Subhro Bera

Project - Bell Canada Enterprise Data Platform (EDP)

• Implement L2-L3 security best practices for on prem and cloud instances with Bell Canada Enterprise NBD Assets.
• Coordinated remediation with engineering teams and documented RCA reports for security implementations.
• Build & maintain secure landing zones, guardrails, and baselines for security compliance for BCE applications within multi cloud ecospace
• Enforce least privilege, zero-trust principles, and vulnerability response within ServiceNow VR Workspace.
• Automatically prepare incident triage and root cause summaries using Confluence-JIRA
• Create rules and queries within ServiceNow VR Dashboard to get broader overview for security controls within Bell.
• Document findings and remediation steps within SOPs to be used as playbooks for security operations .
• Prioritize and remediate findings with app/infra teams with the L2-L3 security orchestration for host/application vulnerabilities
• Integrate security into CI/CD pipelines wrt to SAST/DAST scanning with SonarQube or HCLAppScan.
• Convert past incidents into reusable knowledge articles and Recommend similar historical incidents during investigations to automate manual SOC Analysis.
• Conducted vulnerability scans for VMs, containers, serverless workloads, and Kubernetes clusters using VA Scanner for Tenable, Prisma CSPM.
• Work with engineering, DevOps, and product teams to embed security into projects.
• Integrated logs with SIEM platforms ie ArcSight, improving incident triage efficiency by 25%
• Conducted periodic posture assessments and cloud audits; remediated high-risk findings with periodic compliance through OneTrust Risk Manager.
• Worked closely with DevOps, Networking, and Application teams to embed security in design reviews and cloud deployments.
• Provided security guidance and onboarding for new cloud initiatives.
• Summarize CVEs with actionable impact insights and Prioritize vulnerabilities by mapping them to exploitable paths.

Project: BCE (Bell Canada Enterprise Internal)

• CSPM technical supervision and monitoring dashboards for Enterprise applications within Bell Canada Enterprise Global Technology Center.
• Health Checks and Vulnerability Management for critical cloud applications and on-prem servers with ServiceNow VR Response Center to achieve 85% response capabilities.
• Create periodical reports for compliance management after completing Bell Canada enterprise security controls with OnTrust Risk Center to achieve overall security posture of 80%>
• XDR /EDR compliance for endpoints within host containers and other Bell Canada Private cloud infrastructure while maintaining Security Compliance to 100%
• Develop and implement cloud security frameworks tailored to organizational goals across IaaS, PaaS, and SaaS environments with detailed experience on infrastructure wrt DAST/SAST with HCLAppScan and SonarQube for complying 80% for AppSec mark.
• Assist in conducting vulnerability assessments & penetration testing to identify risk within a multi-cloud environment or Big Data systems for security delegation on CIEM and CWPP on cloud environment.
• Create workflows for cloud-based incident response use cases and lead high-impact projects addressing security breaches through security controls.
• Monitor cloud dashboard and correlate with compliance report, supporting EDR/XDR compliance prioritizing CWPP/CIEM/CSPM across applications with NBD.
• Security configurations on servers to verify SOC forwarders for compliance and risk management.
• Conduct SAST/DAST security tests on containerized applications in multi-cloud and provide insights on cost-effective security remediation for efficient application security directives.
• Conducted regular safety inspections to identify potential vulnerabilities and improve response protocols.
• Assisted in developing security plans tailored to specific site requirements and risk assessments.
• Provided support during investigations by gathering evidence and compiling reports for management review.
• Maintained accurate records of security activities, ensuring compliance with company policies and regulations.
• Led engineering teams to successfully complete projects on time and within budget.
• Reduced false positive alerts by refining configuration of security monitoring tools.
• Enhanced employee security awareness with comprehensive training programs.

• Maintaining ZeroFOX's security posture across the enterprise, focusing on endpoint security and logging/alerting capabilities for the organization.
• Serve as primary engineer for endpoint security, including endpoint security (EDR/AV) tool administration, policy configuration, and alert response, as well as endpoint secure baseline configuration and forensics.
  Experience with SentinelOne EDR and Tanium Threat Response XDR control for threat analysis and mitigation.
• Provide support for efforts related to monitoring, logging, and alerting, with a focus on automation for EDR agent installation using automation scripts
• Triage and resolve security alerts from internal systems, providing operational support for the team and other functional teams such as network, operations and other IT functional teams
• Assist with conducting internal security assessments, prioritizing any gaps, and developing and implementing a prioritized remediation plan to provide effective threat response and modelling.
• Assist with monitoring and reporting of enterprise security posture within cloud workloads and on prem services.
• Ensure continuous compliance with standards such as NIST, SOC2, within the company
• Strong technical acumen and prior experience as it relates to information security, specifically endpoint security, cloud infrastructure, logging/monitoring/alerting, SIEM, security reviews, and incident response
• Insights on triaging, managing, and responding to information security events within SIEM console
• Working with implementing multi factor authentication with Last Pass .
• Implemented PAM controls with respect to credential vaults for Securely stores privileged passwords, SSH keys, and API keys for company on prem servers and assets with CyberArk PAM Controls.
• Successfully interacting with internal and external stakeholders, including non-technical business stakeholders, on matters related to information security and provide resolution or change management for workloads.
• Automated Security Operations with CI/CD Pipelines and creating Ansible/Terraform scripts for multiple host within the internal company asset.
• Automated security implementation with integrating GitLab codes with SonarQube/Prisma CSPM wrt to company assets.
• Work with DevOps/SAST/DAST team to implement security controls with respect to CVE/CWE/CVSS for code security.

• Ensure cloud services align with regulatory standards for audit reporting, URL traffic monitoring and enforce disciplinary policies for non-compliance
• Assist in identifying security gaps and recommending mitigation measures in collaboration with SOC teams and CSPM approach with Azure Sentinel and Microsoft Defender.
• Oversee onboarding/offboarding processes for cloud subscriptions and manage compliance reports on user activity
• Implement mechanisms to control cloud spending migration and deployment on effective CSPM posture.
• Document and communicate security incidents through predefined frameworks, including initial alerts, ongoing updates, and resolution summaries related to Dashboard monitoring with Azure Security Center
• Cost estimation through efficient use of resource allocation for better CSPM through Azure Sentinel and Azure
• Use of Azure Cost Optimizer to automate cost management tasks, such as budget alerts and cost anomaly and threat detection, streamlining financial operations.
• Orchestrate 24/7 security monitoring using advanced SIEM technologies, reducing false positives by 30%
  Conduct in-depth threat analysis and event correlation using MITRE ATT&CK framework with correlation to security operation center
• Lead vulnerability assessments and collaborate on remediation strategies across business units
• Develop and maintain security playbooks, improving team efficiency by 25%
• Conducted regular risk assessments to identify vulnerabilities and recommend improvements.
• Collaborated with cross-functional teams to streamline incident reporting processes.
• Developed and implemented security protocols to enhance site safety and compliance.
• Reviewed and updated security policies based on evolving threats and regulatory changes.