Summary
Overview
Work History
Education
Skills
Websites
Certification
Disclaimer
Timeline
Generic
Shraddha Nayak

Shraddha Nayak

Summary

More than 10 years of progressive experience in managing and delivering Cyber Security Solutions and Services like Technology Security Architecture, Security tool deployment, consulting and operations to multiple organizations, strengthening their security posture, and defending them against emerging cyber threats.

Adept at leveraging advanced technologies & best practices to proactively address emerging threats while ensuring regulatory compliance & operational excellence. Committed to driving continuous improvement in security frameworks to protect sensitive data & maintain robust security postures across diverse environments

Overview

10
10
years of professional experience
1
1
Certification

Work History

Security Consultant/Analyst II

NAB
Gurgaon
06.2024 - Current
  • Establishing a connection with businesses to map business requirements to cybersecurity recommendations.
  • Creating cybersecurity artifacts covering the security roadmap, primarily focusing on the endpoint security domain, assessments, security technology architecture, and business architecture.
  • Develop security solution architecture for endpoint security solutions.
  • Conduct a security architecture review to identify, assess, and align the design to ensure enterprise and cybersecurity standards.
  • Providing recommendations and implementing security policies, aligning organization standards and industry standards.
  • Managing a team of three resources working on endpoint security and security applications.
  • Developed, implemented and maintained security policies, procedures and plans.
  • Designed secure architectures for the endpoint security domain.
  • Audited existing infrastructure for weaknesses in order to recommend appropriate corrective measures.
  • Conducted risk assessments for new projects or changes in the operational environment.
  • Coordinating and preparing daily, weekly, and monthly cyber governance decks showcasing highlights and concerns.
  • Working on Rally as Scrum master to track and provide recommendations across cyber units for effective utilization of assets and resources to enhance overall productivity and cyber governance.

Security Senior Analyst

Accenture Solutions
11.2021 - 06.2024
  • Responsibilities involve creating policies, risk analysis, generating reports, maintaining compliance, etc.
  • Audited existing infrastructure for weaknesses in order to recommend appropriate corrective measures.
  • Conduct a security architecture review to identify gaps, and align with cybersecurity standards for endpoint security solutions.
  • Conducted risk assessments for new projects or changes in the operational environment.
  • Reviewed business requirements documents and developed project plans accordingly.
  • Creating operating models, security architecture, support documentation, etc.
  • Team management and guiding with technical troubleshooting, documentation, and the creation of SOPs, and runbooks.
  • Understand the customer requirement, and get the implementation with the backend support team.
  • Preparing daily, weekly, and monthly reports for client meetings, and taking client calls daily.
  • Monitors the progress of incidents with responsible entities or users, and consults with them on actions to be taken.
  • Provides data on security incidents, audit data, by collecting artifacts for Governance Reports.
  • Understand the customer requirement, and get the implementation with the backend support team.
  • Upgrading the client's endpoint environment to the latest version for bug fixes, and to secure the environment from unknown threats.
  • Worked on the zero-day attacks, vulnerabilities, blocking the IOCs, and the remediation plan.
  • Actively working on the P1, or the escalated issues, if any, across the America region.
  • Worked on the Proofpoint TRAP case analysis, TAP analysis/E-mail Protection
  • Using Crowdstrike for sandboxing

IT Security Analyst

Tata Consultancy Services
06.2018 - 11.2021
  • Managing Endpoint Security (Trend Micro Deep Security and Crowdstrike EDR) for client based in the UK
  • Maintain True Positives (TP) & False Positives (FP) tracker of security incidents
  • Provide feedback for Policy Fine-Tuning based on the TP, FP ratio
  • Responsibilities involve Creating Policies, Risk Analysis, Generating Reports, Maintaining Compliance etc
  • Guiding L1 teams with the technical troubleshooting, documentation, and creation of SOPs
  • Preparing weekly and monthly reports for client meetings
  • Monitors the progress of incidents with responsible Entities or Users and Consults with them on actions to be taken
  • Facilitates communications with resolver teams and the on-site team
  • Provides data on security incidents for Governance Reports
  • Understand the customer requirement & get the implementation with the backend support team

Senior Security Analyst

HCL Technologies
12.2014 - 06.2018
  • Managed Symantec/ McAfee Anti-Virus Components for 20K endpoints for the Signature update, Policy enforcement
  • Upgradation of Symantec Endpoint Protection Manager and ePO to the new version, Symantec Protection Engine for NAS drives
  • Managing and supporting security applications
  • Management including signature download & automatic distribution, Virus outbreak management Incident monitoring and threat handling
  • Report generation and documentation
  • Risk log analysis
  • Troubleshooting on servers and clients
  • Security Device Monitoring & management perform activities like monitoring devices for alerts, policies, performance, maintaining ruleset & Policies

Education

Bachelor of Technology - Information Technology

01.2014

Intermediate - Central Board of Secondary Education

01.2010

SSC - Central Board of Secondary Education

01.2008

Skills

  • Develop and implement security architecture specific to end user system/interface security
  • Develop an operating model, business processes, patterns, and accelerators
  • Business requirement to security mapping
  • Perform a security assessment and create the required documentation and recommendations
  • EDR (Crowdstrike, Carbon Black, Sophos, Symantec, Trend Micro etc)
  • System log Integration and analysis
  • Carbon Black Cloud and Application Change Control
  • E-mail gateway (Proofpoint TRAP/TAP/E-mail protection, Barracuda)
  • Antivurus (SEP, Sophos, McAfee etc)
  • Convening and chairing Change Technical Review meetings and Change Advisory Board meetings
  • Identifying and prioritizing process improvements
  • Maintaining track of servers moving to BAU support
  • Providing data for audit purposes
  • Validation of RFCs in build, test, and deployment
  • Implementing RFCs within stipulated time frame covering all the stakeholders and business inline
  • Providing data for audit purposes and ensuring process adherence

Certification

  • Certified in McAfee ePO, McAfee VSE
  • Agile E0, E1
  • Tanium, Cisco amp
  • Proofpoint training

Disclaimer

I hereby declare that the above written are true to the best of my knowledge and belief.

Timeline

Security Consultant/Analyst II

NAB
06.2024 - Current

Security Senior Analyst

Accenture Solutions
11.2021 - 06.2024

IT Security Analyst

Tata Consultancy Services
06.2018 - 11.2021

Senior Security Analyst

HCL Technologies
12.2014 - 06.2018

Bachelor of Technology - Information Technology

Intermediate - Central Board of Secondary Education

SSC - Central Board of Secondary Education

Shraddha Nayak