Summary
Overview
Work History
Education
Skills
Websites
Tools And Technologies
Certification
Projects
Timeline
Generic

Himanshu Gupta

Faridabad

Summary

With a robust background as an Information Security Engineer, I bring over 5.5+ years of expertise encompassing both physical and cloud system security. Proficient in identifying vulnerabilities and optimizing security architecture designs, I excel in maintaining operational efficiency under high-pressure scenarios. My responsibilities include the effective implementation and management of security controls, vigilant monitoring of network and system activity, execution of security assessments and audits, and seamless collaboration with cross-functional teams for the implementation of top-tier security best practices.

Overview

6
6
years of professional experience
1
1
Certification

Work History

Cyber Security Engineer

Panacea infosec Pvt. Ltd
Dwarka
04.2022 - Current
  • Implemented SIEM solutions for clients across both cloud and physical infrastructures.
  • Successfully integrated logs from diverse sources, including firewalls, switches, routers, databases, and endpoints.
  • Proficiently integrated logs from major cloud platforms, including AWS, GCP, and Azure.
  • Developed decoders and rules for log parsing to enhance SIEM efficiency.
  • Conducted server hardening and fine-tuning of SIEM configurations.
  • Executed troubleshooting procedures to identify and rectify misconfigurations in the SIEM environment.
  • Led investigations into security incidents, leveraging findings to create comprehensive incident response playbooks.
  • Established custom rules within the SIEM to effectively detect anomalies in enterprise networks.

Sr. Executive - Information Security

Mattsen Kumar PVT LTD
Jaipur
09.2021 - 03.2022
  • Conducted thorough Information Security Audits to identify vulnerabilities and flaws within the organization.
  • Monitored security events utilizing a variety of security devices, including firewalls, SIEM tools, and McAfee DLP.
  • Ensured strict compliance with organizational policies related to information security.
  • Analyzed and investigated security breaches or concerns, implementing corrective measures as needed.
  • Conducted comprehensive testing to assess the safety and effectiveness of individual components within security systems.
  • Evaluated the internal security systems, controls, and policies for ongoing effectiveness and relevance.
  • Developed and implemented Risk Mitigation and Management Plans to proactively address potential security threats.

Tech Engineer - Information Security

Cyborg Cyber Forensic and information security
Noida
11.2018 - 09.2021
  • Proactively monitored security events and alerts from diverse SOC entry channels, including SIEM, Firewall, IPS, and DNS.
  • Conducted in-depth investigations based on the severity of security events/alerts and provided timely resolutions.
  • Performed comprehensive vulnerability assessments and penetration testing to identify and address potential weaknesses.
  • Spearheaded incident response and management procedures to swiftly mitigate security incidents.
  • Analyzed a range of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Education Logs, etc.) to determine appropriate remediation actions and escalation paths for each incident.
  • Maintained and monitored data security access to safeguard sensitive information.
  • Collaborated with other teams for effective incident mitigation, ensuring a coordinated response.
  • Generated monthly reports for the SOC, summarizing key activities, incidents, and noteworthy trends.

Education

Bachelor of Technology -

B.S.A. Institute Of Technology & Management
05.2018

Skills

  • Strong comprehension of regulatory compliance requirements, notably ISO27001 and PCI-DSS
  • In-depth knowledge of computer networking protocols, encompassing TCP/IP, DNS, DHCP, and SMTP
  • Comprehensive understanding of prominent cybersecurity frameworks, including NIST and MITRE ATT&CK
  • Proficient utilization of a diverse array of security tools, such as vulnerability scanners, IDS/IPS, firewalls, SIEM, and SOAR solutions
  • Familiarity with various operating systems, including Linux and Windows
  • Acquainted with common attack vectors and techniques employed by threat actors
  • Capable of conducting thorough vulnerability assessments to pinpoint weaknesses in systems and networks
  • Hands-on experience in incident response procedures
  • Effective communication skills for articulating complex technical issues to non-technical stakeholders
  • Demonstrated commitment to continuous learning, staying abreast of the latest security threats, and following emerging trends in the field

Tools And Technologies

SIEM:- Alien vault,splunk,wazuh

Proxy:- zscaler

SOAR:- Shuffle,splunk

DLP&Antivirus:- McAfee,Forcepoint,sophos

Firewall:- Fortigate

Scanners:-  Nessus,Qualysis

Technologies and  languages:-  Python,Php.

Cloud Platforms:- AWS,GCP,Azure

Certification

  • Certified Ethical Hacker (CEH v10).
  • Certified Information Systems Security Professional (CISSP) (Pursing).
  • Certified Cloud Security Practitioner-AWS(CCSP-AWS) (theSecopsGroup).
  • Architecting Solutions on AWS (Coursera).
  • ISO27001 Lead Auditor

Projects

Phishing Awareness:-

  • Dedicated to fostering phishing awareness among employees, this project focuses on leveraging technologies such as PHP, Linux, SMTP Server, and a Phishing Framework. The primary objective is to equip employees with the knowledge and skills necessary to identify phishing emails and malicious links.
  • Key Technologies: PHP, Linux,SMTP Server,Phishing Framework.
  • Objective: The overarching goal of this project is to enhance employees' ability to recognize and respond to phishing attempts effectively. By utilizing the specified technologies, the initiative aims to create a comprehensive awareness program that simulates real-world phishing scenarios. Through targeted simulations, employees will develop a heightened awareness of common phishing tactics, thereby bolstering the organization's overall cybersecurity posture.

Security Orchestration, Automation, and Response (SOAR):-

  • Developed automated response playbooks to streamline and enhance incident response procedures.
  • Implemented notifications across various channels such as Teams and Slack to ensure prompt communication and collaboration during security incidents.
  • Integrated diverse threat intelligence platforms to enrich the context of alerts, enabling more informed and effective responses.
  • This SOAR initiative combines automated playbooks, cross-channel notifications, and threat intelligence integration to optimize the organization's ability to detect, respond to, and mitigate security incidents in a coordinated and efficient manner.

Timeline

Cyber Security Engineer

Panacea infosec Pvt. Ltd
04.2022 - Current

Sr. Executive - Information Security

Mattsen Kumar PVT LTD
09.2021 - 03.2022

Tech Engineer - Information Security

Cyborg Cyber Forensic and information security
11.2018 - 09.2021

Bachelor of Technology -

B.S.A. Institute Of Technology & Management
  • Certified Ethical Hacker (CEH v10).
  • Certified Information Systems Security Professional (CISSP) (Pursing).
  • Certified Cloud Security Practitioner-AWS(CCSP-AWS) (theSecopsGroup).
  • Architecting Solutions on AWS (Coursera).
  • ISO27001 Lead Auditor
Himanshu Gupta