Responsibilities:• Manage and provide technical leadership for a mission-focused and high performing team of 15 which includes Security Researchers/Sr. Security Researchers/Principle Security Researchers, particularly - Plan, drive and track processing of malware samples and requests within the team and reviewing workloads.• Manage day-to-day operation which includes malware analysis, content/signature creation, malware hunting, finding Phishing campaigns, Scams and compromised web sites to proactively block and analyze, perform network forensics with tools such as Wireshark, tcpdump, NMAP, Autopsy etc. to improve the detection efficacy of the product.• Responsible for 3rd party (AV-TEST, SE Labs, AV Comparatives, MRG Effitas & PC Magazine) test dispute analysis and submission on the missing detections.• Handle escalations / false positive reports from customers (OEM partners, End users etc..) triggered in anti-spam, URL filtering or anti-malware filtering layers.• Responsible for the quality and responsiveness of customer-facing threat response operations and represent the Threat Response team to other NLOK departments globally.• Responsible for hiring, budgeting, setting goals & objectives and comparing deliverables against objectives as part of monthly and annual performance reviews. Achievements:• Development of ReGen tool which collects similar set of Malware/Phishing URLs and generates Regular Expression and add regex to detection module. It helps to reduce effort of researchers and it improves the detection by 60%.• Development of automation tool to collect Unknown URLs from Telemetry then identify and detect the login based phishing pages.• Development of CVE monitoring tool which improve the detection efficacy.

· Manage and provide technical leadership for a mission-focused and high performing team of Security Researchers/Sr. Security Researchers/Principle Security Researchers, particularly - Plan, drive and track processing of malware samples and requests within the team, reviewing workloads.· Handle escalations / false positive reports from customers (OEM partners, End users etc..) triggered in anti-spam, URL filtering or anti-malware filtering layers.· Responsible for the quality and responsiveness of customer-facing threat response operations and represent the Threat Response team to other NLOK departments globally.· Manage day-to-day operation which includes content/signature creation.· Responsible for 3rd party test dispute analysis and submission on the missing detections.· Provide malware analysis report highlighting initial assessment of malware impact and, where appropriate, suitable for creating cutting-edge PR stories, using local and global team resources.· Publish team’s findings on emerging threats with the security community through external publications, presentations and blogs.· Responsible for hiring activity to ensure the complete team is staffed appropriately with reference to the NortonLifeLock Labs budget and against defined selection criteria / specification.· Provide input into budget process clearly stating what is needed (staff, capital, training etc) in order to achieve the expected service level agreements.· Guide the team to achieve goals within the timelines. Also, act as a bridge between the local engineering, support teams and the Global Security Research team· Have good time management skills to prioritise busy workload and maintaining effective team delivery operation as part of a global team with senior management in different time-zones.· Defined clear objectives for direct reports and compare deliverables against objectives as part of monthly and annual performance reviews.

Responsibilities:·      Managed and mentored a team of 25 people includes Security Analyst, L3 Engineers, Team Leads and supervising nearly 30 + people within the vertical indirectly.·      Supervised End to end management of Cyber Security/ IT Security Service Delivery for a reputed BFSI client which includes SOC/SIEM (Q Radar), Firewalls, IPS, Antivirus (Symantec), Identity & Access Management (Siteminder, OneSign & RSA), Application Security (Nessus, IBM AppScan - SAST/DAST scan), Proxy (ZScaler) etc.·      Took initiatives within IT Security vertical for driving Security Advisories, Threat Intelligence, SOC Automation, conducting Table-Top exercise and developed IR playbooks to ensure the readiness of SOC analysts for incident response.·      Actively participated in the inception, design and deployment of new technologies and initiatives to uplift security monitoring and incident response capabilities and improve the organization’s security posture.·      Performed SOC-CMM maturity assessment to identify the gaps and work on to improve the SOC maturity level.·      Prepared and presented reports to senior management, outlining security risks, incidents, and recommendations for improvement.·      Administered overall security compliance aspects of the project, ensuring the adherence of global security framework ISO 27001, NIST, COBIT & so on by executing internal audits within vertical.·      Acted as an approver for all offshore and onshore project related expenses, perform revenue forecast, project invoice submission & identify new RFS opportunity.Achievements:·      Received excellent feedback and "customer satisfaction award" from the customer which led to the extension of the project as well as got multiple new RFS projects under the radar. This resulted in as award of individual best performer certificate and best SOC team award in Cognizant ERSS vertical.

Responsibilities:• Responsible for delivering Threat Management/Analytics service to 400+ customers.• Analysed security incidents from multiple network devices such as Firewalls, IDS/IPS, Windows DC/Servers, System Application, Databases, Web Servers, Network Devices and provide appropriate solution to detect and defend against emerging threats.• Developed correlation rule base to identify security attacks related to privilege escalation, CnC server communication, attacks from known malicious host, SQL Injection, XSS, known vulnerabilities, possible brute-force attack.• Fine tuning of correlation rule to eliminate false-positive incidents.• Performed proactive and reactive Threat Hunting using advance tools NTAA which is behaviour and entropy-based analysis and Splunk.• Responsible for leading a team of 10 analysts, monitoring, and maintaining the ticket handling Quality, planning of shift to meet operational objectives and POC for the customers.• Work with Dev-Ops and Product Management team for SOC technical needs, cross-departmental relations to report bug in SIEM tool and to enhance the Security Portal features.• Creating weekly and monthly security incident report and conveying complicated technical analysis to senior management via investigation synopses, graphical depictions of attacks, and comprehensive presentations.Achievement:• Got the best performer award certificate for providing the methodical approach to reduce false positives which improved the incident detection capability and quality.

• Providing Vulnerability Scanning, Incident Handling, Incident Management and Incident Response to our customer• Actively worked with top management to set up a SOC to offer Incident Monitoring, Incident Response by using cloud based SIEM as a service to the customers.• Managing 12 members of team.• Defining the incident handling procedure and process.• Deployment and management of Comodo’s NxSIEM.• As a part of Comodo cWatch service, providing the analysis of Web Application Security incidents and Network Security incidents to the customer by using “NxSIEM” and modsecurity rules.• Monitoring and managing customer’s Web application firewall and Linux audit logs.• Defining correlation rules for the meaning full incident generation.• Actively working to eliminate false positive incidents.• Analysis of correlated security incidents, to identify malware infections, web attacks, suspicious behavior, DoS attack, scanning activity etc. and suggest customer remediation steps.• Working with the development team to improve features the in-house developed SIEM tool “NxSIEM”.• Responsible for training the team on incident monitoring, incident analysis and SIEM.• Providing detailed weekly report to the customer on their current security environment to identify and mitigate the security threats.• Responsible for running vulnerability scan (by using web scanners N-Stalker & Netsparker) against the risky domains and provide the report to the customer.

Responsibilities:·      Training security engineers on Symantec MSS portal ·      Analysis of the network attack, blocks, detects and regular health check-ups in the real environment.·      Analysing IDS signatures and the packet details to find out the malicious activity performed.

Responsibilities:·      Deployment and management of Symantec SIEM which involves installation, configuration, health check, administration, identifying bugs and reporting.·      Onboarding the new device from end to end for log monitoring, validating the log source and ensure logs is received in the proper format for Threat analysis.·      Analysis of correlated security incidents to identify malware infections, web attacks, suspicious behaviour, DoS attack, scanning activity etc. and suggest customer remediation steps.·      Suggest signature tuning by whitelisting the signatures & IPs, correlation rule tuning to eliminate false positive incidents.·      Responsible for taking up projects for vulnerability patching in response to Zero-day threats and vulnerabilities.·      Train new hires on SIEM management and incident analysis handling process.·       Awarded a certificate on Innovation for building LCP LAB for the global team.

• Provided L1 Support of VitalQIP IP Management DNS & DHCP tool on multiple platform (like windows, Linux).• Involve installation, configuration & administration of DNS, DHCP servers & IP Management using VitalQIP.• Extending high-end technical support on various servers and ensuring high customer satisfaction levels through prompt solution of their problems.• Effectively negotiating with technical peers and customers to implement technical solutions• Analyzing technical problems and creating solutions involving the use of existing techniques and/or tools• Performing assigned tasks in accordance with established standards and guidelines• Review technical issues, backlog and provide feedback to improve effective services and to reduce team backlog• Find solution for complicated scenarios and update the knowledge base.• Conduct technical discussion periodically• Involve activity with L2 and L3 engineers to raise feasible RFE and reported defect to get raised and work towards to get it implemented.

• Provided technical support for Belkin wireless routers, modem plus router and adapters (Classic as well as Nextnet Routers)• Installation and Configuration of router for cable, DSL and ADSL connection• Configuration of securities on router for wireless network with WEP/WPA/WPA2• Port forwarding for Gaming devices like XBOX, PS3, WII etc.• Creating a case for the issue and providing on call, Email and chat support for the issue such as initial configuration of router, security issues for wireless network, frequent loss of internet connectivity on wireless and wired network• Wireless Bridging in SOHO Router.• Configured the SOHO router as access point.• Configured the router as range extender.