Sowmyan S

Attack Surface Management (ASM) :

• Spearheaded Attack Surface Management initiatives, reducing the organization’s external risk score by 95% through identifying and mitigating vulnerabilities in the environment.
• Worked with FortiRecon and Recorded Future to continuously monitor and improve the organization’s external attack surface, enabling proactive identification and management of potential security risks.
• Managed brand reputation monitoring and analyzed dark web data, identifying threats related to company data and ensuring the prompt mitigation of sensitive information exposure.

Cloud Security :

• Played a key role in the migration to AWS, ensuring secure architecture and data governance during the transition.
• Implemented NIST frameworks for cloud security, ensuring compliance and continuous monitoring of AWS services.
• Led the implementation of AWS security tools such as GuardDuty (for threat detection), ECR Image Scan (for container image vulnerabilities), and Inspector (for security assessments).
• Worked on IAM (Identity and Access Management) policies, ensuring proper configuration of roles and permissions to maintain the principle of least privilege in AWS.
• Identified and addressed AWS security misconfigurations and ensured all gaps in NIST compliance were reported and promptly remediated.

Network Detection and Response (NDR):

• Led the implementation of NDR solutions, focusing on the identification and analysis of abnormal network behavior, and worked with tools such as Trend Micro, Cisco, Arista, and NetScout.
• Proactively identified potential security risks through traffic analysis and anomaly detection, helping mitigate threats before they impacted the organization’s network infrastructure.
• Collaborated with security teams to fine-tune network detection policies and reduce false positives, improving response efficiency.

Endpoint Detection and Response (EDR) :

• Worked as an EDR Analyst and Responder, managing EDR tools to detect, investigate, and respond to threats targeting endpoints.
• Created and implemented EDR policies to enhance threat detection, focusing on effective incident response to prevent data breaches and endpoint compromise.
• Analyzed security alerts and incidents, investigating root causes and collaborating with stakeholders to resolve security issues and implement corrective actions.

Attack Simulation:

• Utilized attack simulation tools such as Cymulate and Picus to identify weaknesses in the organization’s environment by simulating real-world cyberattacks.
• Successfully identified critical vulnerabilities and worked with the team to implement mitigation strategies, reducing the attack surface and improving the security posture.

Data Loss Prevention (DLP):

• Implemented and configured DLP solutions by collaborating with relevant stakeholders to create policies for protecting critical and confidential data.
• Led the deployment of DLP tools, while working with other tools like Forcepoint, Trellix, Varonis, and Microsoft DLP to detect, prevent, and manage unauthorized access and exfiltration of sensitive data across the enterprise.
• Conducted ongoing reviews and refinements of DLP policies to align with emerging threats and regulatory requirements.