THIRUMURUGAN R

• Application Security - Having in-depth practical knowledge on Web application, mobile application (android,ios) security and API security. And as lead I had responsibility to govern this process with the primary objective of reducing the overall organizational risk exposure no nil.
• Vulnerability assessment and Penetration testing - With my deep practical knowledge I conduct vulnerability scans using various industrial standard tools & perform penetration tests with the objective to identify the exploitable issues, and help administrators to remediate those issues.
• Network devices audit - Performing security assessments/configuration audits/rule review on network devices like firewall, switch, router.
• Cloud Security - Have good experience in auditing AWS cloud infrastructure and services.
• Security monitoring and investigation - Performing firewall log review, IDS/IPS review, WAF alert review, malware review, network change audits.
• Performing Architecture reviews before every solution onboarding to ensure all components/layers are secure and compliant.
• Change Manager - I had responsibility to review all change tickets (high, medium, low) and ensure security and process compliance. And also need to run change advisory board (cab) meetings.
• Internal Audit (ISO) - Have good experience in conducting internal audits based on ISO 27001 standards and Organizational standards. I have been part of several external audits/faced external auditors and cleared audits.
• Accommodating client security questionnaire and sharing evidence accordingly.
• Conducting monthly security awareness to employees via emails and posters and yearly security awareness activities on october cybersecurity month.
• Have conducted phishing email campaign to organizational employees on motive of training them to avoid any future phishing.

PROJECT / WORK PLACES

• IDFCBANK, Kotturpuram, Chennai. (IDFC ltd a Mutual Fund agency, IDFCBANK ltd)
• Computer Age Management Services (CAMS), Mount rd, Chennai. (A Mutual Fund Transfer Agency to Indian Asset Management Companies)

RESPONSIBILITIES

• Vulnerability Assessment and Web Application Security Testing on web applications, Android mobile applications.
• Vulnerability Assessment and Penetration Testing on Servers/ Network devices.
• Security consultations based on OWASP, PCIDSS, CVE standards.
• Documenting and Reporting the found vulnerabilities. Coordinating with the developers and administrators on providing recommendation and support to fi the vulnerabilities.
• Performed risk analyses to identify appropriate security countermeasures
• Reduced security risks by 90% through enhancing protocols and ensuring adherence to regulations