Rahul Ravichandran

► Part of Architectural Engineering and Emerging Technology Team, providing technology consulting to clients.

► Expertise in working with Multiple clients in Banking sector providing Services in cloud security Assessments, Risk and Exposure assessments.

► Canada Based Bank:

• Responsible for conducting infrastructure security assessment based on set of control framework combining NIST, CIS and CSA derived by EY.
• Recommended improvements in security systems and procedures.

► Australia Based Bank:

• Part of Security Advisory & Engineering team, conducting Exposure Assessment for SaaS application and Cloud Infrastructure hosted in the bank network.
• Conducting exposure assessment for Server platform hosted in AWS and recommended remediation for ineffectiveness identified and followed up with stakeholders for closure of Ineffectiveness.
• Performing Control assessment for SaaS Application.
• Managing exposure lifecycle in Archer and created tickets in Jira for tracking of identified control gaps.
• Worked on migration of security exposure assessment from excel to GRC tool(Archer) based on Criticality of asset.

• Worked as Cyber Security Analyst for 3 years with cloud-based backup solution company. Responsible for maintaining security of internal infrastructure hosted in AWS.
• Key Responsibilities involve conducting Security Risk Assessments and Audits for internal Infrastructure hosted in AWS, conducting Infrastructure and Configuration Audits for Internal Cloud Environment, performing Vulnerability Assessment of Applications and Networks, Administration of Elasticsearch and data visualization tools.
• Performed Cloud Security Risk Assessment based on CIS Amazon Web Services Foundations Benchmark v1.4.0. Potential threats and existing vulnerabilities were identified and based on existing controls risks were determined and appropriate controls were recommended.
• Performed Vulnerability assessment for Internal and publicly hosted applications and networks and remediation recommendations were supplied. Tools mainly used for these assessments include Burp Suite and Nessus.
• Performed Security Infrastructure and configuration audits. Target application includes EC2, Identity and Access Management (IAM), Load Balancers, Virtual Private Cloud (VPC) and Subnets.
• Tools used to conduct assessment include AWS Systems manager (SSM) and AWS Cloud Config.
• Associated with Implementation of security patches for EC2 servers hosted in internal Infrastructure. Tools mainly used for implementation include AWS Systems Manager (SSM).
• Implementation and development of formal Identity and Access Management (IAM) user access approval process flow and administered provisioning of IAM access request.
• Implemented and Architect ed Elasticsearch for Fault logging and security log monitoring and responsible for troubleshooting issues related to Elasticsearch Infrastructure.
• Implemented solution for continuous monitoring of security breaches against controls defined. Tools mainly used for implementation includes AWS Config and AWS Cloudwatch.
• Performed Incident monitoring of internal infrastructure and designed preventive solution for security breaches. Tools used for monitoring include AWS Guard Duty and AWS Cloudwatch.