Summary
Overview
Work History
Education
Skills
Certification
Software
Interests
Hobbies
Timeline

RANJAN KUMAR R

Senior Information Security Analyst / Manager
Singapore,Singapore

Summary

  • Passionate Information Security Professional with diverse background in network defense, penetration testing, security operations, system administration and project management. Dedicated to staying abreast of the current threat landscape and finding effective measures to protect system and to quickly identify malicious activity. Adept at communicating risk to various audiences, ensuring impact is clearly understood so well informed decisions can be made.
  • And with passion for aligning security architecture plans and processes with security standards and business goals. Extensive experience developing and testing security framework for cloud-based software. Versed in robust network defense strategies.
  • Experienced Information Security Analyst / Manager with over 5+ years of experience in CyberSecurity . Excellent reputation for resolving problems and improving customer satisfaction.

Overview

4
4
Languages
3
3
Certifications
4
4
years of post-secondary education
6
6
years of professional experience

Work History

Senior Information Security Analyst /Manager

INTERLOCK GROUPS
Singapore , Singapore
11.2020 - Current
  • Develop and maintain the information security and data privacy policies; procedures inline to standards and regulatory requirements.
  • Planning, coordinating and conducting internal audit across various functions as per information security policies and procedures.
  • Planning, coordinating and identify risks and suggest mitigation activities as part of Information security risk management.
  • Implementation experience in Quality Standards like ISO 9001:2015
  • Good Knowledge in Vendor management and Vendor Risk Assessment.
  • Conducting, managing enterprise security awareness training program covering all global employees.
  • Implementation of the IT Security Risk Management Framework for the organization.
  • Investigate and respond to security incidents as appropriate through communication with business users and third parties
  • Coordinate and analyze with Security Operations team for reports on IDS, SEP, SIEM, VAPT, and DLP reports
  • Derive Information security objectives and provide monthly measurement and analysis to management.
  • Liaison with different groups for the development of the Enterprise Business Continuity and Disaster Recovery Program.
  • Used critical thinking to break down problems, evaluate solutions and make decisions.

Senior Information Security Analyst

INTERLOCK GROUPS
Singapore , Singapore
11.2019 - 11.2020
  • Deep understanding of logging mechanisms of Windows, Linux, and MAC OS platforms, networking.
  • Fixing detected vulnerabilities to maintain a high-security standard.
  • Maintaining and managing internal company security policies and carrying our security awareness across company.
  • Understanding of attacker techniques that leverage email and cloud-service tactics.
  • Developing company-wide best practices for IT security.
  • Experience with advanced persistent threats and human adversary compromises.
  • Researching security enhancements and making recommendations to management.
  • Security Operations Centre work experience, Identify potential risks, threats, vulnerabilities and exploits through malware analysis.
  • Vulnerability scanning, threat hunting, secure code review and penetration testing.
  • Document findings and drive remediation validation of identified vulnerabilities. Monitoring computer networks for security issues.
  • Working with the security team to perform tests and uncover network vulnerabilities.
  • Proficiency with any of the following: EDR, Anti-Virus, Threat Hunting,Network-Based Forensics, and Encryption.
  • In-depth knowledge of architecture, engineering, and operations of any one enterprise SIEM platform (e.g. ArcSight, Alienvault , Logrhythm, Splunk).
  • Expertise in IRP (Incident Response Playbook) creation and execution.
  • Documenting security breaches and assessing the damage they cause.
  • Good communication skills to coordinate among various stakeholders of the organization.
  • Visibility & Detection in Cloud Environments. True-positive incidents will be transitioned to Incident Handler/Commander for management.
  • Good understanding of the offensive and defensive side of security.

Information Security Analyst

INTERLOCK GROUPS
Singapore, Singapore
11.2017 - 11.2019
  • Recommending information technology strategies, policies, and procedures by evaluating organization outcomes; identifying problems; evaluating trends; anticipating requirements.
  • Provide end to end security services to customer from Infrastructure, applications and process perspective.
  • Work with the different groups in order to provide, on time, the right answers to address customer security needs.
  • Understand, Evaluate and respond to Security Incidents.
  • Risk assessment of firewall request, vulnerability reports, assess, recommend & prepare remediation plan to fix identified high vulnerabilities/risks.
  • File Integrity and monitoring • Database Activity Monitoring.
  • Web Application Firewall • SIEM Technologies.
  • IDS/IPS • DDoS Solution.
  • Privilege Identity Management Solution.
  • Maintains organization's effectiveness and efficiency by defining, delivering, and supporting strategic plans for implementing information Security.
  • Point of contact and a subject matter expert (SME) for information risk matters.
  • This role undertakes primary responsibility for delivering Managed Security Operational Services to customer and take technical ownership to deliver Security services and meet customer needs.
  • Subject matter expert: SME for all Security matters in the organization.
  • Security operations: Define and implement Security policies and procedures and have a proactive approach towards Real-time analysis of immediate threats, and timely threat response system.
  • Data loss and fraud prevention: Making sure internal staff doesn't misuse or steal data and Ensure that Value-full Applications and underlying infrastructure are adequately protected from external threats.
  • Security architecture: Planning, buying, and rolling out security hardware and software, and making sure Applications, infrastructure, network infrastructure and cloud environment are designed and implemented with best security practices in mind
  • Program management: Keeping ahead of security needs by implementing programs or projects that mitigate risks - regular system patches, for instance.
  • Investigations and forensics: Determining what went wrong in a breach, dealing with those responsible if they're internal, and planning to avoid repeats of the same crisis.
  • Standards and Certifications: Lead the organization towards excellence by implementation and different standards and Certifications.
  • Recommend improvements in security systems and procedures.
  • Monitored computer virus reports to determine when to update virus protection systems.
  • Performed risk analyses to identify appropriate security countermeasures.
  • Developed plans to safeguard computer files against modification, destruction or disclosure.
  • Liaised effectively with others to promote on-going network design, reevaluation and optimization that scaled with company growth.
  • Communicated regularly with customers concerning data exchange and technology integration.
  • Analyzed architecture design, scoping, implementation, testing and deployment needs to define project requirements.
  • Coordinated with management teams to plan, develop, align and execute strategies that would meet client's vision, mission and purpose.
  • Guided implementation of company-wide enterprise security strategy for network and hardware, disaster recovery, data protection and endpoint protection.
  • Played key role in on-going Architectural design, reevaluation and optimization to keep pace with company growth.

Security Analyst (SOC)

COMODO Security Solutions Private Limited (COMODO GROUPS)
Chennai, Tamil nadu, India
10.2016 - 10.2017
  • Monitor, Triage, Prioritize events, and Respond to alerts for further investigation as function of Security Operations Center (SOC) operations.
  • Basic malware analysis experience
  • Basic Endpoint analysis experience
  • Basic PowerShell experience
  • Phishing alerts analysis experience
  • Sandbox analysis experience
  • Open source Intelligence (OSINT) analysis experience
  • Knowledge of Tactics, Techniques and Procedures (TTPs) used by threat actors
  • Provide clients with remediation recommendations and mentorship, up to and including remediation tracking and reporting.
  • This may include working directly with IT resources responsible for remediation on behalf of client Security teams. Coordinate with clients in defining reports that provide the most value based on security maturity and established vulnerability management goals.
  • Assessing current security posture of customer and improving it based on analysis of incoming traffic and providing recommendations.
  • Deep analysis of web malware and creating incident report based on the criticality.
  • Gathering and improving existing threat intelligence database based on traffic analysis.
  • Providing recommendations for improving WAF signatures and eliminating False Positives.
  • Analyzing 0-day vulnerability trends and attack patterns.
  • Maintaining run books for Incident Handling processes.
    Analyzing basic Reverse engineering (windows) both Static and Dynamic.
  • Level 2 SOC Experience majorly on Vulnerability Management

Junior Security Analyst (VAPT)

Comodo Security Solutions Private Limited (COMODO GROUPS)
Chennai, Tamil nadu, India
10.2015 - 10.2016
  • Work closely with Development, RM and Infrastructure teams to analyze, diagnose, debug and rectify security flaws with the Applications.
  • Expertise and experience of conducting vulnerability assessments as per standards such as OWASP Top 10, SANS Top 25 and WASC, NIST.
  • Ability to provide remediation solution of vulnerabilities.
  • Security in SDLC (Application Security).
  • Conduct vulnerability assessment and penetration testing and configuration review for web applications, mobile applications.
  • Conduct secure source-code review using automated and manual approaches.
  • Experience of identification and mitigation of vulnerabilities.
  • Creating and testing ModSecurity Firewall Signatures/Rules.
  • Performing Penetration Testing
    White Box testing     - Performing Pen Testing based on the CVE's
  • Generated from mitry.org and other CVE source
    Black Box testing - Performing Pen testing based on 0day Vulnerability
  • Recommend improvements in security systems and procedures.
  • Performed risk analyses to identify appropriate security countermeasures.
  • Offered friendly and efficient service to all customers, handled challenging situations with ease.
  • Conducted research, gathered information from multiple sources and presented results.

Education

Bachelor of Science - Computer Science And Engineering

PERI Institute Of Technology, Mudichur, TN, INDIA
03.2011 - 05.2015

Skills

Security Policies and Procedures

undefined

Certification

Security+

Software

Splunk SIEM

LogRhythm SIEM

Alienvault USM

NxSIEM (COMODO SIEM)

IDS / IPS

Firewalls

Endpoint Detection and Response

Managed Detection and Response

SOAR

VAPT

Mobile APP Security Testing

Interests

Surfing in DarkWeb

Reading news Article from Thehackernews and other hacker's forum

Huge fan of crypto currencies and mining it!

Hobbies

  • Hardcore FPS PC Gamer and Streamer :)
  • A BOOKWORM
  • And An ASTROPHILE

Timeline

Senior Information Security Analyst /Manager - INTERLOCK GROUPS
11.2020 - Current
Senior Information Security Analyst - INTERLOCK GROUPS
11.2019 - 11.2020

Advance Penetration Testing

12-2017
Information Security Analyst - INTERLOCK GROUPS
11.2017 - 11.2019
Security Analyst (SOC) - COMODO Security Solutions Private Limited (COMODO GROUPS)
10.2016 - 10.2017

Certified Ethical Hacking

08-2016
Junior Security Analyst (VAPT) - Comodo Security Solutions Private Limited (COMODO GROUPS)
10.2015 - 10.2016

Security+

04-2015
PERI Institute Of Technology - Bachelor of Science, Computer Science And Engineering
03.2011 - 05.2015

Similar Profiles

CREATE PROFILE
RANJAN KUMAR RSenior Information Security Analyst / Manager