SATHEESH P
Senior Analyst Security Operations
Chennai,TN
Summary
Experienced Security Operations Analyst with over 9 years of expertise in cybersecurity, firewall operations, endpoint detection & response (EDR), vulnerability management, cloud security, and privileged access management. Skilled in using tools such as Fortigate, SentinelOne, AlgoSec, BitSight, Rapid7, Qualys, Azure Security Center, Cloudflare VPN, and Delinea Secret Server. Proven ability to handle security threats, enforce compliance, and manage enterprise security solutions end-to-end.
Overview
11
11
years of professional experience
1
1
Certification
Work History
Senior Analyst – Security Operations
HID Global
08.2021 - Current
- Installed and managed SentinelOne agents across multiple endpoints
- Experience in Security operations Solutioning
- Conducted threat hunting and malware analysis using the SentinelOne console
- Integrated API for posture check to verify endpoint health for VPN access
- Analyzed logs and performed remediation and forensic investigation
- Managed rule configurations, access troubleshooting, and security profiles
- Handled change management, cleanup activities, and firewall standardization
- Analyzed firewall rules, identified security gaps, and optimized policies
- Conducted weekly scans and reported vulnerabilities for Windows, Linux, and other OS
- Coordinated with IT teams for remediation and patch management
- Tracked BitSight ratings and addressed vulnerabilities affecting security posture
- Handled operational tasks including user access management and audit reporting
- Managed VPN operations, performed log analysis and API integration for posture validation
- Troubleshot endpoint VPN issues and improved access reliability
Associate – Infra Security
Cognizant Technology Solutions
06.2018 - 08.2021
- Good Experience on Administration and Troubleshooting of Azure IAAS Components (VM, Storage, VNET, OMS, NSG, RBAC)
- Designed Network Security Groups (NSGs) to control inbound and outbound access to network interfaces (NICs), VMs and subnets
- Setup Azure Virtual Appliances (VMs) to meet security requirements as software based appliance functions (firewall, WAN optimization and intrusion detections)
- Utilized NSGs for layer 4 Access Control List (ACLs) for incoming and outgoing packets
- Managed IP Forwarding for VMs and role instances acting as virtual appliances, Vnet peering to ensure Vnet to Vnet communication is accessible privately
- Designed and configured Azure Virtual Networks (VNets), subnets, Azure network settings, security policies and routing
- Troubleshooting network issues through Network Watcher and Log Analytics
- Monitoring and securing the Azure cloud with ASC(Azure Security Center), understanding the alerts and recommendations to fix the issues and tuning the parameters with client requirement
- Analyzing the Wired, Wireless, BYOD and Guest access, fixing the issues related with Cisco ISE connectivity, profiling new on-boarding devices, updating the patches and appliance through CIMC
- Configuring DMZ Zones, NAT, ACLs allowing access to Web, Email and FTP servers accessible
- Troubleshooting on port/protocol/traffic block and allowing access through proper ITIL process
- Creating Policies, Blocking URL's, bypassing traffic blocked by IPS, Geo-location blocking are done through Firepower Management Console (FMC)
- Cisco ASA IOS firmware upgrade and Firepower through (FMC) and maintaining certificates on ASA
- Creating new customized Policies, Filters and allowing specific category or URL's to specific or group of users
- Capture and analysis logs captured on content gateway to identify the redirected URL's and bypass
- Creating scripts for bypassing through PAC, SSL and etc in proxies
- Successfully carried out upgradation on different platforms like ASA firewalls, VPN and Proxies
- Experience in Installation and configuration of Trend Micro DLP suite
- Able to configure and review of technical rule sets, policies ensuring consistency
- Collaborate with IT Security and Risk team as well as with other functional and technical partners to define and manage DLP incident and workflow
- Adding the Deep security manager to the new VM's
- Scanning the networks and fetch the report using Qualys Guard
- Running discovery scan across the cloud and adding the new domains in the assets
- Analyze the scan report and providing the recommendations and risk assessments to technical teams based on severity
- Following up with the technical teams to make sure the vendor patches are updated on the vulnerable systems
Network Engineer – GNOC (DDoS)
Sify Technologies
08.2015 - 06.2018
- Company Overview: Leading Internet Service Provider
- 3 years and 5 months of work experience in a leading Internet Service Provider
- Responsible for monitoring analyzing and mitigating security threats on Sify's top tier clients networks and providing summary report of the same on a regular basis
- Responsible for preparing and delivering sales pitches/technical presentations on SIFY's products to prospective clients
- Sound knowledge in various types of DDoS attacks
- Investigating logs from IPS sensor and reporting acute threats
- Performing security audits of perimeter routers
- Experience in implementing real time defenses to protect the customer's network and Sify's network infrastructure during attack time
- Experience in Implementing, Configuring, Troubleshooting and Testing of customer's networks
- Monitoring the traffics for managed customers and their utilization and working in level 3 layers
- Conduct Network Performance tests
- Preparing network diagrams and documentation
- Troubleshooting IOS related bugs based on past history and appropriate release notes
- Responsible for keeping updated on latest network security threats and trends/ techniques available to mitigate and protect against the same
- Mitigated attack traffic of up to 70gbps in real time
- Leading Internet Service Provider
Process Associate
Sify Technologies
07.2014 - 08.2015
- Raised TAC for managed customers and coordinated L1/L2 issue resolution
- Troubleshot internet links, coordinated with vendors, and supported device replacement
- Provided up-to-date support on product queries and service escalations
Education
Bachelor's Degree - Instrumentation And Control
St Jospeh's College of Engineering
Chennai, India 04.2001 -
Skills
Accomplishments
- Supervised operations including the implementation of effective security policies, protocols, project documentation, milestones, and technical/business specifications.
- Assessed and analyzed logs from FortiGate Firewall; reviewed policies based on requirements and configured necessary changes.
- Implemented FortiManager and synchronized all firewalls for regular backups; resolved issues related to policy sync and ADOM-level management.
- Integrated AlgoSec for firewall orchestration and streamlined policy management.
- Resolved multiple issues related to EDR solutions; deployed agents across Windows, macOS, and server environments.
- Created multiple exclusions for trusted sites and automated threat management and alerting systems.
- Collaborated with the Vigilance team to handle breach events, successfully triaged incidents, and implemented mitigation measures.
- Managed and mentored the SOC team; conducted internal calls to review pending tickets, identify delays, and share knowledge.
- Participated in the implementation of the Cloudflare VPN solution with the network team; focused on security measures including API integration of the EDR solution, posture check controls, application-level control, web services restrictions, user and policy-level controls.
- Implemented remote password management using Delinea.
- Worked extensively with email security tools; handled and resolved 13 different types of email threats.
- Proficient in Azure Security Center orchestration, IDS/IPS management, and mitigation of DDoS traffic.
Certification
Azure Az-500
Azure AZ-500 2021-01
Azure Security Engineer Associate
Timeline
Senior Analyst – Security Operations
HID Global
08.2021 - Current
Azure Az-500
01-2021
Associate – Infra Security
Cognizant Technology Solutions
06.2018 - 08.2021
Network Engineer – GNOC (DDoS)
Sify Technologies
08.2015 - 06.2018
Process Associate
Sify Technologies
07.2014 - 08.2015
Bachelor's Degree - Instrumentation And Control
St Jospeh's College of Engineering
04.2001 -
Similar Profiles
Manikandan InbamaniManikandan Inbamani
Senior Staff Engineer at HID GlobalSenior Staff Engineer at HID Global
Zachary OsneZachary Osne
IT Support Engineer at HID GLOBALIT Support Engineer at HID GLOBAL
Akshay GanjooAkshay Ganjoo
International Sales Development Representative at HID GlobalInternational Sales Development Representative at HID Global
Capt Amitesh Singh CPP CFECapt Amitesh Singh CPP CFE
Director Facility Security at Delhivery LimitedDirector Facility Security at Delhivery Limited
Shanmuga Priyan MuruganShanmuga Priyan Murugan
Technology Services Engineer III at Walmart Global TechTechnology Services Engineer III at Walmart Global Tech