Nov 2021 – Mar 2023 · 1 yr 4 mos · Hyderabad, Telangana, India · Hybrid

•  AWS Professional Services: Provided security consulting to AWS customers, guiding them on migrating to AWS, integrating their infrastructure with AWS, and securing their infrastructure.
•  Automation: Automated infrastructure creation processes using Terraform and custom-built tools with Python.
•  Security Consulting: Offered expert advice on best practices for cloud security, compliance, and risk management.
•  Custom Solutions: Developed custom tools and solutions to meet specific customer needs, enhancing their security posture.
•  Stakeholder Engagement: Worked closely with customers, understanding their requirements, and providing tailored solutions to ensure their cloud environments were secure and efficient.
•  AWS Services: AWS Secrets Manager, AWS Certificate Manager, AWS CloudHSM (hardware security module), AWS Key Management Service (KMS), Amazon Macie, AWS Single Sign-On (SSO), Amazon Cognito, AWS Resource Access Manager, AWS Directory Service, AWS Identity and Access Management (IAM), AWS Firewall Manager, AWS Web Application Firewall (WAF), AWS Shield, AWS CloudTrail, Amazon Inspector, AWS Security Hub, AWS Config, Amazon GuardDuty, AWS IoT Device Defender, AWS Artifact, CloudWatch, Amazon EventBridge, CloudFormation, Lambda, Simple Notification Service, Config

Feb 2020 – Nov 2021 · 1 yr 9 mos · Bengaluru, Karnataka, India · Hybrid

• o Vulnerability Management
•  Work on multiple Vulnerability Management tools like Qualys, Tenable, Nessus.
•  Configure and Schedule the vulnerability scan on the different types of assets like Workstations, Servers, Databases, Web Applications, Network Devices, Cloud Asses, etc.
•  Generate the Vulnerability Report, Prioritize the Vulnerabilities, share it with the respective Team, and help them to fix their vulnerabilities.
•  Troubleshoot and fix the Scan and Agent related issues.
• o Compliance Assessment
•  Perform the Compliance Assessment of On-Prem and Cloud Assets.
•  Using different Compliance Assessment tools like Qualys Policy Compliance, Qualys PCI Compliance, Cloud Custodian, OneTrust to perform the assessment.
•  Perform Assessment against well-known Compliance Frameworks like ISO, CIS, NIST, CMMC, COBIT, etc.
• o Security Automation
•  Automate the Vulnerability Scan Process.
•  Automate the Compliance Scan Process.
•  Automate the Cloud Scan Process (AWS, Azure, & GCP).
•  Automate the Risk Prioritization Process.
•  Automate the Reporting Process.
•  Using core python and API to automate the stuff.
•  Collect data from the different data sources and create a Unified Risk System.
•  Automate the Alerts & Notification of Security incidents and sending them to different tools like Outlook, Team, Slack, Splunk, Mobile, etc to perform quick action.
• o Business Intelligence and Reporting
•  Perform different types of analysis like Prediction Analysis, Ageing Analysis, SLA Analysis, Performance Analysis, etc.
•  Create different types of Dashboards like Live Security Dashboard, Historical Security Dashboard, Incident Status Dashboard, etc.
•  Create different types of Reports for Higher Management.
•  Analyze and Integrate the data from different types of Data Sources like Security Tools, Collaboration Tools, Ticketing Tools, Databases, etc.
•  Schedule the report to keep the data up to date.
•  Perform ETL process on data and create models to improve the performance.

Nov 2017 – Feb 2020 · 2 yrs 3 mos · Gurugram, Haryana, India · On-site

• o Security Risk Review
•  Performed the Security Risk Assessment of Change Management Ticket.
•  Followed the company Policy and Guidelines to perform the Security Risk Assessment.
•  If change violated the company policy, followed the Risk Management Process (Risk Mitigation, Exception, TSR, etc.)
•  Analyzed End to End traffic based on user's change request.
•  Used multiple security tools during this process like Virus Total, SSL Labs, Checkpoint & Paloalto Traffic Categorization, etc.
• o Vulnerability Management
•  Worked on multiple Vulnerability Management tools like Qualys, Tenable, Nessus, Flexera, AppThority, Expender, AirWatch, Skybox, Expanse, Aqua, Blackduck.
•  Configured and Scheduled the vulnerability scan on the different types of assets like Workstations, Servers, Databases, Web Applications, Network Devices, Cloud Asses, etc.
•  Generated the Vulnerability Reports, Prioritized the Vulnerabilities, share them with the respective Team, and helped them to fix their vulnerabilities.
•  Troubleshoot and fix the Scan and Agent related issues.
• o Penetration Testing
•  Performed the Penetration Testing of Web Applications.
•  Manual and Automated Penetration Testing.
•  Used different types of Penetration Tools like Burp, Web Inspect, etc.
•  Generated Report and shared with Owner / Client.
• o Firewall Assessment
•  Performed the Assessment of Next Gen Firewalls like Checkpoint, Palo Alto.
•  Assessed the Inactive Rules, Violated Rules, Risky Protocol Rules, Allowed All Rules, etc.
•  Generate the Report, share it with the respective Team, and help them to fix it.
• o Security Automation
•  Automate the Vulnerability Scan Process.
•  Automate the Cloud Scan Process (AWS, Azure, & GCP).
•  Automate the perimeter scanning & Internal/External domain identification using Expander.

May 2015 – Nov 2017 · 2 yrs 6 mos · Noida, Uttar Pradesh, India · On-site

• o Network Security Operation
•  Worked on many Network Security Devices like Firewall (Checkpoint Fortigate, Palo Alto, Cisco), Proxy (Websense and Bluecoat), SIEM, IPS/IDS, Honeypots, Load Balancer, VPN, DLP.
•  Worked on Routers, Switches, and their troubleshooting.
•  Harden the Network Devices.
•  Worked on Network Protocols like HTTP, TCP, SSL, DNS, DHCP.
•  Installed, Upgraded, Maintained, Troubleshoot, and Monitored the Multi-Vendor Firewall.
•  Worked with Auditor to perform the audit of Network devices.
• o Secure Network Architecture
•  Designed and Implemented the Security part of the new Datacenter.
• o On-Prem to Cloud Migration
•  Certified Cloud Solution Architect with full exposer of Cloud Architecting, Operation, Monitoring, Security, Automation (CI/CD) & Compliance.
•  Performed the Migration of On-Prem Data Center to Cloud Data Center.
• o Security Operation Center
•  Worked on multiple Network Traffic Monitor tools like Wireshark, Burp Suite, TCP Dump.
•  Worked in the Global Support team so I can easily manage the shift, timing, people, team, priority task, meetings, client, vendors.
•  Monitor and log security concerns and incidents, and generate reports, and track performance.

Jun 2014 – Jul 2014 · 1 mo · Noida, Uttar Pradesh, India · On-site