Nagadeep K V

Implemented comprehensive information security policies, ensuring compliance with NIST & HIPAA standards and regulations.
Monitored Trusted Advisor(AWS) w.r.t compliance & security to meet guidelines.
Contributed to the design and implementation incident response plan w.r.t AWS platform, ensuring preparedness for cyber threats and minimizing potential damages.
Spearheaded security audits, providing actionable recommendations to improve overall organizational resilience against cyber threats.
Presented technical findings clearly and concisely during meetings, fostering trust and confidence in engineering capabilities
Conducted regular risk assessments for proactive threat mitigation within the organization''s IT infrastructure.
Improved communication between departments and holding regular cross-functional team meetings
Established best security practices for documentation, across all projects and making it easier for team members to collaborate effectively
Evaluated emerging security technologies, recommending solutions that aligned with the organization''s objectives and risk appetite.

• Performing active monitoring for alerts, to investigate proactively and suggest recommendations for any suspicious activity.
• Root cause analysis and log collection to provide initial level resolution
• Splunk Use case management – As per MITRE ATT&CK Framework
• ServiceNow management- SNOW incident automation, Creating Splunk ES event Profile & KB articles in SNOW.
• Creation of SOPs, updating knowledgebase and keeping track of false positive lists based on findings
• Generating ad-hoc reports, fulfillment of ad-hoc log requests for investigations. Event analysis and identifying anomalies
• Automation on Splunk Phantom(SOAR) for EDR solutions
• Managing SOC Team L1 & L2 resources.
• Creating Monthly Reports for the business review based on priority & SLAs
• Establishing standard procedures and guiding team to handle & analyze SOC incidents to prevent cyber threats.
• Attending weekly/Monthly call with management & client to focus on current challenges & Action items

• Responsible for providing client with 24/7 monitoring to protect against threats and comply with regulations.
• Performing active monitoring as initial level analysis for alerts, to investigate proactively and suggest recommendations for any suspicious activity.
• Investigating on Security incidents to understand TTP (Tactics, Techniques, Procedures) of infection.
• Creation of SOPs and updating knowledgebase.
• Suggested some ideas for Process/Pattern Fine tuning so we can reduce process GAP/False positive alerts
• Monitoring health status of component of SIEM tools and all devices and their logging status for both security and non-security logs.
• Sending advisories on latest vulnerability and threats across team and need to know.
• Teams /Groups, imparting KT to new joiners and cascading continuous learnings.
• Involved in developing Use cases/Active dashboards/ generic Process and providing suggestion to whitelist, i.e. Fine tune Rules based on log patterns.
• Sound knowledge and experience in SIEM, network-based intrusion detection for log analysis to determine threat pattern, attacks and anomalies on network
• Building new Rules, Query and Dashboards (SIEM, perspective), to have a view of real-time activities in network
• Evaluating new / emerging security threats and technologies
• Analysis of email headers of spear-phishing emails.

• Application Security Assessment and Optimization
• Role: Responsible for Network scanning, enumeration, performing OS fingerprinting, port scanning and vulnerability scanning of system., Handled Internal & External Network Penetration testing
• Network scanning, enumeration, performing OS fingerprinting, port scanning and vulnerability scanning of system
• Compromise targets with reference to port scanning and vulnerability scan results
• Preparing Security Test cases, Security test report and recommendation on identified vulnerabilities.