Summary
Overview
Work History
Education
Skills
Disclaimer
Professional Summary
Certification
Timeline
Generic
Madhu C N

Madhu C N

Bengaluru

Summary

Dynamic security professional with extensive experience at KPMG India, excelling in risk management and incident response. Proven track record in enhancing SIEM architecture and leading teams to strengthen IT security governance. Adept at critical thinking, I have successfully implemented tailored risk assessment frameworks, significantly improving organizational security posture.

Overview

9
9
years of professional experience
5
5
Certifications

Work History

Assistant Manager

KPMG INDIA
Bengaluru
01.2024 - Current
  • Evaluated risks and implemented remediation strategies for enterprise security and compliance.
  • Performing the risk assessment from a tailored made tool which a associated with the industry standard frame work like ISO 27001, NIST, COBIT.
  • Service Now /Archer Tool based risk assessment of the Infrastructure, Application, Network based on the Business requirement is the essential things which are performed.
  • End to end Risk assessment includes BIA (Business impact assessment), LRA (legal and regulatory assessment), Top level assessment, Privacy Impact assessment, DPCV review, High level design review, Risk profile generation, Control scoping and control generation.
  • Facilitated onboarding of new applications, infrastructure, and networks by assessing and mitigating associated risks.
  • Proactively researching and evaluating emerging OT security solutions to strengthen system security for future projects.

Senior Security Consultant

Cyraacs India Pvt LTD
Mumbai
09.2022 - 01.2024
  • Apart from handling SIEM solutions, I have also worked on various technologies like EDR-(Crowd strike), DLP (Force Point security), AV-McAfee, MDM-(Citrix endpoint management),Email Security(Iron scale),PAM(Arcon),Network monitoring devise(Cisco Meraki Firewalls and access points), Brand monitoring devices(Forti Recon), Risk management tools (Black Kite), Web filtering tool and VPN (FortiClient), Disk Encryption tool like( Bit locker),ZTNA tools and also ticketing tools like Service now.
  • Perform SIEM architecture assessment to assess the current state of the SIEM deployment helped to outline the line of technologies for the network with maximum defense matrix and on the devices variables that should be deployed for the sectors.
  • Performed reviews on technologies Like EDR, firewall, Email security, DLP which helped to know the end-to-end capabilities on the device and create technical checklist for reviewing the predefined devices.
  • Conducted Information Systems Audits to validate the compliance requirements and Security Posture for multiple NBFC’s.
  • Conducted internal security assessments to identify open security risks and non- adherence to security policies.
  • Developed tailor-made policy frameworks for multiple clients against the requirements of ISO 27001.
  • Implementation roadmaps to assist and prioritize the implementation process.
  • Performed Information Security Risk Assessments and identified critical security risks for service organizations.
  • Provide periodic updates to the management on the security posture of the organization using multiple security reports and dashboards.
  • Performed Gap and Risk assessment against ISO 27001, ISO 27017 & ISO 27018, SOC2 for various.
  • Created questionnaires for audits based on Draft Master Direction and ISO 27001:2022.

L2 Senior Security Analyst

ITC infotech
Bengaluru
04.2021 - 09.2022
  • Worked with partner ITC infotech for a Gulf partner handled end to end SOC operation for the organizations.
  • Performing a treat assessment for the whole environment by collecting the Logs and incidents from various Devices and solution had helped in reducing exposure of the target surface.
  • Fine tuning the predefined rules for reducing the false positives of the alerts which was very noisy in the initial days before fine tuning.
  • Being up to date on the latest updates of the techniques by Cert-In Advisories and performing the retro scan for reducing the probabilities of exposure to the threats.
  • And presenting the reports of threat assessment to the Top management of client in a weekly basis have helped in getting an end-to-end knowledge for enhancing the security device performance.
  • Creating new rules and deployment of some windows agent to the network have helped the dependency of network engineers on the same.

Engineer

Flowserve Corporation Pvt LTD
07.2019 - 03.2021
  • Act as first level support for all Security Issues
  • Monitor SIEM alerts, analyze events in SIEM and raise Security incidents in Ticketing Tool Manage Engine.
  • Monitoring security systems and networks for anomalies
  • Investigating security violations, attempts to gain unauthorized access, virus infections, etc.
  • Coordinate responses to security incidents in a timely manner.
  • Hands-on experience with TCP/IP, security concepts, WAN and LAN concepts, Routing protocols, Firewall Security policies.
  • Work with various teams across the organization to improve security posture.
  • Perform Security SIEM Operational task - Analysis, Optimization, Filters, Active channels, Reports, Suggestion of fine tuning on existing rules.

Design Engineer (Security team)

RGBSI
Bengaluru
06.2018 - 07.2019
  • Act as first level support for all Security Issues
  • Monitor SIEM alerts, analyze events in SIEM and raise Security incidents in Ticketing Tool Manage Engine.
  • Monitoring security systems and networks for anomalies
  • Investigating security violations, attempts to gain unauthorized access, virus infections, etc.
  • Coordinate responses to security incidents in a timely manner.
  • Hands-on experience with TCP/IP, security concepts, WAN and LAN concepts, Routing protocols, Firewall Security policies.
  • Work with various teams across the organization to improve security posture.
  • Perform Security SIEM Operational task - Analysis, Optimization, Filters, Active channels, Reports, Suggestion of fine tuning on existing rules.

Design Engineer

Accrue SPMS
Bengaluru
10.2016 - 05.2018
  • Troubleshooting network problems researching specific solutions and projects
  • Managing network changes in accordance with any required change management.
  • Worked with team to identify service improvements to process and procedure.
  • Provided technical support to a range of Managed Service account.
  • Responsible for maintaining all levels of account access in accordance with the access management guidelines, across all Managed Service Accounts.
  • Hands-on experience with TCP/IP, security concepts, WAN and LAN concepts, Routing protocols, Firewall Security policies.
  • Work with various teams across the organization to improve security posture.

Education

Mechanical Engineering

Rajeev Institute of Technology
Hassan
01.2016

Skills

  • Risk management
  • Incident response
  • IT security governance
  • Team leadership
  • Critical thinking
  • SIEM architecture

Disclaimer

I Here declare that the above given information is correct to the best of my knowledge and belief.

Professional Summary

Information Security, Networking concepts, Security solutions, SOC operations, Risk Management, IS Audits, Policy Framework, Qualys Vulnerability Management, CCNA, ISO 27001/2, SOC 2(type1, type 2), GDPR, NIST.

Certification

CCNA

Timeline

Assistant Manager

KPMG INDIA
01.2024 - Current

Senior Security Consultant

Cyraacs India Pvt LTD
09.2022 - 01.2024

L2 Senior Security Analyst

ITC infotech
04.2021 - 09.2022

Engineer

Flowserve Corporation Pvt LTD
07.2019 - 03.2021

Design Engineer (Security team)

RGBSI
06.2018 - 07.2019

Design Engineer

Accrue SPMS
10.2016 - 05.2018

Mechanical Engineering

Rajeev Institute of Technology

Similar Profiles

CREATE PROFILE
Madhu C N