(ISC)² Bangalore chapter is a not-for-profit organization which meets regularly and conducts events centered around various aspects of Cyber Security providing an opportunity towards continuous learning and networking for InfoSec professionals. Chapter members are security enthusiasts, (ISC)² credential holders like CISSP, CSSLP & etc., and students.

Encora is a leader in the large and rapidly growing outsourced product development market. We partner primarily with fast-growing tech companies that are driving innovation and growth within their industries. Through proprietary agile development capabilities, deep micro-industry vertical expertise, and a global talent pool, we drive transformational outcomes for clients. Business Proposition role: Set it up and head the operations as Global GSRC head with CISO responsibilities for Encora Digital LLC (9k+ employees). Led security processes, technology, and teams responsible for monitoring security logs, assessing threats, vulnerability management and risks to Encora Infrastructure. Lead diverse global team of 12 associates.

I have mentored and grown the cyber response practice by a factor of three, which aids clients in the areas of detection, protection, and response. Engaged in threat hunting and managed incident response for clients in the banking, financial services, electronic commerce, and manufacturing sectors. Involved in digital forensics, containment, and restoration of all IT functions in response to a global malware outbreak.Managing Cyber Response solution.Pre-Cyber IR & Post-Cyber Response servicesThreat Hunting/LandscapingDigital Forensic servicesSimulation activities and much moreSecurity Assessment

Worked as Technical Architect for Data protection solution for cloud and on-premises.

Handles solution consultant role for security infrastructure projects for a telecom client.

 Security Test Planning and setting the definition of done (DoD). Secure Architecture and Design Review for McAfee Products. Threat Modelling for risk assessment and threat mitigation. Worked on Web Application Security Testing for Web Platform Projects using tools like Burp Suite,Fiddler, McAfee Vulnerability Manager. Manual testing of OWASP Top 10 Vulnerabilities like Injection attacks, XSS, and Session Management etc. Conducted Customers / Sales partners / Tech Support team product training, and presentation- Activeparticipating and sync-up with Tech-support teams in helping to solve customer issues.Planning and coordination of all project deliverables for NDLP mainline and sustenance release.o Creating QA plans and managing the execution of QA activities for NDLP QA teams.o Reviewing PRDs, Functional specifications and Tests Plans.o Estimating resource requirements and re-prioritizing the tests and tasks as per the milestone deliverable.o Being a Scrum Master and working with a diverse team spanning throughout the UK and India to release a new feature set.o Managed and took ownership of activities related to DLP product suites and sustenance activity of theproject.o Led a team of QA members and managed client escalation for McAfee Enterprise products.o Experienced in UI automation with Selenium on WStest frameworko Handled UAT, Customer Demo and Beta testing of the product.o Guided the team members on the Automation side for feature testing and sustenance activityo Worked with technical writer and UX team for finalizing the product documents and product UI design. Handled Audits (Product & Security)o Created tailored risk-based audit plans allowing improved focus on key critical business areas.o Part of the internal audit team for Test case management/ Automation framework.o Worked with SOC team to conduct security investigation using vulnerability manager and DLP.o Agile/Scrum Process Audit

Worked as Information Security Consultant for ITSS team, which maintain Security Operation Centre, which manages security for India’s largest FMCG – ITC Ltd. The role involves both operational and consultancy for ITC’s dual 3 Tier Gateway security setup.Projects Completed: SIEM Implementation (Netforensics)Complete implementation of SIEM in the ITC Security Infrastructure. The tool has been deployed on both datacenters and hence integrate all the security devices which ease to the manageability of security incidents.Responsibilities: Managed a team of 12 members who are consistently engaged in 24X7 Security Alert Monitoring, Vulnerability Assessment for ITC InfoTech Clients. Liaisoned with Vendor SLA, and Vendor Interaction/Management to minimize any business hindrance. Supervised Monthly Security reports provided to the stakeholders & provide an update on any security incident with RCA. Prepared detail practices and procedures for technical processes Showcased problem-solving skills in case of unplanned downtime. Maintaining Change Management Logs Book, CMDB, Incident Management & Problem Management. Recognizes successful/potential intrusions and compromises through review and analysis of relevant event detail information. Differentiates false positives from true intrusion attempts. Actively investigates the latest in security vulnerabilities, advisories, incidents, and penetration techniques and notifies concerned when appropriate. Knowledgebase update to effectively communicate information internally and to customers. Educated business unit managers, IT development team, and the user community about risks and security controls. Adhere to a code of ethics governing professional conduct & the appropriateness of hacking. Understand common cyber-attacks, e.g., social engineering, phishing, identity theft, URL obfuscation, Trojans, dumpster diving, insider attacks, etc., and can undertake the appropriate evasion techniques and countermeasures.

• Worked as Security Research Engineer for product vulnerabilities listed on NVD web site. • Developed & tested various signatures for the IPS at the protocol level, application level & constructing the signatures in the deliverable format.• Developed Advisories for the latest threat available in the National Vulnerability database. The advisories include the threats related to SQL Injection, Cross-Site Scripting, Buffer overflow etc.• Developed various generic signatures for Malware (Worms, Trojan, and Spywares.)• Also, involved in the testing of Signatures of peer’s members. Handled weekly release process of the Signature pack and release to the regression team and customer.Knowledge of Tools: Nessus, Core Impact, Metasploit, Intruder pro, NGREP, Nmap, Karalon, Blade, Ethereal, Netcat, SAINT, ISS, Aleton Firewall, Checkpoint, NetForsensic.