Sep 2024 – Jun 2025 · 9 mos · New Delhi, Delhi, India · On-site

• Security Consultant at CSIRT - Power Ministry of Power (GOI) managing IT/OT Security

Jan 2023 – Sep 2024 · 1 yr 8 mos · Noida, Uttar Pradesh, India

• Effectively reduced false positives and implemented prevention & sensor update policies based on EDR best security standards in a 50,000+ host environment. Additionally, successfully implemented identity protection, enhancing visibility into user behavior-based detections within our environment.
• Managed log ingestion from diverse sources and optimized deployment servers and Universal/Heavy forwarders for enhanced efficiency.
• Monitored and maintained SIEM log health, managed SIEM InfoSec tools, and ensured compliance with Validator standards.
• Successfully facilitated the implementation of MFA SSO integration from LDAP. Enhanced MFA policies to bolster security and gain deeper insights into endpoint usage for VPN and other tools.
• Manage data and adhere to stringent security standards aligned with audit certifications such as PCI DSS, SOC 1 & 2, HiTrust, ISO, and others. Present comprehensive data and evidence to satisfy compliance team requirements for audits across diverse certifications.
• Leveraged APIs and scripting to automate workflows, resulting in significant time savings and enhanced tool utilization.

Dec 2020 – Sep 2024 · 3 yrs 9 mos · Noida, Uttar Pradesh, India

• Key contribution:
• SIEM - Creating and maintaining dashboards, alerts, reports and many use cases to help the team in ease of doing log analysis and also creating lookups for data extraction.
• Firewall - Maintaining policies and analysis of logs from traffic, threat and url filtering. Managing Security Profiles and troubleshooting issues related to firewall.
• EDR - Analysis of Endpoint hosts for detections and response . Managing antivirus policies for Laptop/Desktops & Servers as per best recommended practices.
• Maintaining VPN access through ISE and analysing logs for troubleshooting and threat.
• Manage MFA to provide access to in house users and clients. Analysing logs to troubleshoot general issues and also revewing logs to identify threats.
• Vulnerability Assessment and Reporting for multiple organization sites/datacenters.
• Incident Management - Actively responding & manging to the reported or generated Incidents from Clients & Tools to remediate threat.

Jun 2018 – Aug 2018 · 2 mos · Noida, Uttar Pradesh, India

• Network Security Analyst

Feb 2018 – Apr 2018 · 2 mos · New Delhi Area, India