Seeking senior-level assignments in the Information Security Domain with an organization of high repute.
Accomplished leader with 15 years of total work experience in Cyber Security, encompassing 17 years in Information Security and 8 years as a Cyber Security Leader. My expertise encompasses Global Security Operations, Cyber Security Incident Response, Threat Hunting, Threat Intelligence, Data Loss Prevention, Vulnerability Management, People Management, Team Building, and Project Management.
Proficient in planning and executing incident response exercises, setting measurable benchmarks for progress, and leading support teams for analysis, investigation, remediation, and in-depth incident response.
Proficient in managing security event investigations and collaborating with cross-functional teams to ensure comprehensive responses.
Proficient in developing detection techniques for Threat Intelligence, Threat Hunting, and crafting custom Indicators of Compromise (IOCs). Dedicated to continuous learning and innovation in Cyber Security and Risk Management, contributing to bottom-line business success.
A detail-oriented communicator and leader with effective interpersonal skills, fostering trust and empathy within teams. Demonstrates exceptional levels of integrity, work ethic, and determination to achieve organizational goals.
Security professional with extensive experience in safeguarding digital assets and implementing security protocols. Known for collaborative approach and consistent delivery of secure solutions amidst evolving threats. Proficient in network security, threat analysis, and incident response, while maintaining high standards.
Experienced with network security, threat analysis, and incident response. Utilizes analytical skills to fortify systems against potential breaches. Strong understanding of risk management and proactive security measures.
Diligent with strong foundation in security engineering, specializing in network security and threat analysis. Proven ability to identify vulnerabilities and implement robust security measures. Demonstrated expertise in incident response and risk management.
Professional security engineer with strong background in implementing and managing security protocols. Expertise in threat analysis, risk assessment, and vulnerability management. Strong focus on team collaboration and achieving results. Reliable and adaptable to changing needs, with skills in security engineering oeration, and incident response.
Overview
15
15
years of professional experience
1
1
Certification
Work History
Lead Cyber Security Engineer
HCL Technologies
08.2024 - Current
To plan, develop, and redesign the SIEM Exabeam logs from source such cloud, network, and server device syslogs across the global device assets
Streamline to efficient SIEM Exabeam integration, with real-time logging, threat detection, and analysis across cloud, network, and server environments
SOC Manager
Granicus Technologies
03.2023 - 07.2024
Enhance Security Operations processes across multiple detection sets and technologies, continually monitoring and evaluating for improvement
Lead Global Security Operations (24/7), overseeing Cyber Security Incident and Threat Management, Endpoint Security, and Vulnerability Management
Provide support for internal operations, investigations, and mitigation efforts
Develop the Global Security Operations (GSOC) standard for a Next-Generation SOC, focusing on process refinement, SOC tool enhancement, and automation
Ensure adherence to standard Cyber Security incident management processes, acting as the Incident Handler for critical cyber security incidents
Plan, prepare, and mature Cyber Security Incident Response, Threat Intelligence, and Threat Hunting capabilities, tracking adversary groups targeting the organization
Refine and optimize operational processes, improving playbooks and runbooks used by SOC Analysts
Monitor threat actors, manage zero-day vulnerabilities, and track adversary groups targeting the organization
Develop and maintain operational playbooks, runbook to ensure compliance with security laws, regulations, and privacy legislation
Conduct Cyber Security Incident Internal Audits to enhance overall quality and ensure compliance with SLAs and process adherence
Establish a proficient team in Security Operations, Use cases, Security Tools, Incident Response, and Metrics
Generate incident reports and SOC KPI/metrics reports periodically, collaborating with stakeholders for governance reviews
Manage team schedules, resource utilization, and recruit, mentor, and retain security operation professionals
Provide security thought leadership and collaborate with SOC Analysts to provide feedback on current capabilities
Evaluate potential business impacts from security breaches and provide strategic guidance to decision-makers
Build strong relationships with businesses, stakeholders, and leaders to drive consistency and influence change in the security operations posture
Senior Manager Cyber Security Operation
Silicon Valley Bank
02.2023 - 03.2023
Build a team of personnel performing in Security Operations, Use cases, Security Tools, Security Incident Response, and Security Metrics
Evaluate and adversary groups targeting FinTech/ FinServ
Global Security Operation Manager
Alstom Transport India Limited
09.2021 - 02.2023
Manage the Cyber Security Operations Center (SOC) team consisting of 61 members, including 6 internal employees and 55 contractor resources across SOC tiers and security domains
Lead SOC readiness during the Bombardier and Alstom merger for 80,000 global employees
Set up and integrate SIEM solutions (Splunk and IBM QRadar) to ONE SIEM from vendors IBM and Capgemini
Provide mentorship and technical support to internal and external SOC resources
Detect, mitigate, and respond to Cyber Security attacks globally, covering IT and LAB assets, including cloud ecosystems
Drive Security Incident Investigation and process improvements to enhance SOC's capabilities
Provide day-to-day leadership and steer technical direction for SOC operations and Cyber Security Analytics
Ensure effective threat detection across all IT assets and integration into SIEM for centralized monitoring
Capture use case tuning requirements, implement use cases, and oversee Incident Response and Vulnerability Management
Implement SOC solutions and technology enhancements for effective Cyber Security posture
Identify and protect critical assets and set up Cloud Security Monitoring SOC
Plan, prepare, and mature the Incident Response team for Cloud and On-Premise Infrastructure
Monitor service effectiveness, ensure partner compliance, and assist in securing product releases
Conduct Red Team VAPT for IoT, Cloud, and Hardware devices
Ensure compliance with EU GDPR and ISO 27001:2013 standards and support audits
Provide regular reports on security posture and Cyber Security incident metrics to senior management
Track and communicate Cyber Security risks, participate in Change and Problem Management
Collaborate with partners and customers on Security Incident response and risk mitigation
Execute Tabletop exercises to test process effectiveness and collate risks from various technologies
Track Cyber Security incident-related KPIs & metrics and report necessary metrics to senior management
Assist Business Units in securing current product releases
Global Information Security Associate Manager
Juniper Networks India (P) Ltd
08.2016 - 09.2021
Lead global response efforts to critical threats and support the end-to-end incident handling and response cycle according to Juniper standards
Provide second- and third-level support and analysis during and after security incidents
Elevate the existing level 1 team with 1-3 years of experience to operate at levels 2 and 3 through mentorship and supportive training programs
Collaborate with MSSP team for attribution, true vs
False positive assessment, and other tasks to focus on true positives and critical items
Participate in security investigations and compliance reviews as requested by internal or external auditors
Create Playbooks, Runbooks, and training documentation as needed
Ensure adherence to SLAs and conduct weekly management SOC meetings
Foster full collaboration, threat sharing, identification of new risks, and efficient remediation plans
Collaborate with the ServiceNow team on security incidents in ServiceNow's Security Operations suite tuning and automation
Drive team enhancement through arranging training sessions
Develop and maintain critical industry connections within peer and partner organizations
Restructure AD and other Applications that were not aligned with Information Security
Enable centralized logging for all network infrastructure devices
Conduct information security awareness sessions to educate employees, vendors, and contractors on business criticality through in-house developed training modules
Lead Information Security Administrator
Electronic Government Authority,UAE
06.2015 - 07.2016
Investigate security incidents, threats, and drive mitigation solutions aligned with the organization's roadmap
Implement past threat analysis findings to enhance the organization's security posture
Manage vendor relationships for the Annual Maintenance Contract (AMC) of SOC tools
Maintain the Infosec (SOC) dashboard and conduct management meetings on a weekly, monthly, and quarterly basis
Draft IS policies and ensure effective adherence to them in both technical and operational aspects
Implement ISMS processes within the organization
Conduct Vulnerability Assessment and Penetration Testing (VAPT) and application security audits
Review and audit user-level access control provisioning and revocation processes
Act as a core team member for conducting ISMS audits and adhere to IEC62443 standards
Direct organizational goals and vision to achieve ISO 27001:2013 compliance
Ensure effective drafting and adherence to IS policies
Information Security Analyst 3
Juniper Networks India (P) Ltd
10.2009 - 05.2015
Perform daily SOC Operations, including event monitoring, SIEM management, tool configuration and support, and regular vulnerability scanning
Maintain Standard Operating Procedures (SOP) and the SOC dashboard with critical updates
Collaborate with Security Operations (Sec Ops) teams and IT teams on security incidents, providing them with in-depth technical knowledge
Education
MSC - IT
Sikkim Manipal University
01.2012
B.Com. -
ST Aloysius College
01.2005
Skills
IBM QRadar
Splunk
LogRhythm
CrowdStrike
Microsoft Defender
Cyber Reason
FireEye
McAfee
Netskope
Proof Point
Microsoft ATP
Palo Alto Cortex
Juniper IPS
McAfee IPS
Juniper Networks
Palo Alto Networks
Qualys guard
Zscaler
Service Now
JIRA
Cuckoo
Incident response
Risk management
Threat analysis
Vulnerability assessment
Security audits
Security policies
Security architecture
Security operations
Incident management
Security consulting
Security standards
Security engineering
Security strategy
Security solutions
Security management
Vulnerability management
Certification
ECSA V8: EC-Council Certified Security Analyst
CEH V8: Certified Ethical Hacker V8
Microsoft Certified Systems Administrator - MCSA
Microsoft Certified Systems Engineer - MCSE
EXIN Certified ITIL Foundation
GIAC Continuous Monitoring Certification (GMON) Completed Training
CISSP (Certified Information Systems Security Professional) - Completed Training
CISM (Certified Information Security Manager) - Completed Training
Activitiesandhobbies
Organized yearly security awareness programs.
Member of Toastmasters club.
Hobbies include Long Bike Trips, Traveling with Family, and playing Badminton.
Disclaimer
I hereby declare that all information presented above is true to the best of my knowledge.
Professionalpreface
Accomplished leader with 15 years of total work experience in Cyber Security, encompassing 17 years in Information Security and 8 years as a Cyber Security Leader.
My expertise encompasses Global Security Operations, Cyber Security Incident Response, Threat Hunting, Threat Intelligence, Data Loss Prevention, Vulnerability Management, People Management, Team Building, and Project Management.
Proficient in planning and executing incident response exercises, setting measurable benchmarks for progress, and leading support teams for analysis, investigation, remediation, and in-depth incident response.
Proficient in managing security event investigations and collaborating with cross-functional teams to ensure comprehensive responses.
Proficient in developing detection techniques for Threat Intelligence, Threat Hunting, and crafting custom Indicators of Compromise (IOCs).
Dedicated to continuous learning and innovation in Cyber Security and Risk Management, contributing to bottom-line business success.
A detail-oriented communicator and leader with effective interpersonal skills, fostering trust and empathy within teams.
Demonstrates exceptional levels of integrity, work ethic, and determination to achieve organizational goals.
ETL Lead /Onshore Technical Business Analyst at HCL Technologies India & HCL Technologies NZ LtdETL Lead /Onshore Technical Business Analyst at HCL Technologies India & HCL Technologies NZ Ltd