Siddhesh Parab
Summary
Dedicated and results-driven Cloud Security Engineer with extensive experience in monitoring, analyzing, and enhancing cloud security incidents and threats in real-time. Seeking a challenging role to leverage expertise in conducting risk assessments, implementing security measures, and collaborating with clients to fortify their cloud infrastructure.
Overview
5
5
years of professional experience
1
1
Certification
Work History
Consultant
KPMG Assurance and Consulting Services LLP
06.2024 - Current
- Conducting regular cloud risk assessments and vulnerability scans
to identify vulnerable workloads and unused services helping them in
addressing critical issues, and cost optimization - Experience on AWS Security Tools (AWS GuardDuty, AWS
Inspector, AWS MACI, AWS Security Hub, AWS Secret Manager,
AWS WAF) - Experience and Knowldege on Azure Security tools (Azure Sentinel, Defender for cloud, Microsoft Entra ID, Azure keyvault, Azure DDos protection)
Experience and Knowledge on Google Security Tools (Google IAP,
Cloud Armor, GCP Command Center, GCP Organization Policies. - Experience and Knowldege on Native cloud services (Azure resource group, Azure Storage account, Azure NSG, Azure NSG flowlogs, Azure activity log, AWS Cloudwatch, AWS Cloud trail, AWS storage, GCP storage, GCP flow logs, )
- Knowledge on Compliance Standard (ISO 270001, SEBI, PCI-DSS,
CIS Benchmark) - Integration of central code repositories, VCS, and CI/CD pipelines in Prisma Cloud.
- Leading training sessions and keeping clients informed about the
latest features introducing in Prisma Darwin Console - Conducting Governance and MRM meeting with the senior management to understand customer satisfaction and customer expectations.
- Creation of Prisma cloud WAAS rules to detect and prevent the application and API against various day-to-day attacks.
- Knowledge on AWS Control Tower, GCP Landing Zone, Azure Architecture Center.
- Assisting customers in conducting regular Identity and Access
Management (IAM) reviews, ensuring adherence to the least
privilege concept - Engaging with customers on a timely basis to understand their infrastructure and workflows, providing guidance to enhance cloud security in various aspects.
- Led end-to-end project management, from implementation to
sustenance, and collaborated continuously with customers to resolve
cloud security challenges - Contributing to process management activities, including SOP
creation, implementation documents, governance presentations, and
kick-off presentations - Developing custom policies and compliance measures after
analyzing cloud workflows and customer requirements to reduce
false-positive risks and focusing on true incidents - Collaborating with Cloud and DevOps teams to address
misconfigurations at the build stage, offering suggestions to modify
Infrastructure as Code (IAC) templates - Conducting Prisma Policy reviews, ensuring the cloud environment
adhered to governance standards - Monitoring and analyzing cloud security events and logs across
various cloud platforms, aligning them with security best practices to
identify and respond to security incidents and threats in real-time\ - Creation of Cloud Workload Protection (CWP) rules with a
vulnerability perspective, enabling customers to block and alert
vulnerabilities before deployment and providing real-time
notifications - Onboarding of Cloud accounts and organizations for various Cloud
Service Providers (CSPs) in Prisma Cloud, configuring and enabling
related rules and services - Installing and configuring Prisma Cloud Defender on various
workloads to detect and protect against vulnerabilities and
compliance issues - Feasibility the integration of SIEM with Prisma Cloud to enhance
visibility for clients - Conducting Back recovery assesments as per the customer requirements and creating a recovery playbook for incident recovery
Senior Cloud Security Engineer
Technosprout Systems Pvt Ltd
04.2023 - 06.2024
Cloud Security Engineer
Technosprout Systems Pvt Ltd
10.2021 - 03.2023
- Conducting regular cloud risk assessments and vulnerability scans to identify vulnerable workloads and unused services helping them in addressing critical issues, and cost optimization
- Experience on AWS Security Tools (AWS GuardDuty, AWS Inspector, AWS MACI, AWS Security Hub, AWS Secret Manager, AWS WAF)
- Experience AWS Security Tools, Azure Security center.
- Experience and Knowledge on Google Security Tools (Google IAP, Cloud Armor, GCP Command Center, GCP Organization Policies.
- Reporting of the L1 team to understand daily tasks and tracking assigned tasks to streamline the activity and processes
- Knowledge on Compliance Standard (ISO 270001, SEBI, PCI-DSS, CIS Benchmark)
- Integration of central code repositories, VCS and CI/CD pipelines in Prisma Cloud
- Leading training sessions and keeping clients informed about the latest features introducing in Prisma Darwin Console
- Conducting Governance and MRM meeting with the Senior management to understand the Customer satisfaction and Customer Expectations
- Creation of Prisma cloud WAAS rules to detect and prevent the Application and API against various day to day attacks
- Knowledge on AWS Control Tower, GCP Landing zone, Azure Architecture center
- Assisting customers in conducting regular Identity and Access Management (IAM) reviews, ensuring adherence to the least privilege concept
- Engaging with customers on a timely basis to understand their infrastructure and workflows, providing guidance to enhance cloud security in various aspects
- Led end-to-end project management, from implementation to sustenance, and collaborated continuously with customers to resolve cloud security challenges
- Contributing to process management activities, including SOP creation, implementation documents, governance presentations, and kick-off presentations
- Developing custom policies and compliance measures after analyzing cloud workflows and customer requirements to reduce false-positive risks and focusing on true incidents
- Collaborating with Cloud and DevOps teams to address misconfigurations at the build stage, offering suggestions to modify Infrastructure as Code (IAC) templates
- Conducting Prisma Policy reviews, ensuring the cloud environment adhered to governance standards
- Monitoring and analyzing cloud security events and logs across various cloud platforms, aligning them with security best practices to identify and respond to security incidents and threats in real-time
- Creation of Cloud Workload Protection (CWP) rules with a vulnerability perspective, enabling customers to block and alert vulnerabilities before deployment and providing real-time notifications
- Onboarding of Cloud accounts and organizations for various Cloud Service Providers (CSPs) in Prisma Cloud, configuring and enabling related rules and services
- Installing and configuring Prisma Cloud Defender on various workloads to detect and protect against vulnerabilities and compliance issues
- Feasibility the integration of SIEM with Prisma Cloud to enhance visibility for clients
- Basic knowledge of various Cyber Attacks and tactics (eg Phishing, Ransomware, SQL injection, DOS, Zero Day attack )
- Knowledge of Native Cloud Security Services.
Project Co-ordinator
Technosprout Systems Pvt Ltd
08.2021 - 09.2021
Technical Sales Engineer
Paresh Construction - Foundation Pvt LTD
05.2021 - 06.2021
Technical Sales Engineer
Aurtech Construction Pvt Ltd - India
07.2019 - 05.2021
Education
Bachelor of Engineering - Electronics And Telecommunication Engineer
Vidyalankar Institute Of Technology
05.2019
Electronics and Telecommunication Engineer -
Vivekanand Education Society's Polytechnic
05.2016
Skills
- Cloud Security
- Prisma Cloud
- Google Cloud Platform (GCP Native Security Tools)
- Amazon Web Services (AWS Native Security Tools)
- Microsoft Azure (Azure Native Security Tools)
- Cloud Workload Protection (CWP)
- Cloud Security Posture Management (CSPM)
- Risk Assessment
- Vulnerability Management
- Identity and Access Management (IAM)
- Project Management
- Process Management
- Compliance Management
- Team Management
- Google Workspace-Admin
- Accountability & Leadership
Certification
- Prisma Certified Cloud Security Engineer (PCCSE)
- Professional Google Cloud Security Engineer
- Palo Alto Networks System Engineer (PSE) - Prisma Cloud Professional
- CYBERFORCE: Defender
- CyberArk Certified Trustee
- CyberArk Certified Sales Professional Access
- CyberArk Certified Sales Professional PAM
Timeline
Consultant
KPMG Assurance and Consulting Services LLP
06.2024 - Current
Senior Cloud Security Engineer
Technosprout Systems Pvt Ltd
04.2023 - 06.2024
Cloud Security Engineer
Technosprout Systems Pvt Ltd
10.2021 - 03.2023
Project Co-ordinator
Technosprout Systems Pvt Ltd
08.2021 - 09.2021
Technical Sales Engineer
Paresh Construction - Foundation Pvt LTD
05.2021 - 06.2021
Technical Sales Engineer
Aurtech Construction Pvt Ltd - India
07.2019 - 05.2021
Bachelor of Engineering - Electronics And Telecommunication Engineer
Vidyalankar Institute Of Technology
Electronics and Telecommunication Engineer -
Vivekanand Education Society's Polytechnic
Similar Profiles
Pallak BahlPallak Bahl
HR - Analyst at KPMG Assurance and Consulting Services LLPHR - Analyst at KPMG Assurance and Consulting Services LLP
Ashish AgnihotriAshish Agnihotri
Manager at KPMG Assurance and Consulting Services LLPManager at KPMG Assurance and Consulting Services LLP
Simarjeet KaurSimarjeet Kaur
Executive Assistant at KPMG Assurance and Consulting Services LLPExecutive Assistant at KPMG Assurance and Consulting Services LLP
Palash SharmaPalash Sharma
Associate Director • Industry - AID at KPMG Assurance and Consulting Services LLPAssociate Director • Industry - AID at KPMG Assurance and Consulting Services LLP
Prashant KashyapPrashant Kashyap
Consultant at TATA CONSULTANCY SERVICESConsultant at TATA CONSULTANCY SERVICES