Rajarshi Bhattacharyya

Highlights:

• Service Now Security Operations: Established Vulnerability Response and Integrated Threat Management with SNOW VR module for 100K+ assets; Established API based complete integration of infra and app scanning engines(Qualys, Nessus and Acunetix); built use cases and worked extensively with development team; lead testing of each sprint and UAT; developed logic for vulnerability grouping and automated incident ticket creation in SNOW and BMC ITSM framework; actively engaged in building workflow for connecting SNOW GRC module with VR
• Vulnerability and Compliance Management for End User Computing Systems: With solid understanding of Tanium architecture and administration, completed project planning, Proof of Concept, UAT and large scale implementation of Tanium Comply module for all Business Unit desktop/laptops; full telemetry reporting of system performance information and CVE details using Connect capabilities; established CIS Benchmark standard policy compliance and hardening for Windows and MAC endpoint OS; set up data warehousing through SQL DB integration and custom reporting using Tableau
• Database Hardening and adoption of CIS Benchmark Standard for enterprise data base systems: Defined baseline control sets and values for Oracle DB, IBM DB2, Microsoft SQL Server; ran extensive performance impact testing; implemented quarterly secure compliance scanning of production data base systems using QualysGuard and CyberArk integration; developed exception and risk management guideline for DB systems

Highlights:

• Cognizant Extranet Security: maintaining 100% compliance for over 24 months - remediated all exploitable as well as critical/high/medium findings within SLA; established daily discovery of extranet segments and daily scanning of all live hosts
• Business Reputation Management: Cognizant closely follows third party risk management platforms such as BitSight, Security Score Card, Risk Recon etc. to continuously stay ahead in business reputation. Responsible for running manual validation, false positive elimination followed by driving closure of issues found with Application Header, Server Software, Insecure Systems, Open Ports, PKI issues and SSL/TLS configuration. Sustaining score of 800 on BitSight and 95 on Security Score Card
• Define, implement and maintain global Threat and Vulnerability Management Standard in light of NIST CSF(800-53): authored current and last two versions of standard; developed in depth technical operations guide to adhere to the standard
• Define, implement and maintain SOP for critical/emergency threat response, including Zero Day vulnerabilities: Defined emergency situation as per TVM capabilities and build workflow to support analyzed and orchestrated response
• Vulnerability assessment tools/platform management: Qualys, Tenable.io, Rapid7, Nessus, Acunetix 360, SNOW VR, Skybox, Burp Enterprise, DefectDojo
• Engineering infrastructure and application assessment capabilities for Corporate as well as Client/Customers: On demand establishment of TVM functions, tool/module selection aligned with budget and building remediation governance as per client MSA; traditional scanner based scanning Vs agent based real time visibility; custom signature development for hardening; new exploit validation/testing and mitigation control identification/testing; established real time visibility to threats on server estate through deployment of Qualys Cloud Agent on 30K+ Windows and Linux servers, with proxy and gateway services where ever required
• TVM for Enterprise Cloud: Inventoried all servers and network devices deployed in cloud through manual discovery as well as API based connector for Azure and AWS data centers; established workload protection with traditional scanning in parallel with agent based real time assessment
• Define and implement Container Security Standard; develop Operations Guide for assessing components of microservice architecture
• API based integration, data warehousing and multiplatform communication
• Continuous governance-identification and reporting of vulnerabilities for Cognizant Corporate, Cognizant Managed Cloud Infrastructure and Accelerator platform
• Threat Analysis and Enterprise Security Advisory Service: Established team to review Threat Intel platforms 24x7 for emerging threats and send global security advisories for manjor OEM and application vendors; contextualization of critical threats for enterprise environment; risk level identification - likelihood and impact analysis in the view of enterprise architecture
• Policy Compliance/Hardening: Developing and testing CIS Benchmark Standard templates for Active Directory environment, Windows Sever 2021 R2, 2016 and 2019, RHEL, CentOS, OEL Custom controls and regex; monthly scanning for all enterprise server and policy drift report; calibrating controls and values for enterprise infosec standard
• Risk Based Vulnerability Management- QualysGuard VMDR, Kenna Security VM & AppSec adoption:
• Penetration Testing: Developed and implemented enterprise infrastructure and application penetration testing Standard; published SoP and established technical team to run quarterly external automated and manual penetration testing for all discovered domain, sub-domain and IP addresses; tool-stack and methodology standardization; manual false positive elimination; BoD/Client reporting; internal PT for isolated labs/ODCs/Application Development center; extensive hands on experience of execution of discovery and exploitation with standard opensource and licensed tools
• Audit Support: ISO 27001 ISMS -have been the primary auditee for global TVM functions and no non-conformity or observation in last 3 years; continuously supporting clients and business for all audits touching control statements related to Vulnerability Management and Penetration testing; over the year, supporting Internal Audits and 3rd party audits

Highlights:

• Hands on Vulnerability Scanning/Reporting –Qualys, Nessus, Nexpose/R7, OSCAP Workbench.
• Critical Vulnerability and Zero Day – response orchestration.
• Scanning cloud Resources and Containers – new technology deployment.
• Critical Architecture Review and Exception Management through GRC Tool.
• Audit support – corporate and customer side.
• Training, building and leading subject matter expert teams for VA/PT.
• API based automation and Statistical Analysis.
• Firewall rule and configuration compliance using Skybox.
• Facing ISO 27001 ISMS audit as portfolio manager.
• Supporting client side audit with artifacts for SOC 2, SSAE 16, PCI DSS.
• NIST Cyber Security Framework, CIS Benchmark, STIGS DISA.

Highlights:

• Deployment, Configuration and Management of Palo Alto, Check Point and ASA Firewalls in large heterogeneous environment; firewall rule and configuration audit;
• Managing Palo Alto IPS engine and SoC integration of alerts
• Managing, monitoring and configuring Juniper SSL VPN (SA/MAG) devices.
• Network Connect and JunOS Pulse client configuration and deployment.
• DNS/DHCP Infrastructure management with IPAM (BT and Infoblox) Remote and Instant Access Point – deployment and configuration.
• Aruba WLAN controller deployment and configuration – using Aruba Airwave.

Highlights:

• L-3 TAC engineer for Aruba WLAN Management Solution (Airwave Management Platform).
• Escalation engineer for NMS Server (Linux, Apache, PG SQL, Perl) Support for mixed vendor Wireless LAN environment.
• Critical troubleshooting for LAN controller and Access Point Problems.
• AAA server/platform(Amigopod/ClearPass) support for major customers (Google, Intel, Target Corp) Network management trough SNMP trap and syslog.
• Configuring Campus/Remote Access Points and LAN controllers from central management platform.
• Ethereal based analysis and protocol troubleshooting.

Highlights:

• Debugging Software configuration/usage issues with Microsoft Windows based software.
• Troubleshooting OS related issues, OS re-installation, dual boot (XP, Vista, Windows7), registry twigs.
• Troubleshooting Printer/scanner connectivity issues.
• Email client configuration and troubleshooting (Outlook, Eudora, Incredimail).
• Debugging browser issues(IE/Chrome/Firefox/Safari).
• Antivirus and Malware removal tools: Norton, Mcafee, Comodo, Hijak This, Super Antispyware, Malwarebytes, Trend Micro, Trojan Removar.
• Configuring SOHO routers (Lynksys, Belkin, Netgear, 2wire, Dlink).

Highlights:

• Understanding customer's requirement and proposing quotations for desktop computer platforms.
• Purchasing and assembling hardware for desktop computers.
• Installing OS and Software per customer requirements.
• Printer installation (HP, Xerox, Epson) - inject and dot-matrix printers.
• Configuring email client software.
• Complete maintenance and troubleshooting of SOHO devices.