Nov 2020 – Nov 2024 · 4 yrs · Remote

• Multi cloud Security architecture as per NIST (AWS, GCP, Azure)
• Threat Modelling of application and Infrastructure
• Risk Management(Assessment, monitoring, response)
• OWASP ASVS and SAMM for Application Security
• Business Impact Analysis for BCDR
• Data Impact Analysis for GDPR and Data Security
• Security tools and SIEM implementation
• Policy drafting for SOC2 and ISO 27001
• Security Incident response planning
• Helped multiple Organisations with SOC2 Type1 and Type2 , ISO 27001(end to end)

Nov 2018 – Aug 2020 · 1 yr 9 mos · Bengaluru Area, India · On-site

• Vulnerability Assessment for AWS, Docker, Github and Public endpoints etc
• HA and Fault Tolerance Readiness by performing BIA/DIA(Business/Data Impact Analysis), DR(Disaster Recovery) and BCP(Business Continuity Plan)
• Checking readiness of organisation for ISO 27001:2013 and SOC-2, CSA star level
• GAP filling for GDPR and working with multiple teams for data classification, categorisation and data security.
• Application Pen testing for public endpoints
• Information security awareness training for end users and internal blog series
• Phishing attacks to check employee information security awareness
• POC for security tools - Wazuh, AWS detective, Nessus, nexpose, AWS Inspector, Anchore Engine, CliarOS and docker-bench-security
• VAPT ownership, dealing with vendors and collaboration with internal teams for resolution of reported vulnerabilities
• Infrastructure-as-code with terraform and packer for creating Golden images, and terraform code security check with terrascan and checkov
• Documentation of ISMS policies, Standards and Procedures for ISO 27001 readiness.
• AWS central security architecture for multiple accounts
• Security Incident & disclosures investigation and classification
• Creation of golden images as per CIS level-1&2 for multiple OS with help of Hashicorp Packer
• Execute regular vulnerability assessments, report the findings and drive the remediation (AWS, Docker, Github, Public endpoints)

Jun 2017 – Nov 2018 · 1 yr 5 mos · India

• On-Call support for various products
• Infrastructure-as-code with terraform and packer
• Deployments for various products
• Helping dev team to migrate applications from legacy to public cloud by creating infrastructure

Apr 2016 – Mar 2017 · 11 mos

• Infrastructure Management across various Datacentres
• Strategic-Planning and Infrastructure designing for application from scratch to achieve vertical and horizontal scaling.
• Mysql and MariaDB administration (tuning and optimization, master-slave and master-master setup, multi-source replication, backup and restoration)
• Automation of daily and repetitive tasks by shell scripts, backup management(application and DB)
• Ensuring High availability of applications (Apache, tomcat, nginx, redis, mysql, Mongo, Cassandra, Kafka, Asterisk, Jboss and postfix mail server)
• Configuration Management with Puppet (File management, patch management, custom packages)
• Information Security(Server and Application security and hardening) according to PCI-DSS and ISO standards
• Documentation of Projects, Architecture of Application, Application flow, Issues faced and their resolution
• Ensuring patching for servers in scope for zero day and other critical bugs
• Infrastructure scanning with Nessus and working on Alienvault Ossim for SIEM
• Central log management for server and audit logs
• Ossec hids as FIMS and IDS setup
• Alienvault Ossim for SIEM
• Central log management and its tuning (ELK setup)
• Virtualization technologies (Citrix-xen)
• Remote Installation server (Cobbler)
• Disaster Recovery(DR) and DRP (Disaster Recovery Process) setup
• Defining Process for making things less error prone.
• Versioning (Git, Gitolite, Gitlab)
• APM tool AppDynamics (Setup and configuration)
• TrendMicro Deep Security Manager (Setup and configuration)
• Central ClamAv, Central Ossec Hids
• HSM Devices (Safenet and Luna)

Apr 2015 – Mar 2017 · 1 yr 11 mos

• Infrastructure Management
• Mysql and MariaDB administration (tuning and optimization, master-slave and master-master setup, multi-source replication, backup and restoration)
• Automation of daily and repetitive tasks by shell scripts, backup management(application and DB)
• Ensuring High availability of applications (Apache, tomcat, nginx, redis, mysql, Mongo, Cassandra, Kafka, Asterisk, Jboss and postfix mail server)
• Configuration Management with Puppet (File management, patch management)
• Information Security(Server and Application security and hardening) according to PCI-DSS and ISO standards
• Documentation of Projects, Architecture of Application, Application flow, Issues faced and their resolution
• Central log management (ELK setup)
• Virtualization technologies (Citrix-xen)
• Remote Installation server (Cobbler)
• Disaster Recovery(DR) and DRP (Disaster Recovery Process) setup
• Versioning (Git, Gitolite, Gitlab)
• APM tool AppDynamics (Setup and configuration)
• TrendMicro Deep Security Manager (Setup and configuration)
• Central ClamAv, Central Ossec Hids

Apr 2014 – Mar 2017 · 2 yrs 11 mos

Dec 2011 – Mar 2014 · 2 yrs 3 mos · Gurgaon, India

• Providing L1 - L3 Support on Linux based production, pre-prod and staging servers.
• Installation, configuration, Backup and troubleshooting of Linux servers.
• Server and application level hardening and security.
• Patch Management using up2date and yum.
• Mysql-administration(backup, restore and retention policy, master-slave and master-master)
• Configuration of Tomcat with Apache server.
• File sharing using NFS server
• Load balancing using LVS(keepalived)
• puppet modules for central configuration Management
• shell scripts for automation

May 2010 – Nov 2011 · 1 yr 6 mos · Gurgaon, India

• Provided Support on Linux/Unix and windows-2003 based live production, staging servers.
• Installation, configuration, maintenance and troubleshooting of AD
• Installation, configuration, Backup and troubleshooting of Linux servers.
• Installation and configuration of Tomcat with Apache servers using mod_jk.
• Patch Management using up2date and yum.
• Configured Jira and Nagios system/network monitoring tools.