Summary
Overview
Work History
Education
Skills
Certification
Timeline
AccountManager
Naveen Kumar

Naveen Kumar

Cyber Security
Ahmadpur, Rewari (Haryana)

Summary

  • B.Tech in IT professional with 10 years of experience in SOC security solutions in fast-paced environments. Skilled in Microsoft Security tools, Network Security, Email Security, Cyber security, SIEM, Incident Response, Threat Analysis with proven history of delivering exceptional risk management support.
  • Seasoned Lead Engineer with a resourceful, hardworking and quality-driven mindset. Proactive in tackling equipment and system issues to maintain operational status. Top-notch leader and project manager with an organized and methodical approach.

Overview

9
9
years of professional experience
6
6
years of post-secondary education
2
2
Certifications

Work History

Lead Engineer

Wipro||European Project
Gurgaon
2022.07 - Current
  • Hands-on experience with Administrator role on Azure security and Microsoft XDR solutions like: (Microsoft Defender for Endpoint, Office, Identity, Cloud apps, DLP, AAD Identity Protection)
  • Enhancing investigation process by enabling predefined XDR features such as Advance hunting, live response session, Run Antivirus scan, Restrict App Execution, Initiate Automated Investigation, Isolate Device, Collect Investigation Package, Enable/Disable user in AD, Force password reset
  • Working on Microsoft Defender for Endpoint according to the alert severity to apply remediation steps to prevent the cyber threats deep analysis using Advanced hunting in defender and custom detection rule creation which will be triggered in different suspicious activity scenarios
  • Working on Microsoft Defender for Office to investigating Phishing, Quarantine emails and taking appropriate actions like Delete, Blocking sender and domain in O365
  • Manage the Vulnerabilities Part according to inventories, weakness, Event Timeline, recommendation, and remediation as per the Baseline assessment that found by XDR
  • Proactively curating industry specific Threat intelligence with Recorded Future as well as open-source tools and sweeping out accordingly
  • Performing hypothesis using threat intelligence and Advance Hunting TTP's mapping them with the MITRE ATT&CK framework
  • Working on Service Now tool as incident handler and response for customer
  • Have good knowledge about the IR process also present the report to ensure meet SLA as defined and Audit Purposes.

Associate Consultant

Tata Consultancy Services Limited ||European Project
Gurgaon
2021.07 - 2022.06


  • Worked as SOC Lead to handle Microsoft Sentinel, Microsoft Defender for Endpoint, Azure ATP, Microsoft Office 365 ATP, Proof point Email Security, Service-NOW
  • Working on Microsoft defender for Endpoint to analysis and monitoring alerts triggered on different Endpoints in the network
  • Based on alert severity apply remediation steps to prevent the cyber threats (Ransomware, virus etc.) attacks (malicious PowerShell alerts, log4j vulnerability, IOC related alerts) deep analysis using Advanced hunting in defender ATP and custom detection rule creation which will be triggered in different suspicious activity scenarios
  • Microsoft Sentinel as SIEM tool to investigation the Incidents and alerts from integrated sources for suspicious activity according defined rules
  • Integration of Log sources in Sentinel, creation and fine tune of use cases and create report and dashboard as per requirement
  • Proof Point Email security gateway for Email authentication related issues (SPF, DMARC, DKIM), non-delivery, Spam detection, IOC Block, Email Delete, Header Analyzer, create custom rules as requirement
  • Working on Microsoft Azure ATP for monitoring and analysis user login-based activity, brute force attempts, honey token activity, monitoring account lockout related alerts and finding out the reason behind it.

Sr. Security Analyst

Inspira || PSB Bank Project
Gurgaon
2021.01 - 2021.06
  • Work as SOC Lead and Implementation Team to implement some solutions like as SIEM, NBAD, Decoy Honeypot, Algosec NSPM
  • Monitoring of RSA SIEM components and Integration of various Log sources in SIEM
  • Create, modify and fine tune Use case and SIEM reports, dashboards according alerts as per requirement.

Cyber Security Analyst

Sify Technologies Limited || PNB Bank
New Delhi
2018.08 - 2021.01
  • Worked on the different security tools as RSA Net witness, Checkpoint Firewall, Fortigate, ASA, ITGRC, Cisco NBA, Proxy, DLP in centralized SOC
  • Experience in SIEM for Incident and alert for real time events and Creating alerts, rules, reports, Dash-lets and dashboards as per requirements
  • Event Source integration with SIEM with syslog, odbc, file, SNMP, windows methods, parser & event source template development
  • Worked on incident and problem ticket reported by end users/customers
  • Analyze for attacks, intrusions and unusual, unauthorized, or illegal activity.

Network Security Engineer

Badve Engineering Limited
Pune
2015.10 - 2018.08


  • Worked on Checkpoint Firewall for monitoring and filtering traffic
  • Installation & Configuration of Checkpoint Gaia R77.30
  • Possess sound knowledge of Network Address Translation, Access Control List, License and VPN Technology
  • Knowledge of SAM Database, IP Spoofing, Smart View Monitor, Smart View Tracker, SIC
  • Strong, hands-on technical knowledge of Network and PC operating systems.

IT Engineer

MRKIET Education Society
Rewari
2013.07 - 2015.10
  • Handle IT Department to provide IT security framework that ensure the protection of University Information from unauthorized access, loss or damage while supporting the open, information-sharing needs of our academic culture
  • Installation and maintain Servers, Printers and Windows Platform systems
  • Handle Internet and Intranet security through Proxy emails, Network file sharing
  • Maintain all assets documents and Monitoring health and checklist Reports

Education

Bachelor of Technology - Computer Science Engineering

MRKIET College (Under MDU University)
Rewari
2010.06 - 2013.06

Diploma - Computer Science Engineering

Govt. Polytechnic, HSBTE Panchkula
Jhajjar
2006.06 - 2009.06

Skills

     Vulnerability Assessment using Microsoft Defender tools to evaluate attack vectors, identify system vulnerabilities and develop remediation plans and security procedures.

undefined

Certification

Checkpoint Certified Security Administrator -(CCSA -CP0000102028)

Timeline

Lead Engineer

Wipro||European Project
2022.07 - Current

Associate Consultant

Tata Consultancy Services Limited ||European Project
2021.07 - 2022.06

Sr. Security Analyst

Inspira || PSB Bank Project
2021.01 - 2021.06

Cyber Security Analyst

Sify Technologies Limited || PNB Bank
2018.08 - 2021.01

Network Security Engineer

Badve Engineering Limited
2015.10 - 2018.08

IT Engineer

MRKIET Education Society
2013.07 - 2015.10

Bachelor of Technology - Computer Science Engineering

MRKIET College (Under MDU University)
2010.06 - 2013.06

Diploma - Computer Science Engineering

Govt. Polytechnic, HSBTE Panchkula
2006.06 - 2009.06
Checkpoint Certified Security Administrator -(CCSA -CP0000102028)
CEH- Certified Ethical Hacker-(CEH v10 -542922)

Similar Profiles

  • Sultan AL Ahmadi

    Sultan AL AhmadiSultan AL Ahmadi

    Location support engineer at Wipro Arabia ( Saudia Airline project & SAL project )Location support engineer at Wipro Arabia ( Saudia Airline project & SAL project )

    View Profile
  • Abdihafid Ali

    Abdihafid AliAbdihafid Ali

    Refugee and Asylum Seekers at European Union projectRefugee and Asylum Seekers at European Union project

    View Profile
  • Antony Nyerere Dudiyyeck

    Antony Nyerere DudiyyeckAntony Nyerere Dudiyyeck

    Project Logistic Coordinator at European Union Funded ProjectProject Logistic Coordinator at European Union Funded Project

    View Profile
Naveen KumarCyber Security