Naveen Kumar
Cyber Security
Ahmadpur, Rewari (Haryana)
Summary
- B.Tech in IT professional with 10 years of experience in SOC security solutions in fast-paced environments. Skilled in Microsoft Security tools, Network Security, Email Security, Cyber security, SIEM, Incident Response, Threat Analysis with proven history of delivering exceptional risk management support.
- Seasoned Lead Engineer with a resourceful, hardworking and quality-driven mindset. Proactive in tackling equipment and system issues to maintain operational status. Top-notch leader and project manager with an organized and methodical approach.
Overview
9
9
years of professional experience
6
6
years of post-secondary education
2
2
Certifications
Work History
Lead Engineer
Wipro||European Project
Gurgaon
07.2022 - Current
- Hands-on experience with Administrator role on Azure security and Microsoft XDR solutions like: (Microsoft Defender for Endpoint, Office, Identity, Cloud apps, DLP, AAD Identity Protection)
- Enhancing investigation process by enabling predefined XDR features such as Advance hunting, live response session, Run Antivirus scan, Restrict App Execution, Initiate Automated Investigation, Isolate Device, Collect Investigation Package, Enable/Disable user in AD, Force password reset
- Working on Microsoft Defender for Endpoint according to the alert severity to apply remediation steps to prevent the cyber threats deep analysis using Advanced hunting in defender and custom detection rule creation which will be triggered in different suspicious activity scenarios
- Working on Microsoft Defender for Office to investigating Phishing, Quarantine emails and taking appropriate actions like Delete, Blocking sender and domain in O365
- Manage the Vulnerabilities Part according to inventories, weakness, Event Timeline, recommendation, and remediation as per the Baseline assessment that found by XDR
- Proactively curating industry specific Threat intelligence with Recorded Future as well as open-source tools and sweeping out accordingly
- Performing hypothesis using threat intelligence and Advance Hunting TTP's mapping them with the MITRE ATT&CK framework
- Working on Service Now tool as incident handler and response for customer
- Have good knowledge about the IR process also present the report to ensure meet SLA as defined and Audit Purposes.
Associate Consultant
Tata Consultancy Services Limited ||European Project
Gurgaon
07.2021 - 06.2022
- Worked as SOC Lead to handle Microsoft Sentinel, Microsoft Defender for Endpoint, Azure ATP, Microsoft Office 365 ATP, Proof point Email Security, Service-NOW
- Working on Microsoft defender for Endpoint to analysis and monitoring alerts triggered on different Endpoints in the network
- Based on alert severity apply remediation steps to prevent the cyber threats (Ransomware, virus etc.) attacks (malicious PowerShell alerts, log4j vulnerability, IOC related alerts) deep analysis using Advanced hunting in defender ATP and custom detection rule creation which will be triggered in different suspicious activity scenarios
- Microsoft Sentinel as SIEM tool to investigation the Incidents and alerts from integrated sources for suspicious activity according defined rules
- Integration of Log sources in Sentinel, creation and fine tune of use cases and create report and dashboard as per requirement
- Proof Point Email security gateway for Email authentication related issues (SPF, DMARC, DKIM), non-delivery, Spam detection, IOC Block, Email Delete, Header Analyzer, create custom rules as requirement
- Working on Microsoft Azure ATP for monitoring and analysis user login-based activity, brute force attempts, honey token activity, monitoring account lockout related alerts and finding out the reason behind it.
Sr. Security Analyst
Inspira || PSB Bank Project
Gurgaon
01.2021 - 06.2021
- Work as SOC Lead and Implementation Team to implement some solutions like as SIEM, NBAD, Decoy Honeypot, Algosec NSPM
- Monitoring of RSA SIEM components and Integration of various Log sources in SIEM
- Create, modify and fine tune Use case and SIEM reports, dashboards according alerts as per requirement.
Cyber Security Analyst
Sify Technologies Limited || PNB Bank
New Delhi
08.2018 - 01.2021
- Worked on the different security tools as RSA Net witness, Checkpoint Firewall, Fortigate, ASA, ITGRC, Cisco NBA, Proxy, DLP in centralized SOC
- Experience in SIEM for Incident and alert for real time events and Creating alerts, rules, reports, Dash-lets and dashboards as per requirements
- Event Source integration with SIEM with syslog, odbc, file, SNMP, windows methods, parser & event source template development
- Worked on incident and problem ticket reported by end users/customers
- Analyze for attacks, intrusions and unusual, unauthorized, or illegal activity.
Network Security Engineer
Badve Engineering Limited
Pune
10.2015 - 08.2018
- Worked on Checkpoint Firewall for monitoring and filtering traffic
- Installation & Configuration of Checkpoint Gaia R77.30
- Possess sound knowledge of Network Address Translation, Access Control List, License and VPN Technology
- Knowledge of SAM Database, IP Spoofing, Smart View Monitor, Smart View Tracker, SIC
- Strong, hands-on technical knowledge of Network and PC operating systems.
IT Engineer
MRKIET Education Society
Rewari
07.2013 - 10.2015
- Handle IT Department to provide IT security framework that ensure the protection of University Information from unauthorized access, loss or damage while supporting the open, information-sharing needs of our academic culture
- Installation and maintain Servers, Printers and Windows Platform systems
- Handle Internet and Intranet security through Proxy emails, Network file sharing
- Maintain all assets documents and Monitoring health and checklist Reports
Education
Bachelor of Technology - Computer Science Engineering
MRKIET College (Under MDU University)
Rewari 06.2010 - 06.2013
Diploma - Computer Science Engineering
Govt. Polytechnic, HSBTE Panchkula
Jhajjar 06.2006 - 06.2009
Skills
Vulnerability Assessment using Microsoft Defender tools to evaluate attack vectors, identify system vulnerabilities and develop remediation plans and security procedures
Assisted in ensuring that the corporate IT environment is secure and complies with all external audit requirements and federal standards
Possess a well-balanced understanding of business relationships, business requirements, and technical solutions with ability to work collaboratively with different team
Presenting the WSR and MSR to customer as well as Weekly security tower meeting with all stakeholders for the Highlight In-Progress items/ Action/ Key update
Work on query of Customer, Vendor, TAC and update the status about project to Management Also Manage the team as per Team lead role
Certification
Checkpoint Certified Security Administrator -(CCSA -CP0000102028)
Timeline
Lead Engineer
Wipro||European Project
07.2022 - Current
Associate Consultant
Tata Consultancy Services Limited ||European Project
07.2021 - 06.2022
Sr. Security Analyst
Inspira || PSB Bank Project
01.2021 - 06.2021
Cyber Security Analyst
Sify Technologies Limited || PNB Bank
08.2018 - 01.2021
Network Security Engineer
Badve Engineering Limited
10.2015 - 08.2018
IT Engineer
MRKIET Education Society
07.2013 - 10.2015
Bachelor of Technology - Computer Science Engineering
MRKIET College (Under MDU University)
06.2010 - 06.2013
Diploma - Computer Science Engineering
Govt. Polytechnic, HSBTE Panchkula
06.2006 - 06.2009