Rishav Sharma
Information Security Analyst
Delhi NCR
Summary
Information Security Specialist with passion for aligning security architecture plans and processes with security standards and business goals. Extensive experience developing and testing security framework for cloud-based software. Versed in robust network defense strategies. Experienced Information Security Engineer with 6.6+ year history of managing security of physical and cloud infrastructure. Adept at identifying security risk and improving security architecture designs. Proven to maintain efficiency in high-stress situations.
Overview
6
6
years of professional experience
1
1
Certification
Work History
Deputy Manager of Security Operation
Samsung Research and Development Institude
NOIDA, Utter Pradesh
12.2021 - Current
- Counseled senior-level management on current privacy and security trends and recommendations to mitigate risk.
- Reviewed violations of computer security procedures and developed mitigation plans.
- Reviewed vulnerability assessments and generate relevant reports for CISOs Perform
- Conducted strong Social Engineering Penetration tests leading to pivoting within networks to the second and third layer.
- Critically defined and implemented requirements for Information Security solutions
- Conducting monthly vulnerability assessment and remediation of discovered risks
- Participating in the implementation and management of security platforms such as endpoint protection, encryption, DRM and more
- Continuous analysis of internal security posture both infrastructure and applications through regular penetration testing and vulnerability scanning and following up on the remediation actions on the issues identified
- Performing regular gap analysis, and providing remediation for all identified issues
- Providing incident response to potentially-malicious or anomalous activity based on event data (log files and data outputs) from a wide range of IT systems components, including IDS/IPS, Firewalls, Web Access Security and DLP systems, and other sources
- Generating security reports and internal security documentation
- Implementation of Windows, Linux and Unix systems - Security, administration, defense in depth measures
Senior Security Analyst
TATA Advanced Systems Limited
Delhi NCR
01.2017 - 12.2021
- Successfully plan and execute all projects within budgeted cost of $ 6 million and reporting to CISO and C level executives about project status and progress on a biweekly basis
- Maintaining Vulnerability Assessment and Penetration Testing Cycle
- Manual VA by using kali OS’s tools
- Using the Nexpose v6.5, Nessus, Burp Suite, ZAP tool
- Vulnerability Assessment of the infrastructure (AWS, Azure, GCP, Network Infra Devices, On-premises machines and End User) and web applications, then managing the patch process through HP RADIA tool to remediate/mitigate the findings
- Making the Vulnerability Management/ Threat Modeling reports and dashboards. Crafting with Excels to maintain their metadata.
- Maintaining VM cycle for remote/on-premises End user machines through Agent Management.
- Analyze the security incidents and coordinate/follow-up/escalate with respected team members to close incident
- Maintaining compliance for vulnerabilities management, Referring the frameworks like NIST 800-53, PCI DSS, SANS - 25, OWASP -10, CIS
- Support the server team to harden the servers as per the security best practice
- Maintaining and responding on the latest threats/APT Advisories (IOCs) according to the latest cyber cases and submitted reports to CISO.
- Worked on Endpoint Detection Response Tool Crowd Strike Falcon, AD security, G- Suite and Multifactor Authentication
- Monitoring & analysis the logs in Firewalls, Intrusion Detection System.
- Doing Cyber security incident response activities.
- Monitoring the logs at SIEM tool - HP ArcSight and define the co-related usecases.
- Vulnerability Assessment of the infrastructure and patching accordingly.
- Assist the manager to launch the Anti-phishing services & campaigns.
Education
Master of Technology - Software Systems
Birla Institude of Technology And Management
Pilani, Rajasthan07.2021
Bechlor in Technology - Electronics And Communications Engineering
IPS Collage of Technology And Managment
Gwalior, Madhya Pradesh06.2016
Higher Secondary - Mathematics, Physics, Chemistry
City Centre Higher Secondary School (C.B.S.E)
Bhind, Madhya Pradesh04.2012
High School Diploma -
City Centre Higher Secondary School (C.B.S.E)
Bhind, Madhya Pradesh04.2010
Skills
- Vulnerability Assessment and Patch Management
- Netskope Data Loss Prevention
- Big ID discovery/ NASCA for data discovery
- Penetration testing
- Firewall
- Social Engineering
- Cryptography
- IAM
- Wireshark software
- Data security
- Endpoint Protection
- Data Encryption
Certification
CompTIA Security +
- ITIL V3
- Certified Ethical Hacker v10
Timeline
Deputy Manager of Security Operation
Samsung Research and Development Institude
12.2021 - Current
Senior Security Analyst
TATA Advanced Systems Limited
01.2017 - 12.2021
Master of Technology - Software Systems
Birla Institude of Technology And Management
Bechlor in Technology - Electronics And Communications Engineering
IPS Collage of Technology And Managment
Higher Secondary - Mathematics, Physics, Chemistry
City Centre Higher Secondary School (C.B.S.E)
High School Diploma -
City Centre Higher Secondary School (C.B.S.E)
Similar Profiles
David Christian Michael Alexander ManongkoDavid Christian Michael Alexander Manongko
Software Engineer at Samsung Research & Development IndonesiaSoftware Engineer at Samsung Research & Development Indonesia
Kiran RawatKiran Rawat
Software Test Engineer at Samsung Research and Development InstituteSoftware Test Engineer at Samsung Research and Development Institute
Bhavnish Bhavnish null
Android Development Engineer at Samsung Research and DevelopmentAndroid Development Engineer at Samsung Research and Development