IBM QRadar SIEM
Harmeet Singh Walia
Delhi
Summary
Cyber security professional with 11 years of progressive experience in the Telecom,Automobile and FMCG industry. Demonstrated ability to identify business risks and compliance issues and design proactive solutions. Expertise in threat detection, mitigation and management. Eager to contribute in a senior management IT Security role.
Overview
11
11
years of professional experience
4
4
years of post-secondary education
3
3
Certifications
Work History
Manager - Cyber Security
Capgemini Technology Services
11.2022 - Current
- Managing 24*7 Security Operations for multiple clients in APAC region.
- Directly and Functional Reporting Team of 30+ members including SIEM, Firewall, WAF, Vulnerability Management, DLP, GRC and Anti-virus.
- Presenting the Monthly and Quarterly Reports to internal Leadership as well as Client on the Cyber Reports.
- Engagement with OEMs for license/cost optimization.
- Engagement with Vendors/OEMs for timely license renewals, working along with internal Procurement Team
- Leading the Internal/External Audits to meet the Certification Controls i.e ISO 27001 and PCI-DSS 4.0 and to align the tools according to the requirements in advance.
- Led Cyber Assessment for client to find gaps between policies and process being followed.
- Developed internal knowledge base of common threats and protective measures, serving as a valuable reference tool for team members seeking guidance on specific issues.
Manager, Information Security
Jubilant Food Works
11.2021 - 11.2022
- Managing Security operations with a team of 10, for the in-house technologies like Firewall, Proxy, EDR, VAPT.
- Managing partners/vendors for the out-sourced technologies like SIEM.
- Fine-tuning of log sources and use-cases on Splunk SIEM.
- Conducted POC with various OEM for SIEM and VA tool evaluation.
- Review vulnerability management and penetration testing activities, evaluating, and driving closure management of vulnerabilities in the infrastructure.
- Analyzing assessment reports provided by vendors / 3rd parties and resolve them within defined SLAs
- Managing various external and internal security audit activities like PCI-DSS, ISO 27001 and other related audits like
- Trained and guided team members to maintain high productivity and performance metrics.
- Weekly/monthly meetings to present the current security posture to CISO and CIO
- Prepared SoW and RFP to identify and onboard MSSP partner for SIEM technology.
- Understanding of NIST, MITRE, SOC2 and ISO reporting requirements.
Senior Security Specialist
HCL Technologies
10.2019 - 10.2021
- Managing SOC as Senior Specialist for dedicated premium customer and handling all admin related tasks of IBM QRadar [SIEM]
- Monitoring and maintaining large infrastructure of 30000 Log sources.
- Installation and Upgrading QRadar Deployment including Console, EP’s and EC’s
- Integration of Log sources like Windows, Linux, Database, Cortex Data Lake and fixing Error/Warning notification on QRadar.
- Installation and fine-tuning of QRadar Applications/Extensions like UEBA, Threat Intelligence, QDI
- User Access Management on QRadar.
- Conduct investigations on infrastructure through identified Indicators of Compromise (IoCs)
- Created SOC runbooks and procedures through constant feedback and advising on the iterative improvement.
- Maintain incident reporting and communication strategy with senior InfoSec and customer Leadership.
Security Implementation Engineer
Hexaware Technologies
08.2018 - 09.2019
- Managing SOC as SOC Engineer for platinum customer
- Experience on Cyber Security devices like Fortigate 3600C and 600 D, McAfee IPS M850, F5 WAF i2000dc, IBM QRadar.
- Monitoring and taking appropriate actions on Offenses in QRadar.
- Creation/Modification of Use Case/rules in QRadar and Addition/Deletion of Log sources and performing Health Checks in QRadar.
- Publishing vulnerability/compliance reports to customer via QRadar.
- Developing and sharing SIEM reports (manual and scheduled reports).
- Responsible for upgrading existing security devices to required version.
Security Administrator
BRITISH TELECOM
10.2015 - 11.2017
- Managing Global SOC as SOC Engineer for platinum customer.
- Managing and proactively troubleshooting global client’s security infrastructure 24x7.
- Monitoring of Offenses in QRadar and sharing SIEM reports with management.
- Experience on Network Security devices and firewalls like ASA 5512x, and Palo Alto 500, 3200 and 7000 series.
- Maintaining policy package for customer’s network and troubleshooting firewall and authentication related issues.
- Responsible for upgrading existing Palo Alto firewalls to the required version.
- Monitoring the tickets on the ticketing tool SNOW with different priorities depending on the network criticality and troubleshooting within defined SLA.
Network Analyst
ORANGE BUSINESS SERVICES
06.2013 - 09.2015
- 2 years and 3 months of experience in Network Management of WAN for Heineken and SwissRe Insurance networks.
- Managed changes in the configurations for Router and Switches.
- Troubleshot and maintained all networking devices and infrastructure across enterprise including switches, routers and firewalls.
- Upgraded and expanded network systems and components.
- Ability to develop and maintain strong customer relationships in support of mutual business interests and smooth co-ordination of project teamwork with other teams involved in the project.
- Worked extensively with QRadar to schedule and store reports.
Education
MBA - Information Technology
NMIMS
Mumbai 04.2001 -
Bachelor of Technology - Electrical, Electronics And Communications Engineering
Chitkara Inst. of Eng And Technology
08.2009 - 05.2013
Skills
Security Operations
Network Security Management
Audit preparation
Vulnerability Assessment
SIEM management
Software
Splunk SIEM
Crowdstrike EDR
Qualys VA
SentinelOne EDR
Certification
Palo Alto ACE Certified
Timeline
Manager - Cyber Security
Capgemini Technology Services
11.2022 - Current
Manager, Information Security
Jubilant Food Works
11.2021 - 11.2022
ITIL v3
08-2020
Senior Security Specialist
HCL Technologies
10.2019 - 10.2021
Security Implementation Engineer
Hexaware Technologies
08.2018 - 09.2019
Palo Alto ACE Certified
06-2018
• Cisco Certified Network Associate: 200-120 (CCNA Routing and Switching)
10-2017
Security Administrator
BRITISH TELECOM
10.2015 - 11.2017
Network Analyst
ORANGE BUSINESS SERVICES
06.2013 - 09.2015
Bachelor of Technology - Electrical, Electronics And Communications Engineering
Chitkara Inst. of Eng And Technology
08.2009 - 05.2013
MBA - Information Technology
NMIMS
04.2001 -