Dec 2017 – Nov 2021 · 3 yrs 11 mos · Greater Hyderabad Area

• Part of Cyber Security Defence team.
• Leading Security Governance team, handling exceptions against Security Policy.
• Work closely with other teams within Cyber Security Defence to stop data exfiltration and increase threat hunting capability.
• Automation, to reduce manual efforts in triaging of events.
• Service deliverables according to established Service Level Agreement.
• Proxy/Firewall rule governance and management.
• Team management which includes performance management, capacity planning, resource management and service level optimisation.
• Process related risk management and review with Risk Assessment team to identify and close the gaps.
• Identification of process improvements for better Service Operations & Delivery.
• BCP/DRP planning to avoid disruptions.

Jun 2015 – Dec 2017 · 2 yrs 6 mos · Greater Hyderabad Area

• As a SDM my primary job is to provide technical security advisory for the customers.
• Other job related roles and responsibilities include.
• Trusted security and compliance advisor for 20+ customers.
• The customer background includes Federal, Finance, Healthcare, Education, Retailing etc.
• Perform service transition activities to on-board customers into the SOCVue services such as deployment of SecureVue, installation of Qualys scanner and helping in other post-sales activities.
• Validate all service deliverables according to established Service Level Agreement in the SOCVue Service Description.
• Conduct regular communication status calls with customers regarding node deployments, triggered alerts and heath check status on regular basis.
• Proactively manage the security and compliance profiles of the customers with the support of SOC team.
• Process improvements for better SOC Service Operations & Delivery and communicate with management.
• Identification of product enhancements gathered during the course of service delivery. Properly document and communicate these to the Product Engineering team.
• Track incident activity and ensure all information is collected and passed along to the customer as required.
• Conduct training sessions for the team on regular basis.

Feb 2013 – Jun 2015 · 2 yrs 4 mos · Greater Chennai Area

• Security monitoring of all the critical client applications.
• Use of tripwire for checking file integrity.
• Helping new applications to certify to PCI and during existing applications re-certifications.
• Deploying new custom parsers or editing existing custom parsers as per requirements (Universal Device Support - UDS).
• Events analysis for finding RCA when attacks are detected.
• Integration of event sources such as Windows, UNIX, firewalls etc.
• Designing ad hoc reports for request from client or other stakeholders as per PCI standards.
• Resolve problems of log interruptions from event sources.
• Coordinating with onsite, client and other internal teams for information or incase of issues.
• Work on tickets assigned to SEM team for various activities like adding/decommissioning of devices, creating alerts as per use case, ad hoc report requirements etc.

Jan 2010 – Feb 2013 · 3 yrs 1 mo · Greater Hyderabad Area

• Designing new alerts as per use cases and enhancing existing alerts.
• Security advisories to Information Security team.
• Raising security incidents in case of attacks and following up for proper closure.
• Real time monitoring of network using SIEM and doing post mortem of security attacks.
• To do RCA for security incidents.
• Helping Information Security team in implementing security policies.
• Backup Management of logs as per Telecom Registry Authority of India (TRAI) standard.
• Universal Device Support code developments for devices not supported by RSA enVision.
• Conducting Knowledge Sharing Sessions.
• RSA enVision System Administration.
• Trouble shooting various device configuration issues.
• Designing customize reports for Compliance requirements.