Oct 2014 – Dec 2017 · 3 yrs 2 mos · Mumbai Area, India

• Technical leader with hands-on experience, leading a team of Analysts and responsible for managing 24x7 IT Security operation function in conducting the following functions –
• o Security Information and Event Management (SIEM)
• Ensure all logs from various devices like servers, firewalls, network devices are being captured
• Create new correlation rules to identify suspicious activities
• Introduce new and efficient way of monitoring these logs
• o Single Sign on (SSO)
• Integrate new business applications to help business by providing ease to use those applications
• o Cyber Security awareness
• Run periodic email phishing campaign globally for all 50 locations
• Create and circulate security awareness posters to all employees on a topic each month
• Conduct security induction for new hires to make sure they are well aware with the policies
• o Unauthorized Changes monitoring
• Monitor the changes preformed on firewall and network devices to identify if the changes are approved before committing
• o Web risk assessment
• Create and maintain checklist which needs to be followed before each website is hosted internally or externally
• Perform risk assessment of websites and make sure they are adhering the checklist
• o Software assessment
• Perform the software assessment for each software which is being deployed on the network
• o Vulnerability Assessment
• Carry out periodic VA scans
• Suggest best practice to global IT teams
• Generate reports for top management
• Follow-up to make sure that risks are mitigated
• o Antivirus Management
• Maintain the compliance for desktops & servers clients
• Report and take necessary action if virus/Trojan is detected
• o Password Vault :- Cyber Ark
• Provide a platform for storing the password for generic / service accounts
• Identify such accounts and ensure that they are using this service
• o Various security controls Implementation and Compliance management.

Jan 2012 – Oct 2014 · 2 yrs 9 mos

• Technical leader with hands-on experience, responsible for managing 24x7 Security Operations Centre (SOC) and leading a team of Security Analysts in conducting the various functions – Data Loss Prevention, Risk Assessment, Unauthorized Changes monitoring, Network and Host based Intrusion Detection, Incident Response Management, Vulnerability Assessment, Reporting & Remediation Management, Content Filtering, Endpoint Security, Data Encryption, security controls/tools implementation and Compliance management.

Jun 2010 – Jan 2012 · 1 yr 7 mos

• Responsible for 24x7 monitoring of Security Operations Centre (SOC) – SIEM, IPS, Risk Assessment, Network and Host based Intrusion Detection, Incident Response Management, Vulnerability Assessment, Content Filtering, Endpoint Security, Email Security, External DNS, SSl certificates, etc.
• Mentoring the team, reviewing and uplifting the SOC.

Jun 2007 – Jun 2010 · 3 yrs

• Part of for 24x7 monitoring of Security Operations Centre (SOC) – SIEM, IPS, Vulnerability Assessment, Content Filtering, Antivirus, Email Security, External DNS, etc.
• Drawing and analysing daily, weekly and monthly reports.

Jun 2005 – Jun 2007 · 2 yrs

• Joined in Ocwen Financial, company got spin off and moved to Altisource.