MATHUGANESH R

· Engaged with second-line risk teams to identify security control gaps and process deficiencies in alignment with organisational information security standards, and ensured findings were documented in the risk register along with remediation actions, ownership assignment, and defined timelines

· Led the implementation of scheduled anti-malware scans across endpoints, servers, and ATMs, addressing compliance gaps and mitigating malware risks.

· Established anti-malware controls for Linux systems, collaborating with second and third line of defence to register and resolve risks in the enterprise risk register.

· Identified and remediated a process gap by integrating anti-malware access controls within Identity Access Management (IAM), ensuring alignment with ICS standards.

· Analysed and recertified legacy Host Firewall rules with respective owners to enhance tool performance and ensure security policies remained effective and up to date.

· Designed and implemented a governance framework for continuous monitoring, ensuring security processes and controls are recertified annually to maintain effectiveness and compliance.

· Reviewed existing processes and security controls for alignment with ICS standards, updated documentation, and redefined Key Control Indicators (KCIs) & Key Risk Indicators (KRIs) as part of the Risk Control Self-Assessment (RCSA) process.

· Acted as the primary point of contact during Group Internal Audits, managing audit-related queries and delivering detailed responses with supporting documentation for malware protection processes..

· Validated and responded to audit-related queries from regulators such as HKMA, NESA, MAS, and RBI, providing solid evidence to support compliance.

· Automated security product coverage & compliance reports using Power BI, providing management with valuable insights for informed decision-making.

• Led a team of 8 engineers in deploying, managing, and maintaining security devices across client networksEnsured timely resolution and documentation of all work through structured work order tracking
  Participated in weekly client delivery meetings and monthly governance reviews
  Configured and managed Palo Alto Firewalls (5020, 3020), site-to-site IPsec VPNs, and GlobalProtect VPN with two-factor authentication
  Managed security configurations for URL filtering, antivirus, antispyware, and vulnerabilities, along with McAfee ePO infrastructureAutomated firewall configuration backups using XML API
  Defined security policies based on client requirements and created antivirus exclusion rules
  Performed version upgrades across McAfee ePO, VSE, MOVE, and scan engines
  Key Achievements
• Elevated team’s technical capabilities and introduced proactive processes that enhanced customer value.
• Provided advanced Tier-3 support across all managed security tools.
• Successfully deployed high-availability Palo Alto Firewall setups and performed seamless upgrades
• Migrated critical IPsec VPNs and antivirus endpoints as part of major transition projects
  
  

Security Engineer – McAfee Solutions

• Implemented tailored antivirus exclusion policies for various McAfee products in alignment with vendor requirements and security standards
• Collaborated with team members to review work orders and ensure Engineering and Security certifications were properly obtained

Key Contributions:

• Engineered and optimized McAfee tools including VirusScan Enterprise, Endpoint Encryption, and Scan Engine; conducted thorough performance and functionality testing in Windows Server 2003/2008 environments
• Authored detailed implementation guides based on test findings, enabling smoother deployments and improving operational team efficiency

• Monitored network capacity and performance to diagnose and resolve complex network problems.
• Provided network support services for devices such as hubs, bridges, routers, and other hardware.
• Reduced downtime with proactive monitoring of network devices and rapid troubleshooting.
• Optimized routing protocols to improve data transfer speeds across the organization''s network infrastructure.