Dipankar Sengupta
Kolkata
Summary
The diligent Engineer takes responsibility for ongoing projects and new endeavor planning. Provides deep technical knowledge and common-sense business acumen for initiatives. Committed to reaching business goals through technical management and impactful analyses.
Overview
15
15
years of professional experience
1
1
Certification
Work History
Engineer
ICE Mortgage Technology
09.2023 - 03.2024
- Collecting Threat Intelligence: This involves gathering information about potential security threats from various sources such as security feeds, vendor reports, open-source intelligence, and internal logs
- Creating Searches: Developing and refining search queries within security tools and platforms to identify potential security incidents or anomalies
- Documenting Threats, Investigations, and Mitigation Actions: Keeping detailed records of security incidents, investigations conducted, and actions taken to mitigate or remediate threats
- Daily Briefings: Providing regular updates on the security posture, ongoing incidents, and emerging threats to relevant stakeholders within the organization
- Following Analyst Checklists: Adhering to established procedures and checklists for incident detection, analysis, and response to ensure consistency and thoroughness in security operations
- Completing Scheduled Tasks: Executing routine security tasks such as vulnerability scans, log analysis, and system reviews according to a predefined schedule
- Reviewing Incidents in Microsoft Defender ATP, 365, and MCAS: Utilizing security tools like Microsoft Defender ATP (Advanced Threat Protection), Office 365 Security, and Microsoft Cloud App Security to investigate and respond to security alerts and incidents
- Ensuring Timely Follow-Up on Security Events: Promptly addressing security alerts and incidents, investigating root causes, and implementing necessary measures to prevent recurrence
- SOC Escalation: Escalating significant security incidents or threats to higher-level security personnel or management for further analysis and response
- Reviewing Phishing Campaigns: Analyzing and dissecting phishing emails and campaigns to identify patterns, tactics, and techniques used by attackers and implementing measures to prevent successful phishing attacks.
Engineer
Black Knight India
08.2019 - 09.2023
- Monitoring and Analysis: Utilize SIEM tools to monitor and analyze network traffic for any suspicious activities
- Trigger investigations upon detection of suspicious activities and take appropriate actions
- Incident Tracking and Reporting: Configure reports and queries for both automated and manual incident tracking and reporting
- Track incidents related to suspicious activities and maintain a record for future reference
- Vulnerability Management: Identify vulnerable signatures in the environment
- Take action by blocking signatures in the Intrusion Prevention System (IPS) or blocking attack IPs in the firewall
- Firewall Management: Modify firewall policies using the Smart Dashboard, particularly in Checkpoint firewalls
- Implement web access management and categorize phishing and spam mail
- Track users who access potentially compromised websites, log incidents, and follow up accordingly
- Malware Detection and Response: Monitor for malware on users' systems
- Inform the appropriate division or the antivirus (AV) team to take necessary action upon detection of malware
- Security Log Collection and Investigation: Collect security logs from network devices, security appliances, and servers
- Utilize QRadar SIEM tools for investigation and analysis of security incidents
- Continuous Improvement: Regularly review and update firewall rules and policies to enhance security
- Stay proactive in monitoring and addressing security threats to mitigate risks effectively.
Engineer
ITC Infotech India LTD
08.2017 - 07.2019
- Monitoring and Analyzing Network Traffic: This involves continuously monitoring network traffic using security appliances such as Checkpoint IPS and McAfee IDS, as well as Security Information and Event Management (SIEM) tools
- The goal is to identify any suspicious activity or potential security threats
- Incident Tracking: If suspicious activity is detected, it's essential to track and investigate these incidents
- This might involve configuring reports and queries within SIEM tools to automatically generate reports or manually investigate incidents
- Collection and Investigation of Security Logs: Collecting security logs from various network devices and servers using tools like HPE ArcSight Logger and analyzing them using ArcSight SIEM tools to identify potential security incidents
- Troubleshooting ESM and ArcSight Connectors: If there are any issues with the Enterprise Security Manager (ESM) or ArcSight connectors, troubleshooting steps need to be taken to ensure proper functioning
- Signature Management and Blocking: Managing signatures in IPS devices to block known attack signatures or blocking attack IPs in the firewall to prevent malicious traffic from entering the network
- Firewall Rule Management: Creating and modifying firewall rules using tools like Smart Dashboard, as well as managing web access for users and troubleshooting VPN issues
- Software Updates and Upgrade: Keeping security software like McAfee NSM up to date by performing version upgrades and updating signature sets to ensure protection against the latest threats
- Health Check Reports: Generating reports to assess the health and performance of security devices and ensuring that all connected servers are properly patched and hardened against potential vulnerabilities
- Handling Night Shift Port Opening Calls: Addressing requests to open ports during night shifts, ensuring that any changes made follow the established change management process
- Signature Fine-tuning: Continuously fine-tuning signatures based on the traffic patterns observed to improve the accuracy of threat detection and minimize false positives
- Change Management Process: Implementing changes to network configurations or security policies following the organization's change management process to ensure proper documentation and approval.
Engineer
HCL Comnet
12.2008 - 08.2017
- Capturing FWSM Logs: Use the FWSM's logging capabilities to capture logs
- Configure syslog settings to send logs to a central logging server for storage and analysis
- Verifying a new member's configuration in FWSM: Ensure that the new member's configuration aligns with security policies and best practices
- Review access control lists (ACLs), NAT configurations, and any other relevant settings
- Backup of both the FWSM and IDSM modules: Regularly schedule backups of configurations for FWSM and IDSM modules
- Store backups securely, preferably offsite, to ensure they're available in case of device failure or data loss
- Check the CPU utilization of FWSM: Use monitoring tools or command-line interface (CLI) commands to check CPU utilization
- Monitor for spikes or sustained high CPU usage, which may indicate performance issues or excessive traffic
- Checking resource utilization in the FWSM: Monitor memory, CPU, and other resource usage regularly
- Use SNMP monitoring tools or CLI commands to check resource utilization
- Update the daily POP checklist with the status of resource usage
- Daily monitoring of Cisco IDSMs: Monitor IDSM logs and alerts for any suspicious activity
- Investigate and respond to alerts promptly, following SOC team instructions for handling abnormalities.
Education
B. Com -
University of Calcutta
Higher Secondary Education -
Secondary Education -
Skills
- Corporate job experience has helped in developing very good communication skills Has the potential to convince people with a clear thought process and intelligence Has the ability to work in a team and make any adjustments according to the needs of the team Can take on any role and responsibility in an organization and is ready to face all challenges
Certification
- CCNA certified,2009
- SQL Server 2005 Certified
- Oracle 9i- SQL Certified.
- Diploma in Information System Management from NIIT
- Security+ Certified 2017
Personal Information
- Date of Birth: 10/12/82
- Gender: Male
- Nationality: Indian
- Marital Status: Married
Languages
B2
Timeline
Engineer
ICE Mortgage Technology
09.2023 - 03.2024
Engineer
Black Knight India
08.2019 - 09.2023
Engineer
ITC Infotech India LTD
08.2017 - 07.2019
Engineer
HCL Comnet
12.2008 - 08.2017
B. Com -
University of Calcutta
Higher Secondary Education -
Secondary Education -
Similar Profiles
Matthew W BurkeMatthew W Burke
Principal Consultant, Software Developer at ICE Mortgage TechnologyPrincipal Consultant, Software Developer at ICE Mortgage Technology
Manish ChakranarayanManish Chakranarayan
Client Support Specialist at Ice Mortgage TechnologyClient Support Specialist at Ice Mortgage Technology
Syeda Abbas (Aain)Syeda Abbas (Aain)
Product Support Representative III /Client Support Specialist at ICE Mortgage TechnologyProduct Support Representative III /Client Support Specialist at ICE Mortgage Technology
Hemanth KumarHemanth Kumar
Staff Technical Program Manager at ICE Mortgage TechnologyStaff Technical Program Manager at ICE Mortgage Technology
Sourav MukherjeeSourav Mukherjee
Senior Cloud Tester at Koerber PharmaSenior Cloud Tester at Koerber Pharma