Rajesh G
Bangalore
Summary
Total 16+ years ‘experience in the IT industry. Exceptionally skilled in Information Security Analyst, talented at Security Monitoring, Incident Response, Vulnerability Assessment, Team & Project Management. Skilled in leading 24/7 teams with expertise in SIEM (ArcSight, Radar, Splunk, EventTracker) SOC, NOC, Datacenter and Vulnerability Management, EDR, and DLP.
SOC Tools
Arcsight, Splunk logrhythm, Qradar, Symantecendpoint protection, Carbon Black (EDR), Cylance, Deep Instinct, Nagios, What’s up gold, Ping plotter, SNMP, Sourcefire, Firesight, Fireeye, Bluecoat proxy, Nexpose, Nessus, SIANT, Qualys
Overview
18
18
years of professional experience
1
1
Certification
Work History
Senior Manager SOC
Netsurion Technologies
Bangalore
07.2022 - Current
- Develop and deploy processes to ensure efficient and effective security operations
- Provide guidance and mentorship to other security analysts and junior members of the security team
- Work with leadership to prioritize work and define quarterly goals and annual roadmaps
- Implement effective security strategy, processes, and metrics.Ensures the right resource tagged in the right project
- Tracking Resource allocation project wise.
- Tracking New Joiners and project allocation
- Tracking Project timelines and end dates to manage ramp down.
- Strategic pool management and effective re-deployment of the project ramped down associates.
- Bench Management and project ramp up with defined timelines.
- Timesheet approval for Bench resources
- Handling the allocation & deallocation of the resources
- Prepare customize reports on Bench, Open demand
- Day to day interaction with Talent Acquisition team on the hiring status
- Complies with support Centific’s standards of business conduct.
- Supplies and information to other departments within the Global business group.
- Improve forecasting and tracking of the demand globally.
- Generate career growth opportunities for internal associates through IJP (Internal job posting) and other organizational initiatives.
- Enable internal Build pipeline for Niche skills
- Works with L&D to build a steady resource pipeline based on hiring forecast
- Ability to work with reporting tools
- Ability to work with business leaders to mobilize resources based on demand
APAC Lead SOC
Here Technologies
Bangalore
01.2020 - 06.2024
- Direct the functions, processes, and operations of the SOC and ensure policies and procedures are followed.
- Lead the analysis and investigation of information security events (IDS/DLP/SIEM/etc.) in a 24x7 SOC environment to immediately detect, verify, and respond swiftly to cyber threats, and remove false positive
- Responsible for investigating incidents, analyzing attack methods, researching new defense techniques and tools, developing security policy, and documenting procedures for SOC
- Malware analysis and other attack analysis to extract indicators of compromise
- Perform data security event correlation between various systems
- Prepare reports, summaries, and other forms of communication that may be both internal and client facing
- Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives.
- Develop and maintain the organization's information security policies, standards, and procedures.
- Responsible for all documentation and records related to information security Management System.
- Conduct regular risk assessments and vulnerability scans to identify potential security threats and weaknesses.
- Conduct internal audits to ensure compliance to the defense posture of the organization.
- Implement and manage security controls, including firewalls, intrusion detection systems, and encryption technologies.
- Ensures the right resource tagged in the right project
- Tracking Resource allocation project wise.
- Tracking New Joiners and project allocation
- Tracking Project timelines and end dates to manage ramp down.
- Strategic pool management and effective re-deployment of the project ramped down associates.
Senior Manager SOC
Quess Corp
04.2018 - 07.2019
- Responsible for investigating incidents, analyzing attack methods, researching new defense techniques and tools, developing security policy, and documenting procedures for SOC
- Lead and manage Security Operations Center Primarily responsible for security event monitoring, management, and response
- Maintain baselines for secure configuration and operations
- Malware analysis and other attack analysis to extract indicators of compromise
- Perform data security event correlation between various systems
- Prepare reports, summaries, and other forms of communication that may be both internal and client facing
- Analyzing and logging P1 tickets for AntiPhishing, Anti Malware
- Develop and deploy processes to ensure efficient and effective security operations
- Provide guidance and mentorship to other security analysts and junior members of the security team
- Keep up-to-date with the latest trends and best practice developments in the field of cybersecurity and SIEM tools Ensure incident identification in Arcsight, Fire eye Iron port proxy Tipping point
- Assessment, quantification, reporting, communication, mitigation and monitoring
- Preparing SOP (Standard Operations Procedures) and sharing it with customer and internal Teams for the resolved issues
- Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives
- Provide direction, leadership, and management of SOC personnel.
Manager SOC
I2 Nexus Bangalore
Bangalore
04.2017 - 04.2018
- Regularly review standard operating procedures and protocols to ensure SOC continues to effectively meet operational requirements
- Responsible for team & vendor management, overall use of resources and initiation of corrective action where required for Security Operations Centre Perform threat management, threat modelling, identify threat vectors and develop use cases for security monitoring
- Continual process improvement in infrastructure security assessments, reporting, and remediation to reduce risk
- Conduct manual validation to confirm vulnerability closure
- Creation of reports, dashboards, metrics for SOC operations and presentation to Sr
- Mgmt
- Routinely engage with cross functional teams to evaluate SOCs’ ability to meet stakeholder needs
- Evaluate existing technical capabilities and systems and identify opportunities for improvement
- Work closely with Security Leadership to identify implement process changes, improvements and efficiencies and ensure solid security practices
- Develop communication channels with technology owners and the business to evangelize the evolving threat landscape
- Perform analysis to validate justifications for false positives, operational requirements, and risk adjustments.
SME
Ericsson Bangalore
Bangalore
03.2016 - 10.2016
- Direct the functions, processes, and operations of the SOC and ensures policies and procedures are followed
- Serve as an escalation point for suspected or confirmed security incidents that the 24x7 managed Security Operations Center (SOC) cannot resolve
- Incident Response Develop, maintain, and train technical documentation and Standard Operating Procedures (SOP)
- Reporting - Document all activities during an incident and provide leadership with status updates during the life cycle of the incident
- Managing the SOC team and shift scheduling
- Provide direction, leadership, and management of SOC personnel Develop and maintain an incident response management program that includes incident detection, analysis, containment, eradication, recovery, and chain of evidence / forensic artefacts required for additional investigations
- Ability to work directly with customers to ensure not only resolution management but also customer satisfaction
- Creation of reports, dashboards, metrics for SOC operations and presentation to Management
- Manage the process improvement program for SOC processes
- Conduct scheduled and ad hoc training exercises to ensure staff are current with the latest threats and incident response technique.
Shift Lead
Mobily InfoTech Pvt Ltd,Paladion (Project acquired )
Bangalore
08.2014 - 11.2015
- Escalation and coordination with the L2 team for all unresolved incidents Checking the health and the events triggering in IPS
- Monitoring the events/traffics in IPS/IDS
- Taking necessary action if any vulnerable traffic is captured
- Intimating customer/concerned team about the vulnerable traffic to act
- Bluecoat device console monitoring, generating reports
- Analyzing the Events and providing details and solutions to the next level
- Advising or updating the Customers about the findings and recommendations Worked on the Arcsight ESM version 5.2 and 6.5 providing operations support at the Security Operations Center
- Preparing daily reports, trends, notifications, and Security advisory for customer devices.
Sr.Network Analyst (SOC)
Fidelity Information Services Pvt LTD
Bangalore
05.2012 - 08.2014
- Monitor Clients Wide Area Networks using State of Art Network Management Tools 24/7 (Arcsight, logrhythm, Symantec Endpoint protection, SNMPC, Whatsup Gold, etc).Working on the Arcsight ESM latest version 6.0.0.133 providing operations support at the Security Operations Center
- Preparing Reports Weekly/Monthly for the entire customer
- Which includes the Top Virus infected machines and Top Attacks and Top Vulnerable Ports etc
- Monitoring alerts triggered from Arcsight, Fire eye Iron port proxy Tipping point
- Alert Management of network devices using tool Nagios
- Identify custom reporting requirements, translate requirements into SIM technical specifications and implement SIM changes
- Ie creating filters, active channel and dashboards
- Managed day to day activities by monitoring, supporting and driving improvement to daily NOC operations
- The daily leadership interaction and communications with the Data Center Operations Manager, Data Center Operations Team, Data Center Management Services and facilities management provider
- Connect with the Data Center Management Team to address all technical issues and problems, conducting regular communications and interactions.
Infrastructure Lead
UST- Global PVT LTD
Bangalore
06.2010 - 05.2012
- Monitoring and analyzing the Symantec Endpoint Protection Manager in large environments, configured SEP manager settings for clients and servers
- Provided AV administration and troubleshooting of SEP
- Reported compliance using McAfee EPO manager as per generated request tickets
- Monitored IDS\IPS security alerts and reviewed IDS\IPS rule for fine tuning
- Took responsibility in SIEM, learn and expanded my goals into security monitoring of an infrastructure
- Provide 24x5 Operational support; on a rotating shift schedule
- Provided on call support for the clients as and when needed
- Preparing daily reports, trends, notifications and Security advisory for customer devices
- Worked on Symantec endpoint protection (SEPM)
- Assist Shift Manger in overall Shift Activities and managing the team per situation requirements
- Responsible for building relationship within the team members, vendors and engineering teams
- Real time log monitoring in the Security Operations Center from different devices such as Firewalls, IDS, IPS and Windows Servers received from the client and segregating and correlating the logs of that devices
- Take a lead technical role in all acceptance tests, start-up, and commissioning of major equipment and infrastructure upgrades Follow-up with global teams for incident identification
- Clearly document investigative steps undertaken during threat analysis for audit and internal knowledge base.
Technical Lead
Asianet Satellite Communications Ltd
Trivandrum Kerala
03.2008 - 06.2010
- Managed team of 6 Network Engineers working primarily to resolve network outages
- Lead and trained a multicultural team of NOC Engineers monitoring WAN network
- Responsible for Handling the 24X7 Operations & managing various new Projects of the Data Center
- Responding to all input regarding unplanned service interruptions from customers and internal IT
- Attending Bridge calls for effective coordination, incident resolution, service restoration
- Responsible for handling the Data Center Technical & Operations team.
Team Lead
Future tech systems
Trivandrum Kerala
02.2007 - 02.2008
- Identifies IT business goals, objectives and requirements of the business environment
- Drives principal IT change projects on-site or in the region
- Supports change-release processes and implementation of IT security guidelines
- Keeps abreast of developments in industry regarding IT trends and technologies
- Manages complex IT installations and updates; and completes integration to production network
- Identifies IT problems and seeks resolutions without impact to end-user
- Typically has people responsibilities and is involved in end-user engagement.
System Administrator
Kerala State Sports Council
Trivandrum Kerala
02.2006 - 02.2007
- Provided local and remote desktop support and system administration to 100 of user across multiple domains
- Normal tasks included creating and rebuilding roaming profiles, configuring and repairing email and personal folders, and installation, troubleshooting and repair of desktop workstations
- Configuring and adding new vlan to the existing network
- Installed, repaired and maintained IBM high-powered workstations and servers
- Installation and repair of wireless routers and switches
- Installation and repair of various printers, such as HP, Lexmark and cannon
- Fabricated and installed coaxial, fiber, 25 pair, and cat5/6 Ethernet cables.Co-coordinating with vendors and Internet service provider.
Education
Certification
- A+ Hardware and Networking
- CCNA
- CEH
- ITILv3
- Prince 2
- GCIH – Course completed
- GSOM – Course completed
Timeline
Senior Manager SOC
Netsurion Technologies
07.2022 - Current
APAC Lead SOC
Here Technologies
01.2020 - 06.2024
Senior Manager SOC
Quess Corp
04.2018 - 07.2019
Manager SOC
I2 Nexus Bangalore
04.2017 - 04.2018
SME
Ericsson Bangalore
03.2016 - 10.2016
Shift Lead
Mobily InfoTech Pvt Ltd,Paladion (Project acquired )
08.2014 - 11.2015
Sr.Network Analyst (SOC)
Fidelity Information Services Pvt LTD
05.2012 - 08.2014
Infrastructure Lead
UST- Global PVT LTD
06.2010 - 05.2012
Technical Lead
Asianet Satellite Communications Ltd
03.2008 - 06.2010
Team Lead
Future tech systems
02.2007 - 02.2008
System Administrator
Kerala State Sports Council
02.2006 - 02.2007
Similar Profiles
Fazal RehmanFazal Rehman
Assistant Manager Security Operations at Netsurion TechnologiesAssistant Manager Security Operations at Netsurion Technologies
Sasikumar RamakrishanSasikumar Ramakrishan
Senior Manager, Customer Services at Netsurion TechnologiesSenior Manager, Customer Services at Netsurion Technologies
Sasikumar RamakrishanSasikumar Ramakrishan
Senior Manager, Customer Services at Netsurion TechnologiesSenior Manager, Customer Services at Netsurion Technologies
Rajesh GRajesh G
Senior Manager at Netsurion TechnologiesSenior Manager at Netsurion Technologies
Tania KhandakarTania Khandakar
GIS Consultant at Wipro LTDGIS Consultant at Wipro LTD