again data leakage and for in advert data disclosure
  • Analyse DLP (Network and Endpoint) events with High/Medium priority for confidential and company business data leakage
  • Review Proofpoint Report and Analysis of Phishing Incidents
  • Managing AWS Cloud, Azure Cloud Security
  • Evaluate, select, and integrate cutting-edge security technologies to enhance SOC and Threat-hunting capabilities
  • Collaborate with IT and development teams to ensure seamless security tools and automation frameworks integration
  • Direct the SOC and Threat Hunting Teams in responding to security incidents, ensuring timely and effective mitigation
  • Coordinate incident response activities with other teams, including IT, legal, and communications
  • Maintain comprehensive incident records and provide regular reporting on incident trends and metrics
  • Communicate SOC and Threat Hunting activities, metrics, and outcomes to senior management and other stakeholders
  • Act as a liaison between the SOC, Threat Hunting Teams, and other departments to ensure effective collaboration and alignment of security efforts
  • Represent the SOC and Threat Hunting Teams in internal and external meetings, conferences, and forums
  • Ensure SOC and Threat Hunting activities comply with relevant regulations, standards, and organizational policies
  • Prepare and present regular reports on SOC and Threat-hunting performance, including key metrics and improvement initiatives
  • Assess risks to IT systems' availability, integrity and confidentiality to ensure security and service continuity
  • Collecting data and creating regular reports of security related activity and SOC metrics

Senior Information Security Engineer

FIS Global Business Solutions Pvt. Ltd.
08.2016 - 07.2018
  • Handling High and Critical Incidents, events, and incidents escalated from analyst
  • Monitoring for emerging threat patterns and vulnerabilities
  • Identify and remediate or escalate gaps
  • Review and Fine Tune for SIEM alerts
  • Manage and improve information security documentation as required
  • Compiling SOC (Security Operation Centre) Runbook
  • Manage Internal Audit for SOC (Security Operation Centre)
  • Manage Documentation for ISO Audit
  • Fine Tune suggestions of IDS, Firewalls, network monitoring sensors
  • Perform network and system forensics in response to security incidents
  • Perform security monitoring, Investigation and analysis of Event towards internal/external environment
  • Log Analysis and event traffic patterns investigation
  • Making report on Current IT Threat landscape and upcoming trends in security
  • Review Low and Medium Severity Incidents work done by L1 Team Members
  • Providing Training Session on Cyber Security to CFC Team
  • Review Tripwire, PCI, CyerArk and Solidcore Reports
  • Analysis of Phishing Incidents
  • Analysis for Firewall, IPS/IDS logs
  • Malware analysis through FireEye Sandbox
  • Working with FireEye NX, FireEye CM, FireEye AX and FireEye HX tool
  • Working with LogRhythm, RSA SA, STRM and Arcsight SIEM Tools
  • Ticketing Tool- Archer, Service Now and CMS
  • Investigation of infected Host Through Endpoint controls and monitoring
  • Conducting Table Top Exercise and Post Mortem report post Table Top Exercise
  • Making Weekly and monthly report on Vulnerability

System Administrator

Blue Umbrella Pvt. Ltd.
10.2015 - 08.2016
  • Managing Window Server 2008, 2012, Managing Exchange Server 2010
  • Managing Kaspersky EPO Server
  • Managing Exchange Server
  • Report sensitive information stored on systems to ISO
  • Maintain user access administration
  • Disaster recovery planning
  • Disable unnecessary services on servers
  • Comply with password requirements, Review of Access control
  • Environmental protection (i.e., protection from possible exposure to water damage, excessive heat)
  • Firewall, Managing SonicWALL NSA TZ 600 firewall, Fort iGATE 90D
  • Vulnerability assessment of Server and web application
  • Implementation of ISO 270001 Security Audit
  • Install security patches to window server, EPO

Senior Faculty

Jetking Infotrain Ltd.
04.2014 - 10.2015
  • Maintaining Audit Documentation
  • Providing training of Ethical Hacking, Network Security, VAPT Training with kali Linux and Backtrack
  • LMS Implementation PAN India and Training of LMS
  • Preparing log sheet
  • Preparing assignment for students
  • Administration & Management of LABs for student
  • Giving the project to the students on real scenario
  • Take care all the labs updating & maintenance
  • Manage & update technical team including lab assistance

Education

B.sc Physics (Hons.) -

IGNOU

Senior Secondary -

C.B.S.E. Board

Secondary -

C.B.S.E. Board

Skills

  • Incident response
  • Threat detection
  • Policy development
  • Vulnerability management
  • Tabletop exercises
  • Process improvement
  • Documentation management
  • Cloud security
  • Team leadership
  • Automation implementation
  • Training & Development

References

Full referee details can be supplied upon request.

Global Certification

  • CISM, ISACA
  • CCSP Self-Paced Training, ISC2
  • CEH V8, ECC19310859484
  • ECSA V9, ECC28613978148 From EC-Council
  • Oracle Cloud Infrastructure Foundation Associate, Oracle
  • AWS Security Fundamentals, AWS
  • ISO 27001 Lead Auditor, BSI
  • PCI/DSS, Cybrary
  • MCSE 2012-Server Infrastructure, Microsoft
  • MCTS Hyper-V 2012 & System Centre, Microsoft
  • CCNA, Cisco
  • Phishing Countermeasure, IT Masters (Charles Sturt University)
  • Qualys Certified Specialist, Vulnerability Management
  • ITIL Foundation Certificate in IT Service Management, ID-4988440
  • Business Continuity & Disaster Recovery Planning, Cybrary
  • Cyber Warfare and Terrorism, IT Masters (Charles Sturt University)
  • Splunk Certified User, Splunk

Timeline

Expert Cyber Security Incident Responder

Finastra
01.2023 - Current

Sr. Consultant

NaviSite
05.2021 - 01.2023

Sr. Lead Security Analyst

One97 Communication Ltd (Paytm)
12.2020 - 05.2021

Infrastructure Security Engineer II

Innovaccer
10.2019 - 10.2020

Consultant

Virtusa
07.2018 - 10.2019

Senior Information Security Engineer

FIS Global Business Solutions Pvt. Ltd.
08.2016 - 07.2018

System Administrator

Blue Umbrella Pvt. Ltd.
10.2015 - 08.2016

Senior Faculty

Jetking Infotrain Ltd.
04.2014 - 10.2015

B.sc Physics (Hons.) -

IGNOU

Senior Secondary -

C.B.S.E. Board

Secondary -

C.B.S.E. Board

Similar Profiles

CREATE PROFILE
Deepak Shrivastava