Simi Singh (US Citizen)

Implemented and managed the SIEM infrastructure using Splunk, ensuring the timely collection, analysis, and
correlation of security event logs.

Configured data inputs, parsers, and event filtering rules to optimize the collection and normalization of log data from
various sources into Splunk.

Developed and maintained Splunk dashboards and reports to provide real-time visibility into security incidents and
trends.

Implemented and managed cloud security controls to ensure the confidentiality, integrity, and availability of data and
systems within the cloud environment.

Developed and executed a cloud security strategy, including the selection and configuration of appropriate security
controls based on industry best practices and compliance requirements.

Utilized cloud service provider's security features and tools to enforce access control, encryption, and secure data
storage within the cloud environment.

Configured and monitored Identity and Access Management (IAM) policies and roles to control user access and
permissions within the cloud infrastructure.

Implemented network security controls, such as Virtual Private Cloud (VPC) configurations, security groups, and network
ACLs, to protect cloud resources from unauthorized access and network-based attacks.

Deployed and configured web application firewalls (WAFs) to protect cloud-hosted applications from common web-
based attacks, including cross-site scripting (XSS) and SQL injection.


Implemented data encryption mechanisms, such as transparent data encryption (TDE) or key management services, to
secure sensitive data stored within the cloud environment.

Configured and monitored logging and auditing features provided by the cloud service provider to detect and
investigate security incidents and unauthorized activities.

Implemented intrusion detection and prevention systems (IDS/IPS) to monitor and mitigate potential threats and attacks
against cloud resources.

Conducted regular vulnerability assessments and penetration testing of cloud infrastructure and applications to identify
and remediate security vulnerabilities.

Implemented automated security and compliance monitoring tools to continuously assess the security posture of the
cloud environment and ensure compliance with relevant regulations and standards.

Developed and documented cloud security policies, procedures, and guidelines to provide clear guidance for secure
cloud usage and ensure consistent security practices.

Collaborated with cross-functional teams to ensure the integration of cloud security controls into the software
development lifecycle (SDLC) and DevOps processes.

Provided guidance and training to stakeholders on cloud security best practices, including secure configuration
management, data protection, and incident response.

Stayed abreast of the latest cloud security trends, vulnerabilities, and emerging threats, and recommended and
implemented necessary security enhancements.

Participated in cloud security audits and assessments to demonstrate compliance with regulatory requirements and
industry standards.

Engaged with cloud service provider's support and security teams to address any security-related incidents or issues in
a timely manner.

Continuously monitored cloud security alerts and advisories to proactively identify and respond to emerging threats and
vulnerabilities.

Worked closely with the compliance and risk management teams to ensure cloud security controls align with
organizational risk tolerance and compliance requirements.

Collaborated with third-party vendors and external partners to evaluate their security posture and enforce necessary
controls when accessing or interacting with cloud resources.

Regularly reviewed and updated cloud security documentation, including security architecture diagrams, control
matrices, and incident response plans.

Implemented and aligned organizational cybersecurity practices with the NIST Cybersecurity Framework (CSF),
ensuring compliance with industry standards and best practices.

Collaborated with the networking team to design and implement network segmentation strategies to enhance the
organization's overall security posture.

Conducted comprehensive gap assessments to identify areas of misalignment with the NIST CSF and developed action
plans to address deficiencies.

Managed program for interception and analysis of ongoing Spear Phishing and malware infiltration
attempts against upper management

Analyzed threat vectors, gathered intelligence information on attackers, advised upper management on ongoing
campaigns

Remediated attacks against personal communication infrastructure of key individuals in upper management
Developed incident response plans and playbooks specifically addressing insider threats, outlining procedures for
investigating and mitigating security incidents involving internal personnel.

Detected and mitigated IP spoofing attacks, leveraging advanced network security tools Cisco ASA to monitor and filter
network traffic, detect and block spoofed IP addresses, and ensure the integrity of network communications.

Developed and maintained documentation and standard operating procedures for certificate management processes
and workflows, ensuring consistency and adherence to industry best practices.

Conducted penetration testing and vulnerability assessments to identify systems and networks susceptible to Ping of
Death attacks.

Conducted regular vulnerability scans using tools such as Nessus and OpenVAS to identify security weaknesses in
systems and networks.

Analyzed vulnerability scan results to determine the severity of issues and prioritize remediation efforts.
Worked closely with system administrators and IT teams to develop and implement effective security controls to
mitigate identified vulnerabilities.

Developed and maintained vulnerability management processes and procedures to ensure the timely and effective
remediation of vulnerabilities.

Conducted periodic vulnerability assessments to ensure ongoing security compliance and identify new threats and
vulnerabilities.

Produced comprehensive reports summarizing the results of vulnerability scans, including recommendations for
remediation and risk mitigation strategies.

Collaborated with other security professionals to stay up-to-date with emerging threats and new vulnerability scanning
techniques and tools.

Responded swiftly and effectively to any security incidents detected by FireEye Endpoint Security, mitigating risks and
minimizing potential damages.

Performed in-depth analysis of endpoint security events and alerts generated by FireEye to identify potential threats,
including malware infections, suspicious behaviors, and unauthorized access attempts.

Generated reports and communicated key findings, insights, and recommendations related to endpoint security posture
to management and stakeholders.

Configured and fine-tuned Proofpoint Email Security policies and rules to effectively identify and block suspicious
emails, including those originating from spoofed addresses.

Conducted investigations and analysis of email spoofing incidents, utilizing Proofpoint's advanced threat intelligence
and forensic capabilities to determine the source and impact of spoofed emails.

Conducted thorough analysis and investigation of financial Trojan incidents to determine the scope, impact, and root
cause of the infections.

Deployed and maintained network security controls, including firewalls, intrusion detection/prevention systems
(IDS/IPS), and Imperva Web Application Firewall (WAF), to detect and block malicious network traffic associated with
financial Trojans.

Implemented firewall rules and access control lists (ACLs) to restrict access to open ports based on security policies and
best practices.

Worked closely with system administrators to ensure timely deployment of security patches, firmware updates, and
software upgrades across organization's infrastructure.

Conducted incident response exercises and developed response plans to effectively mitigate and recover from
DoS/DDoS attacks.

Implemented strong authentication mechanisms and access controls for remote access protocols like RDP or RCP
(Remote Procedure Call) to prevent unauthorized access and mitigate risk of remote access Trojan attacks.

Conducted regular vulnerability scans of the organization's network and systems using industry standard tools such as
Nessus, Qualys, and Nmap.

Analyzed scan results and identified vulnerabilities, prioritizing them based on their severity and potential impact.
Worked with IT and security teams to develop and implement remediation plans for identified vulnerabilities, including
patching and configuration changes.

Monitored and tracked progress of vulnerability remediation efforts, ensuring that all vulnerabilities are addressed in a
timely manner.

Collaborated with IT and security teams to develop and implement security best practices and policies to prevent future
vulnerabilities.

Generated reports on vulnerabilities found and remediation efforts for management review and auditing purposes.
Stayed current with the latest security trends and threats, and took proactive measures to protect the organization's
information and systems.

Conducted regular penetration testing to identify and exploit vulnerabilities in the organization's systems and networks.
Implemented and maintained vulnerability management software to automate the process of identifying and
remediating vulnerabilities.

Collaborated with IT and security teams to develop and implement incident response plans to address security
breaches and data leaks.

Conducted regular risk assessments to identify and prioritize vulnerabilities in various systems and networks.Provided training and awareness to IT and business teams on vulnerability management best practices and procedures.

Security Consultant February 2009 - November 2014
Brookside Resources | Los Angeles , California
Implemented and maintained security controls for SAP systems, including user access management, role-based access
control, and data encryption.

Worked with SAP teams to ensure compliance with industry standards and regulations, such as SOX and PCI-DSS.
Configured and managed SAP GRC (Governance, Risk, and Compliance) module to automate risk management and
compliance processes.

Conducted regular security audits and vulnerability assessments of SAP systems and networks to identify and
remediate potential threats.

Developed and implemented security policies and procedures for SAP systems, including incident response and
business continuity plans.

Monitored and maintained SAP security systems to ensure optimal performance and security.
Implemented and maintained firewalls, intrusion detection and prevention systems, and other security technologies to
protect SAP systems from external threats.

Collaborated with IT and security teams to conduct regular security assessments and implement security best practices
for SAP systems.

Configured and managed SAP's built-in security features such as user provisioning, role-based access, and audit trails.
Assisted in the maintenance of security controls for SAP systems, including user access management, role-based
access control, and data encryption.