Pravash Sahu
Cyber Security Lead
Bengaluru
Summary
An experienced Cyber Security Professional with over 20+ years of successful experience in managing and transforming large/medium global accounts on IT Infrastructure & Cyber Security Services.
Overview
21
21
years of professional experience
Work History
Cyber Security Delivery Lead
Accenture India
02.2024 - Current
- At Accenture, my role as a Security Delivery Manager encompasses driving a comprehensive Client Data Protection Program, ensuring IT best practices and managing risks with strategic remediation plans.
- Scope of work includes as below, but no limiting to; - Design, Solution, Implementation and service delivery of the next generation cyber security solutions such as SIEM, EDR/MDR, SOAR for on-premises and Cloud platforms using Azure/AWS/Google.
- - Implementing Incident Response strategy as it pertains to enterprise security actions on a customer network.
- - Collaborate with Data Science, Threat Researchers, SOC analysts, and Customer Security Engineers to develop soar playbooks and automated response capabilities that improve time to remediation and/or reduce analyst time.
- - Define repeatable and scalable implementation and operation models for MDR as an integrated solution with clients Managed Detection and Response.
- - Design/Create integrations between different security solutions that enable investigation and response.
- - Define and create reporting to demonstrate SLA's, identify analyst bottlenecks, and identify areas for product improvement.
- - Manage and develop Case Management workflows as needed.
- - Responsible for ensuring the smooth operation of cyber security services and product design life cycle for Client.
- - Responsible for the day to day running of the Development and Production support including interaction with the internal stake holders and ensuring global cohesion of the operation and support as per standard agreement.
- - Involvement with Pre-Sales team for responding to RFP/RFI. Help clarify Solution assessments queries raised by Client.
- - Demonstration/POC of the proposed solution/Technologies to the Client stake holders. Working for couple of Global clients on managed security solutions. Scope of work includes as below, but no limiting to; - Design, Solution.
Cyber Security Consultant
HCL Tech
12.2021 - 01.2024
- - Design, Solution, Implementation and service delivery of the managed Security solutions. products-CASB, Cloud Compliance, MS defender/ Sentinel and SOAR.
- - Involvement with Pre-Sales team for responding to RFP/RFI. Help clarify Solution assessments queries raised by Client.
- - Demonstration/POC of the proposed solution/Technologies to the Client stake holders.
- - Implementing NextGen security solutions such as SIEM, EDR/SOAR for on-premises and Cloud platforms using Azure/AWS/Google.
- - Tools we have been collaborating and customizing includes as below:
- - Microsoft Defender for Cloud/ Microsoft Defender for Endpoint
- - Azure Single Sign On/Azure Identity
- - Palo Alto CORTEX(XDR) and Google Siemplify for MDR (Managed detection and Response) solutions.
- - Sentinel as SIEM solutions to be integrated with Palo Alto CORTEX(XDR) and ServiceNow
- Microsoft Defender & Symantec Endpoint Protection as Endpoint Security.
- - Implementing Incident Response strategy as it pertains to enterprise security actions on a customer network.
- - Collaborate with Data Science, Threat Researchers, SOC analysts, and Customer Security Engineers to develop soar playbooks and automated response capabilities that improve time to remediation
- - Define repeatable and scalable implementation and operation models for MDR as an integrated solution with clients Managed Detection and Response.
- - Design/Create integrations between different security solutions that enable investigation and response.
- - Responsible for the day to day running of the Development and Production support including interaction with the internal stake holders and ensuring global cohesion of the operation and support as per standard agreement.
Sr. Security Analyst
Ericsson Global India Pvt. Ltd.
04.2020 - 04.2021
- - Working with Ericsson Security Operation Centre within Global IT Security Operations for Ericsson.
- - Working on MS Sentinel, MS Defender, Crowd strike Falcon, Carbon Black, ArcSight/Kibana Elastic Search, Symantec Endpoint protection as part of SIEM/SOC Delivery.
- - Responsible for ensuring triage and escalation is performed appropriately as well as improving all aspects of detection, containment, and resolution of incidents within SOC.
- - Responsible for day to day running of Ericsson Global SOC including interaction with internal stake holders and ensuring global cohesion of SOC function.
- - Define, review, and document new processes that will drive security response to alerts from security products.
- - Working towards mitigation and containment of various hacking and exploitation tools and methodologies, common malware families, and Anti-Virus /DLP/ IDS / IPS evasion techniques with help of Crowd strike Falcon and ArcSight.
- - Creating new policies and remediation plan for latest threat vectors in areas of ransomware, malware and targeted cyber phishing.
- - Identify opportunities to automate inefficiencies and reduce manual triage processes, working on Azure Identity for risky user sign in and their analysis.
- - Develop and deliver upskilling and capability programs that enhance SOC function, working with Security Analysis and Global Technology Lead to target critical deficiencies.
- - Coordinate with partners in Enterprise Security Platforms (ESP) to ensure monitoring of critical structures and escalation of key control events.
Security Associate Manager
Accenture Solutions Pvt. Ltd.
07.2018 - 04.2021
- - Service Delivery Manager for managed security services - Enterprise Security, Infrastructure Security, SIEM/SOC Delivery, Cloud Security
- - Participate in Incident/Change management, service requests, change requests execution related to production fine tuning, enhancement & upgradation
- - Create technical/ managerial level reports and risk assessments extracted from various Security tools- SIEM/UTM/OSINT
- - Provides Info security architecture & systems engineering consulting related to new Security infrastructure setup or migration.
- - Propose and design technical solutions, which include creating prototypes and proofs of concept while maintaining Working on security compliance and remediation plan.
- - Propose solutions plan for projects Automation of applications and migrating hosting to AWS or Azure platform to reduce operational cost and move towards Next Gen SOC operation.
Lead Consultant
WIPRO Ltd.
03.2017 - 07.2018
- SME for EDR/Enterprise Security products such as Symantec, Bit9 +Carbon Black, Crowd strike, Symantec & TrendMicro Suite.
- - Operational support for Cyber Security services for SIEM/SOC, Bit9 Carbon Black, Symantec Endpoint Security, TrendMicro Deep Security, including Cloud infrastructure.
- - Identify new security threats by conducting continual monitoring, vulnerability assessments and log analysis with help of IDS/IPS, Bit9 + Carbon Black, Splunk & Symantec Endpoint logs.
- - Review customer requirement details and design solution as per latest industry standard Preparing HLD and LLD for onboarded accounts as per best practices Prepare SOW and implementation plan as per agreed deadlines.
Security Analysis Advisor
NTT Data
06.2015 - 03.2017
- - Monitoring of threats and compliance through Symantec, Bit9 Carbon Black, ArcSight.
- - Daily Endpoint Environment checks for all UAT machines and performing go ahead for production deployment to achieve100% security and compliance Preparing Daily, Weekly and Monthly Status Report and participate in Change Management Creating Operational Run Book documents for various Modules as per Scope.
- - Coordinating with Vendors for all Infrastructure related Issues, Updates and Implementations Transitioning new projects, preparing SOW and support matrix and making SIP for enhancement.
- - Plan of action to improve, optimize, and streamline software deployment process to ensure smooth, uninterrupted delivery to business users.
Technical Specialist
HCL Technologies
10.2012 - 06.2015
- - Monitoring and management of security devices such as Firewall, Proxy, Symantec Endpoint Managers with 100% uptime. Respond and resolve issues escalated by L2's Responsible for Daily/Weekly/Monthly Reporting to GSOC Management Timely delivery of Daily/Weekly/Monthly reports to customer with proper analytics, actions required/taken based on analysis Transition & Manage new Services, projects and initiatives.
- - Monitoring Daily work of AV Team, Compliance, and remediation team very closely.
- - Leading & monitoring performance of teams to ensure efficiency in operations and meeting group targets.
Senior Software Engineer
Collabera Technologies Pvt. Ltd.
08.2011 - 09.2012
- - Initial Configuration and testing of Symantec Antivirus Assessment of Customer Existing Images and rationalizing them.
- - Partially Involved in Implementation of Altiris and Symantec Antivirus in Client Environment Regular Assessment of Implementation, Configuration and Initial Settings of Symantec Management Platform/Notification Server.
- - Worked closely with other business analysts, development teams and infrastructure specialists to deliver high availability solutions for mission-critical applications.
Security Engineer
Jainam Technologies Pvt. Ltd.
09.2007 - 03.2011
- - Ensuring SEP client is installed with best practices and does not hamper any production.
- - Checking Risk notifications, out of date Notifications, and acting upon them.
- - Accountable for ensuring all Symantec Endpoint Protection Managers (SEPM) are updated with latest definitions for all 3 domains.
System Administrator
Mahindra & Mahindra Ltd.
04.2004 - 09.2007
- - Worked as System administrator to provide in desktop support, troubleshoot and resolve desktop, network related issues New System Build and application installation and configuration Working with Vendors for Issue related to Symantec antivirus, Network connectivity restoration.
- - Installed and upgraded Mahindra internal and third-party software.
Education
MBA -
Sikkim Manipal University
08.2009
DCSM - Computer Science
CEDTI
04.2004
Bachelor of Arts -
Utkal University
Utkal University 04.2001 -
Skills
Security Information & Event Management (SIEM), SOC
Security Tools & Technologies
- SIEM & SOAR: Palo Alto Cortex, Microsoft Sentinel, Google Cornicles
- Cloud Security & Compliance: Microsoft Defender for Cloud, CASB, Cloud Compliance, wiz.io
- EDR/Endpoint Security: Microsoft Defender for Endpoint, Symantec Endpoint Protection, CrowdStrike.
Timeline
Cyber Security Delivery Lead
Accenture India
02.2024 - Current
Cyber Security Consultant
HCL Tech
12.2021 - 01.2024
Sr. Security Analyst
Ericsson Global India Pvt. Ltd.
04.2020 - 04.2021
Security Associate Manager
Accenture Solutions Pvt. Ltd.
07.2018 - 04.2021
Lead Consultant
WIPRO Ltd.
03.2017 - 07.2018
Security Analysis Advisor
NTT Data
06.2015 - 03.2017
Technical Specialist
HCL Technologies
10.2012 - 06.2015
Senior Software Engineer
Collabera Technologies Pvt. Ltd.
08.2011 - 09.2012
Security Engineer
Jainam Technologies Pvt. Ltd.
09.2007 - 03.2011
System Administrator
Mahindra & Mahindra Ltd.
04.2004 - 09.2007
Bachelor of Arts -
Utkal University
04.2001 -
DCSM - Computer Science
CEDTI
MBA -
Sikkim Manipal University
Similar Profiles
Lavanya GangaLavanya Ganga
Test Automation Startegy at Accenture IndiaTest Automation Startegy at Accenture India
Palash IngalePalash Ingale
Senior Analyst at Accenture IndiaSenior Analyst at Accenture India
SESHADRI MSESHADRI M
Application Development Senior Analyst at Accenture IndiaApplication Development Senior Analyst at Accenture India
Sabir PashaSabir Pasha
Senior Technical Solutions Engineer at BARRACUDA NETWORKSSenior Technical Solutions Engineer at BARRACUDA NETWORKS
Vishnu Putri SVishnu Putri S
Secondary French Teacher at Ebenezer International SchoolSecondary French Teacher at Ebenezer International School