KESHAV PRATAP SINGH
Associate Security Consultant
Ghaziabad
Summary
Intend to build a career with leading of hi-tech environment with committed and dedicated people, which will help to explore myself. Hands on experience in maintaining SOC environment with sounds knowledge of cyber security and risk management.
Overview
8
8
years of professional experience
2
2
Certifications
Work History
Associate Security Consultant
Tech Mahindra Ltd.
03.2022 - Current
- Working on security event management, events detected on IDS/IPS or SIEM solutions
- Events whether it is related to end user, any specific server or group of servers, attack by VPN traffic
- Working on ELK cloud (Elastic Logstash Kibana) for accessing centralized security logs using dashboards, searching query, creating dashboards, ingestion logs by onboarding new log sources
- Working on Algosec firewall analyzer to check inbound/outbound traffic associated to defined rules and traffic flow
- Working on Cyber Arc for server privilege access management, Imperva WAF for web application security
- Working on MySQL data base for managing the retention of security logs and ensure logs must be retained upto date
- Working on Symentec proxy and Zscaler proxy, BMC CMDB, Panorama firewall management tool to manage firewall and monitor incoming/outgoing traffic
- Working on log collector severs to ensure the logs retentions and investigations of security logs
- Logs rotation to another server or directory
- Cron job for automate the process and also onboarding the new log source and decommission the log servers
- Working on creating security policies, use cases, reports, dashboards and creating weekly & monthly reports provides and directly present to customer
- Working on Comguard DLP, VDI (Citrix), EDR (Defender), mail relay, reverse proxy servers and LB logs analysis for deep event analysis.
Sr. Security Analyst
Inspira Enterprise India Ltd.
12.2020 - 03.2022
- Worked on RSA Netwitness as an admin to perform all activity like creation of use cases, onboard new log sources, ESA rules, creation of parser and fine tuning
- Worked on Cortex XSOAR, creating playbook, integration of devices
- Worked on Imperva DAM for database management i.e
- Agent installation, checking audit logs, gateway and mx configuration, creating policies, dashboard
- Worked on Archer ITGRC, i.e
- Creating reports, dashboards, managing users, creating policies.
Security Engineer L2
Sify Technologies Ltd.
07.2019 - 12.2020
- Worked on SIEM RSA for log analyses and creation of reporting rules, ESA rules, Alerts, Dashboards, scheduling report, Device integration and troubleshooting
- Worked on all RSA components (Security Analytics, Decoder, VLC, Concentrator, Archiver, Broker), troubleshooting of on servers and GUI based
- Performing regular health check-up of devices and traffic monitoring for anomaly detection
- Worked on Weekly and Monthly reports as per client requirement irrespective tools and security incidents
- Creating Use cases as per required bank infrastructure and proactive security perspectives
- Worked on Quarterly Cyber Drill and involvement in IDBRT Cyber Drill and fine tuning of WAF accordingly
- Worked on Quarterly DC - DR Drill Ensure availability of all services during DC-DR drill
- Worked on Barracuda WAF for making policies and monitoring and log analyses of internet application like (Webmail, Internet banking, Mobile Banking, FI services) Worked on Arcon PAM for server management with privilege access management with video and command logs
- Working on Anti-APT devices for threat management (Trend micro DDI, DDAN, IMSVA).
Network Engineer
Presto Infosolution Pvt. Ltd.
08.2016 - 12.2018
- Worked on routers and switches in data center, configuration and troubleshooting of remote and DC routers and switches
- Led technically 20 remote engineers team for network operations
- Reviewing daily activities & preparing detailed comprehensive reports for sending to operations and clients
- Creation of rules, Active list, Active Channel, Dashboard, alerts and troubleshooting
- Real-time monitoring, Security incident handling, Investigation, Analysis, Reporting, Threat Management Using SIEM Arcsight and Symantec solutions
- Preparation of daily, Weekly and Monthly reports to the clients.
Education
B.Tech in Information Technology -
CBP Govt. Eng. College, Jaffarfur, Delhi
Senior Secondary - undefined
UP Board
Secondary - undefined
UP Board
Skills
SIEM RSA & Arcsight
Cortex SOAR, Imperva DAM
Barracuda & Imperva WAF
Trend Micro Anti APT (DDI, DDAN, IMSVA)
Arcon PAM, Cyber Arc
Rapid 7, DLP (Mcafee)
ELK Cloud, MySQL
Algosec FW Analyzer
Bluecoat & Zscaler proxy
BMC CMDB, VDI
Defender (EDR), PCAP, UEBA, Archer
Certification
CEH Certified
Training
- Ongoing training for CISSP
- Classroom training for CCNA security and CCNP (R&S)
Disclaimer
The above details are true to the best of my knowledge.
Timeline
Associate Security Consultant
Tech Mahindra Ltd.
03.2022 - Current
Sr. Security Analyst
Inspira Enterprise India Ltd.
12.2020 - 03.2022
Security Engineer L2
Sify Technologies Ltd.
07.2019 - 12.2020
Network Engineer
Presto Infosolution Pvt. Ltd.
08.2016 - 12.2018
B.Tech in Information Technology -
CBP Govt. Eng. College, Jaffarfur, Delhi
Senior Secondary - undefined
UP Board
Secondary - undefined
UP Board