Prasad Kaginkar
Threat Hunter\Incident Responder\Blue Teamer
Mumbai
Summary
A Cybersecurity Enthusiast who gets a kick out of hunting the bad guys. An experienced professional with 13+ years of experience , who firmly believes in methodology of offense being the best defense when dealing with threats, Understanding the tactics used and having an understanding of the attack surface and on basis of that knowledge leveraging tools to mitigating threats.
Overview
14
14
years of professional experience
17
17
years of post-secondary education
5
5
Certifications
Work History
Associate Vice President
Kotak Mahindra Bank
03.2024 - Current
- Work Primarily as a Threat Hunter for Kotak Mahindra Bank
- Create and Perform Hypothesis\IOA based Hunts relevant to organization attack Surface.
- Review existing hunts queries on Splunk and Trend Micro XDR and fine tune them.
- Work on any new threats specific to organization. Research on them and create relevant hunts and run them.
- Work also on any Critical incidents escalated from SOC Team.
Technical Lead Cybersecurity/ Threat Hunter
Tata Consultancy Services Limited
01.2015 - 03.2024
- Threat Hunting - Proactively Search for cyber threats and risks in data collected from various data sources.
- Create and define the Hypothesis for hunting based on MiTRE ATT&CK Framework, relevant to the attack surface.
- Perform Hypothesis\IOA\Campaign based hunts , Capture outcome and publish Reports.
- Look for current cyber-attacks trends, research on it and determine TTP's and search for determined threats in organization. Using Threat Intelligence Platform such as Recorded Future to research on hunts.
- Create monthly, and weekly reports highlighting performed hunting and findings.
- Incident Responder - Handle critical incidents , Investigate any escalated or P1 Cases .
- Using tools such FLTR (Humio)\ Crowdstrike event search \ Qradar SIEM for hunting and Investigations.
- Creating use cases in Threat Intel for relevant threats, POC, exploits with respect to organization wide infrastructure.
- Creating Rules in Recorded Future (TI) for alerts on basis of Watch Lists which are populated in RF for example typosquat domains , brand abuse alerts, threat actor campaigns etc.
- POV done for Mandiant Threat Intelligence and published report for same.
- Build use-case repositories, for various data sources such as Firewall, IPS, WAF, proxy, Windows etc.
- Create reports and trends analysis of IPS , WAF and Firewall.
- Use Tools such as Mandiant Security Validation for testing Security controls and create use cases to test security controls against attack vectors and also use the tool to perform purple teaming.
- Guiding Team of SOC analyst acting as escalation point for incidents handle by them as well as helping them in technical aspects of their investigations.
- Live Forensics through Crowdstrike Forensic Collector and tools like Cylr etc for Incidents.
- Network Security Analyst - Deploy WAF for TCS applications . Around 250 application were deployed with WAF policies.
- Fine Tuning of WAF policies and mitigate any false positives.
- Evaluated AKAMAI WAF for on cloud WAF requirements.
- Evaluated and Deploy Fireeye Smartvision and NX.
- Migrate TCS perimeter Firewall from Checkpoint to Palo Alto , for across TCS global Perimeter locations and in Azure
- Configuration and deploy of GP protect and Anyconnect VPN for remote users GPCS(Prisma) for wifi traffic.
- Facilitated knowledge sharing sessions within the technical team to improve skillsets and encourage innovative solution development
Network Engineer
HCL Comnet Limited
08.2012 - 12.2014
- Responsible for NSE DC & IP Trading Network, Enterprise LAN\WAN, Site Network Implementations and Upgrades.
- As part of Major Data center Migration Project including redesign of complete Network Architecture for New Data Center.
- Creating and maintaining Access rules for Firewall access for members Trading into NSE as per requirement on Checkpoint 21400 Firewall and FWSM.
- Responsible for re-engineering of network on basis of Cisco Best Practice Implementation for Cisco 7600 Routers, Cisco Catalyst 6500/4500/3750 , Nexus 7K/5K Switches.
- Coordination with Cisco NOS and TAC team to proactively support planned activity and correctively solve network issues to ensure uptime of critical network.
Network Engineer
CMS Infosystems Private Limited
07.2011 - 08.2012
- Core Job Function involves monitoring and troubleshooting Pan-India RBS Network and being first point of contact for any network issues reported across RBS India Network as part of TNS team(Telecommunication and Network services).
- Implementing Changes over Network.
- Configuring and Troubleshooting Local Lan connectivity issues for Pan India RBS Sites.
Network Engineer
3I Infotech
07.2010 - 07.2011
- Monitoring NOC, Configuring Routers & Switching, Monitoring Leased Lines.
Education
Bachelor of Engineering - Computer Engineering
Vidyalankar Institure of Technology
Mumbai, MH 07.2004 - 05.2008
HSC - Computer Science
N.E.S Junior College of Arts, Science And Commerce
Mumbai 06.2002 - 06.2004
SSC - SSC
W.E.E.S English High School
Mumbai 07.1991 - 05.2002
Skills
Threat Hunting
Digital Forensic Incident Response
Threat Intelligence Analyst
Threat\Security Analysis
Network Security Analysis
Malware Analysis
Accomplishments
- On The Spot Award for Conducting hunts on Perimeter and Web application which was a Major attack Surface
- On the Spot Award for proactively hunting down Internal\External Red team Assessment.
- Managing a team of 10 members in SOC.
- Starting OSINT hunt's and guiding team on carrying out OSINT hunt.
- Appreciation Received for Security Assessment of ZPA and identifying an design flaw and recommendation
- Appreciation Received for Deploying F5 WAF for close to 300 web application as a part of Project 90.
- On The Spot Award for Palo Alto Firewall Deployment & Migration.
- Appreciation Received for Migration of Websense Proxy to Bluecoat Proxy SG.
Languages
English
Advanced
Marathi
Advanced
Hindi
Advanced
Certification
CHFI
Additional Information
- Date Of Birth - 17th Feb 1987
Timeline
Associate Vice President
Kotak Mahindra Bank
03.2024 - Current
CHFI
09-2023
EJPT
07-2022
CEH
05-2020
Amazon Web Services Solutions Architect Associate
05-2019
PCNSE
02-2019
Technical Lead Cybersecurity/ Threat Hunter
Tata Consultancy Services Limited
01.2015 - 03.2024
Network Engineer
HCL Comnet Limited
08.2012 - 12.2014
Network Engineer
CMS Infosystems Private Limited
07.2011 - 08.2012
Network Engineer
3I Infotech
07.2010 - 07.2011
Bachelor of Engineering - Computer Engineering
Vidyalankar Institure of Technology
07.2004 - 05.2008
HSC - Computer Science
N.E.S Junior College of Arts, Science And Commerce
06.2002 - 06.2004
SSC - SSC
W.E.E.S English High School
07.1991 - 05.2002
Similar Profiles
Sveta KakerlaSveta Kakerla
DEPUTY MANAGER - Product Manager: Risk Monitoring at KOTAK MAHINDRA BANK- Kotak 811DEPUTY MANAGER - Product Manager: Risk Monitoring at KOTAK MAHINDRA BANK- Kotak 811
PRIYANKA KUMBLEKAR SHINDEPRIYANKA KUMBLEKAR SHINDE
Associate Vice President at Kotak Mahindra BankAssociate Vice President at Kotak Mahindra Bank
RUMAN KUMAR TANDIRUMAN KUMAR TANDI
DEPUTY MANAGER at KOTAK MAHINDRA BANKDEPUTY MANAGER at KOTAK MAHINDRA BANK
Dhruvish ShahDhruvish Shah
Branch Manager - (AVP) at KOTAK Mahindra Bank Ltd.Branch Manager - (AVP) at KOTAK Mahindra Bank Ltd.
Mukul GuptaMukul Gupta
Senior Sourcing Manager at NTT GLOBAL NETWORKSSenior Sourcing Manager at NTT GLOBAL NETWORKS