Summary
Overview
Work History
Education
Skills
Security Tools & Technologies
Timeline
Generic
Pravash Sahu

Pravash Sahu

Cyber Security Lead
Bengaluru

Summary

An experienced Cyber Security Professional with over 20+ years of successful experience in managing and transforming large/medium global accounts on IT Infrastructure & Cyber Security Services.

Overview

21
21
years of professional experience

Work History

Cyber Security Delivery Lead

Accenture India
2024.02 - Current
  • At Accenture, my role as a Security Delivery Manager encompasses driving a comprehensive Client Data Protection Program, ensuring IT best practices and managing risks with strategic remediation plans.
  • Scope of work includes as below, but no limiting to; - Design, Solution, Implementation and service delivery of the next generation cyber security solutions such as SIEM, EDR/MDR, SOAR for on-premises and Cloud platforms using Azure/AWS/Google.
  • - Implementing Incident Response strategy as it pertains to enterprise security actions on a customer network.
  • - Collaborate with Data Science, Threat Researchers, SOC analysts, and Customer Security Engineers to develop soar playbooks and automated response capabilities that improve time to remediation and/or reduce analyst time.
  • - Define repeatable and scalable implementation and operation models for MDR as an integrated solution with clients Managed Detection and Response.
  • - Design/Create integrations between different security solutions that enable investigation and response.
  • - Define and create reporting to demonstrate SLA's, identify analyst bottlenecks, and identify areas for product improvement.
  • - Manage and develop Case Management workflows as needed.
  • - Responsible for ensuring the smooth operation of cyber security services and product design life cycle for Client.
  • - Responsible for the day to day running of the Development and Production support including interaction with the internal stake holders and ensuring global cohesion of the operation and support as per standard agreement.
  • - Involvement with Pre-Sales team for responding to RFP/RFI. Help clarify Solution assessments queries raised by Client.
  • - Demonstration/POC of the proposed solution/Technologies to the Client stake holders. Working for couple of Global clients on managed security solutions. Scope of work includes as below, but no limiting to; - Design, Solution.

Cyber Security Consultant

HCL Tech
2021.12 - 2024.01
  • - Design, Solution, Implementation and service delivery of the managed Security solutions. products-CASB, Cloud Compliance, MS defender/ Sentinel and SOAR.
  • - Involvement with Pre-Sales team for responding to RFP/RFI. Help clarify Solution assessments queries raised by Client.
  • - Demonstration/POC of the proposed solution/Technologies to the Client stake holders.
  • - Implementing NextGen security solutions such as SIEM, EDR/SOAR for on-premises and Cloud platforms using Azure/AWS/Google.
  • - Tools we have been collaborating and customizing includes as below:
  • - Microsoft Defender for Cloud/ Microsoft Defender for Endpoint
  • - Azure Single Sign On/Azure Identity
  • - Palo Alto CORTEX(XDR) and Google Siemplify for MDR (Managed detection and Response) solutions.
  • - Sentinel as SIEM solutions to be integrated with Palo Alto CORTEX(XDR) and ServiceNow
  • Microsoft Defender & Symantec Endpoint Protection as Endpoint Security.
  • - Implementing Incident Response strategy as it pertains to enterprise security actions on a customer network.
  • - Collaborate with Data Science, Threat Researchers, SOC analysts, and Customer Security Engineers to develop soar playbooks and automated response capabilities that improve time to remediation
  • - Define repeatable and scalable implementation and operation models for MDR as an integrated solution with clients Managed Detection and Response.
  • - Design/Create integrations between different security solutions that enable investigation and response.
  • - Responsible for the day to day running of the Development and Production support including interaction with the internal stake holders and ensuring global cohesion of the operation and support as per standard agreement.

Sr. Security Analyst

Ericsson Global India Pvt. Ltd.
2020.04 - 2021.04
  • - Working with Ericsson Security Operation Centre within Global IT Security Operations for Ericsson.
  • - Working on MS Sentinel, MS Defender, Crowd strike Falcon, Carbon Black, ArcSight/Kibana Elastic Search, Symantec Endpoint protection as part of SIEM/SOC Delivery.
  • - Responsible for ensuring triage and escalation is performed appropriately as well as improving all aspects of detection, containment, and resolution of incidents within SOC.
  • - Responsible for day to day running of Ericsson Global SOC including interaction with internal stake holders and ensuring global cohesion of SOC function.
  • - Define, review, and document new processes that will drive security response to alerts from security products.
  • - Working towards mitigation and containment of various hacking and exploitation tools and methodologies, common malware families, and Anti-Virus /DLP/ IDS / IPS evasion techniques with help of Crowd strike Falcon and ArcSight.
  • - Creating new policies and remediation plan for latest threat vectors in areas of ransomware, malware and targeted cyber phishing.
  • - Identify opportunities to automate inefficiencies and reduce manual triage processes, working on Azure Identity for risky user sign in and their analysis.
  • - Develop and deliver upskilling and capability programs that enhance SOC function, working with Security Analysis and Global Technology Lead to target critical deficiencies.
  • - Coordinate with partners in Enterprise Security Platforms (ESP) to ensure monitoring of critical structures and escalation of key control events.

Security Associate Manager

Accenture Solutions Pvt. Ltd.
2018.07 - 2021.04
  • - Service Delivery Manager for managed security services - Enterprise Security, Infrastructure Security, SIEM/SOC Delivery, Cloud Security
  • - Participate in Incident/Change management, service requests, change requests execution related to production fine tuning, enhancement & upgradation
  • - Create technical/ managerial level reports and risk assessments extracted from various Security tools- SIEM/UTM/OSINT
  • - Provides Info security architecture & systems engineering consulting related to new Security infrastructure setup or migration.
  • - Propose and design technical solutions, which include creating prototypes and proofs of concept while maintaining Working on security compliance and remediation plan.
  • - Propose solutions plan for projects Automation of applications and migrating hosting to AWS or Azure platform to reduce operational cost and move towards Next Gen SOC operation.

Lead Consultant

WIPRO Ltd.
2017.03 - 2018.07
  • SME for EDR/Enterprise Security products such as Symantec, Bit9 +Carbon Black, Crowd strike, Symantec & TrendMicro Suite.
  • - Operational support for Cyber Security services for SIEM/SOC, Bit9 Carbon Black, Symantec Endpoint Security, TrendMicro Deep Security, including Cloud infrastructure.
  • - Identify new security threats by conducting continual monitoring, vulnerability assessments and log analysis with help of IDS/IPS, Bit9 + Carbon Black, Splunk & Symantec Endpoint logs.
  • - Review customer requirement details and design solution as per latest industry standard Preparing HLD and LLD for onboarded accounts as per best practices Prepare SOW and implementation plan as per agreed deadlines.

Security Analysis Advisor

NTT Data
2015.06 - 2017.03
  • - Monitoring of threats and compliance through Symantec, Bit9 Carbon Black, ArcSight.
  • - Daily Endpoint Environment checks for all UAT machines and performing go ahead for production deployment to achieve100% security and compliance Preparing Daily, Weekly and Monthly Status Report and participate in Change Management Creating Operational Run Book documents for various Modules as per Scope.
  • - Coordinating with Vendors for all Infrastructure related Issues, Updates and Implementations Transitioning new projects, preparing SOW and support matrix and making SIP for enhancement.
  • - Plan of action to improve, optimize, and streamline software deployment process to ensure smooth, uninterrupted delivery to business users.

Technical Specialist

HCL Technologies
2012.10 - 2015.06
  • - Monitoring and management of security devices such as Firewall, Proxy, Symantec Endpoint Managers with 100% uptime. Respond and resolve issues escalated by L2's Responsible for Daily/Weekly/Monthly Reporting to GSOC Management Timely delivery of Daily/Weekly/Monthly reports to customer with proper analytics, actions required/taken based on analysis Transition & Manage new Services, projects and initiatives.
  • - Monitoring Daily work of AV Team, Compliance, and remediation team very closely.
  • - Leading & monitoring performance of teams to ensure efficiency in operations and meeting group targets.

Senior Software Engineer

Collabera Technologies Pvt. Ltd.
2011.08 - 2012.09
  • - Initial Configuration and testing of Symantec Antivirus Assessment of Customer Existing Images and rationalizing them.
  • - Partially Involved in Implementation of Altiris and Symantec Antivirus in Client Environment Regular Assessment of Implementation, Configuration and Initial Settings of Symantec Management Platform/Notification Server.
  • - Worked closely with other business analysts, development teams and infrastructure specialists to deliver high availability solutions for mission-critical applications.

Security Engineer

Jainam Technologies Pvt. Ltd.
2007.09 - 2011.03
  • - Ensuring SEP client is installed with best practices and does not hamper any production.
  • - Checking Risk notifications, out of date Notifications, and acting upon them.
  • - Accountable for ensuring all Symantec Endpoint Protection Managers (SEPM) are updated with latest definitions for all 3 domains.

System Administrator

Mahindra & Mahindra Ltd.
2004.04 - 2007.09
  • - Worked as System administrator to provide in desktop support, troubleshoot and resolve desktop, network related issues New System Build and application installation and configuration Working with Vendors for Issue related to Symantec antivirus, Network connectivity restoration.
  • - Installed and upgraded Mahindra internal and third-party software.

Education

MBA -

Sikkim Manipal University
08.2009

DCSM - Computer Science

CEDTI
04.2004

Bachelor of Arts -

Utkal University
Utkal University
2001.04 -

Skills

Security Information & Event Management (SIEM), SOC

Security Orchestration, Automation & Response (SOAR)

Endpoint Detection & Response (EDR/XDR)

Managed Network Security

Identity & Privileged Access Management

Cloud Security & CASB

Vulnerability & Risk Management

Application Security

Security Tools & Technologies

  • SIEM & SOAR: Palo Alto Cortex, Microsoft Sentinel, Google Cornicles
  • Cloud Security & Compliance: Microsoft Defender for Cloud, CASB, Cloud Compliance, wiz.io
  • EDR/Endpoint Security: Microsoft Defender for Endpoint, Symantec Endpoint Protection, CrowdStrike.

Timeline

Cyber Security Delivery Lead

Accenture India
2024.02 - Current

Cyber Security Consultant

HCL Tech
2021.12 - 2024.01

Sr. Security Analyst

Ericsson Global India Pvt. Ltd.
2020.04 - 2021.04

Security Associate Manager

Accenture Solutions Pvt. Ltd.
2018.07 - 2021.04

Lead Consultant

WIPRO Ltd.
2017.03 - 2018.07

Security Analysis Advisor

NTT Data
2015.06 - 2017.03

Technical Specialist

HCL Technologies
2012.10 - 2015.06

Senior Software Engineer

Collabera Technologies Pvt. Ltd.
2011.08 - 2012.09

Security Engineer

Jainam Technologies Pvt. Ltd.
2007.09 - 2011.03

System Administrator

Mahindra & Mahindra Ltd.
2004.04 - 2007.09

Bachelor of Arts -

Utkal University
2001.04 -

DCSM - Computer Science

CEDTI

MBA -

Sikkim Manipal University

Similar Profiles

CREATE PROFILE
Pravash SahuCyber Security Lead