Sathish Kumar Bhima

Information Security professional with 10+ yrs of relevant experience in Vulnerability Management, Threat Intelligence, Security Operations, Incident Response & 3yrs into Mainframes spanning across domains like Healthcare, Telecom, Insurance and Banking.

An effective communicator with strong Team Management, Analytical and Problem-Solving skills with exposure to various dimensions of Information Security such as Strategic Planning, Processes and Compliance.

• VAPT: Tenable, Qualys, Acunetix, Nmap, Kenna Security, Security Scorecard, IT360, ServiceNow (SecOps), Metasploit, Burp Suite
• SOC/CTI: CrowdStrike, Bit9, Proofpoint (Enterprise, TAP, TRAP), Forcepoint, Netskope, LogRhythm, Wireshark, Cuckoo, Joe Sandbox
• Misc.: ServiceNow, HP Service Manager, JIRA, Microsoft Visio, Axonius

• Regular attendee to null & Nullcon - International Security Conference.
• Conducted few sessions on Information Security across teams.

• Associate Consultant, HCL TECH, HYDERABAD, 06/2022, Present, Performing VA on entire network including network devices, servers, Desktops., Following the Vulnerability Management Life cycle from discovery to closure, Working in ServiceNow (SecOps) for the accountability of each vulnerability, Actively tracking updates on the Vulnerabilities from the Remediation towers and assist remediation champions during remediation, Analyze and Approve Software's to be packaged by Packaging team., Work on EOL items by actively reaching out to the Service Lines, Prepare monthly Security Bulletins after validating the latest patches, Create various Dashboards and trackers in ServiceNow & SharePoint resp., Frequent connects with Windows and Linux teams to discuss Emergency/Expedite patch approach if applicable., Initiate War Rooms for any Critical/Zero Day Vulnerabilities identiTied and maintain till it resolved., Actively reaching out to various App Managers for closure of the issues identiTied by the Security Scorecard tool., Coordinate with Finding Owners on the GAP requests which are about to expire., Frequent connects with M&A's and Data Protection Governance teams
• Associate Consultant, HCL TECH, HYDERABAD, 12/2021, 06/2022, Worked as an Implementation Manager, Conducts reviews for implementing various policies and procedures., Providing operational support for the engagements., Interacting with stakeholders in gathering the tech stack and requirements., Preparing comprehensive reports detailing Tindings and recommendations.
• GISO Lead, TATA CONSULTANCY SERVICES, HYDERABAD, 01/2017, 11/2021, Manage Offshore team and handling various connects with leadership teams, Successfully completed Security GAP Analysis project., Prepare comprehensive reports detailing Tindings and recommendations., Assist BU Owners in understanding risk & threat level associated with vulnerability with respect to business criticality., Perform Vulnerability Assessment on assets using Tenable (Nessus)., Guide the development teams to address all identiTied vulnerabilities and rescan., Excellent working knowledge on ServiceNow ticketing tool., Perform Web Application Scanning on external and internet facing applications., Actively reaching out to BU owners especially on EOL / EOS related items., Strong knowledge in creating Access Groups, Dynamic & Static Tagging in Tenable.io., Created various dashboards against teams to track the Vulnerability Remediations., Perform Automated Security Testing using Acunetix., Implement various Security policies to safeguard the Organization work, Good expertise in analyzing Vulnerability, API and Web App Scan reports
• Security Operations Center Lead, TCS, HYDERABAD, 02/2014, 01/2017, Collect, correlate, and categorize to determine analytics on threats, tactics, and procedures [TTP's] by using Cyber kill chain framework., Handle Critical and High security events towards containment & remediation., Responsible for SOC operations in 24x7 environment., Analyze SPAM and phish emails and take necessary actions in blocking the sender across organization and quarantine the suspicious emails., Conduct phishing campaigns to educate associates on phishing techniques., Analyze the process chain in CrowdStrike for behavioural analysis and work with the support team for further actions., Maintain 'Developer Prevention Policy' and 'Prevention Hash' policies to reduce false positive alerts in CrowdStrike., Analyze and update the blacklisting of domains and malicious IP's at proxy., Manually analyze weblogs if necessary and block or allow them based on provided business justiTication in Forcepoint., Review & Update Forcepoint Organizational blocklist including Proofpoint URL attacks, Deal with multiple vendors and clients in real time by arranging meetings and resolving issues., Imposing the blacklisting of domains and malicious IP's at proxy and Tirewall level., Mentoring new members and guiding them along with in the project.
• ADM Team Member, TCS, CHENNAI, 02/2011, 12/2013 (NON INFOSEC), Handle Critical and High security events towards containment & remediation., Understanding the requirements and getting clariTications for the change requests, Expertise in Development, Maintenance, Enhancement and End-User Support., Offshore Co-ordination for Level2 support activities (Incidents, Problems, Live issues, User queries, etc.) and Change activities (Enhancements and Projects)., Received appreciation notes from Service Manager for decreasing the MTTR, Resolving user queries, root cause analysis and Tixing them

• VAPT: Tenable, Qualys, Acunetix, Nmap, Kenna Security, Security Scorecard, IT360, ServiceNow (SecOps), Metasploit, Burp Suite
• SOC/CTI: CrowdStrike, Bit9, Proofpoint (Enterprise, TAP, TRAP), Forcepoint, Netskope, LogRhythm, Wireshark, Cuckoo, Joe Sandbox
• Misc.: ServiceNow, HP Service Manager, JIRA, Microsoft Visio, Axonius

• Regular attendee to null & Nullcon - International Security Conference.
• Conducted few sessions on Information Security across teams.

• Associate Consultant, HCL TECH, HYDERABAD, 06/2022, Present, Performing VA on entire network including network devices, servers, Desktops., Following the Vulnerability Management Life cycle from discovery to closure, Working in ServiceNow (SecOps) for the accountability of each vulnerability, Actively tracking updates on the Vulnerabilities from the Remediation towers and assist remediation champions during remediation, Analyze and Approve Software's to be packaged by Packaging team., Work on EOL items by actively reaching out to the Service Lines, Prepare monthly Security Bulletins after validating the latest patches, Create various Dashboards and trackers in ServiceNow & SharePoint resp., Frequent connects with Windows and Linux teams to discuss Emergency/Expedite patch approach if applicable., Initiate War Rooms for any Critical/Zero Day Vulnerabilities identiTied and maintain till it resolved., Actively reaching out to various App Managers for closure of the issues identiTied by the Security Scorecard tool., Coordinate with Finding Owners on the GAP requests which are about to expire., Frequent connects with M&A's and Data Protection Governance teams
• Associate Consultant, HCL TECH, HYDERABAD, 12/2021, 06/2022, Worked as an Implementation Manager, Conducts reviews for implementing various policies and procedures., Providing operational support for the engagements., Interacting with stakeholders in gathering the tech stack and requirements., Preparing comprehensive reports detailing Tindings and recommendations.
• GISO Lead, TATA CONSULTANCY SERVICES, HYDERABAD, 01/2017, 11/2021, Manage Offshore team and handling various connects with leadership teams, Successfully completed Security GAP Analysis project., Prepare comprehensive reports detailing Tindings and recommendations., Assist BU Owners in understanding risk & threat level associated with vulnerability with respect to business criticality., Perform Vulnerability Assessment on assets using Tenable (Nessus)., Guide the development teams to address all identiTied vulnerabilities and rescan., Excellent working knowledge on ServiceNow ticketing tool., Perform Web Application Scanning on external and internet facing applications., Actively reaching out to BU owners especially on EOL / EOS related items., Strong knowledge in creating Access Groups, Dynamic & Static Tagging in Tenable.io., Created various dashboards against teams to track the Vulnerability Remediations., Perform Automated Security Testing using Acunetix., Implement various Security policies to safeguard the Organization work, Good expertise in analyzing Vulnerability, API and Web App Scan reports
• Security Operations Center Lead, TCS, HYDERABAD, 02/2014, 01/2017, Collect, correlate, and categorize to determine analytics on threats, tactics, and procedures [TTP's] by using Cyber kill chain framework., Handle Critical and High security events towards containment & remediation., Responsible for SOC operations in 24x7 environment., Analyze SPAM and phish emails and take necessary actions in blocking the sender across organization and quarantine the suspicious emails., Conduct phishing campaigns to educate associates on phishing techniques., Analyze the process chain in CrowdStrike for behavioural analysis and work with the support team for further actions., Maintain 'Developer Prevention Policy' and 'Prevention Hash' policies to reduce false positive alerts in CrowdStrike., Analyze and update the blacklisting of domains and malicious IP's at proxy., Manually analyze weblogs if necessary and block or allow them based on provided business justiTication in Forcepoint., Review & Update Forcepoint Organizational blocklist including Proofpoint URL attacks, Deal with multiple vendors and clients in real time by arranging meetings and resolving issues., Imposing the blacklisting of domains and malicious IP's at proxy and Tirewall level., Mentoring new members and guiding them along with in the project.
• ADM Team Member, TCS, CHENNAI, 02/2011, 12/2013 (NON INFOSEC), Handle Critical and High security events towards containment & remediation., Understanding the requirements and getting clariTications for the change requests, Expertise in Development, Maintenance, Enhancement and End-User Support., Offshore Co-ordination for Level2 support activities (Incidents, Problems, Live issues, User queries, etc.) and Change activities (Enhancements and Projects)., Received appreciation notes from Service Manager for decreasing the MTTR, Resolving user queries, root cause analysis and Tixing them