Currently working as Information security analyst in WSSC having total 18.5 years of diverse work experience in the area of Enterprise IT Security that contains Identity and Access Management OIM, OAM Products, Application security, Data security, Data Vulnerability, Endpoint Security and Network Security.• CISO reporting for security tools.• Access management and Information audit assistance.• Monitor computer networks for security issues.• Investigate security breaches and other cybersecurity incidents.• Install security measures and operate software to protect systems and information infrastructure, including firewalls and data encryption programs.• Document security breaches and assess the damage they cause.• Work with the security team to perform tests and uncover network vulnerabilities.• Fix detected vulnerabilities to maintain a high-security standard.• Installation and configuration of Varonis software, agents and collectors • Develop company-wide best practices for IT security.• Perform penetration testing.• Analyze IT requirements and provide objective advice on the use of IT security requirements• Gather feedback from end users to continue to improve systems• Design, analyze and implement efficient IT security systems• Engagement for setting up SPLUNK SIEM solution.• Conduct web application security assessments and consult with development teams on how to integrate improved security best practices into their code,• Prepare and document standard operating procedures and protocols; proactively work with team members to address security and compliance issues in a timely manner,• Configure and troubleshoot pen testing and vulnerability scans to identify vulnerabilities in web and mobile applications and provide supporting documentation which includes testing methodology and findings,• Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks.

• Production Support for Network Security, Infrasec security, Data security and IDAM tools.• Working with Change Management/ Release Managers on the evaluation of change events• Installation and configuration of Varonis software, agents and collectors• Acting as a primary stakeholder in the underlying information technology (IT) operational processes and functions that support the service, provide direction and monitor all significant activities so the service is delivered successfully.• Working on Varonis Datadvantage, management of collectors and File server onboarding and support.• Coordinate and manage the overall service provided to a customer end-to-end.• Drive continuous improvement, delivering initiatives to improve performance, processes and controls to support tools• Performance and capacity monitoring for local applications, provide proper remediation plan to address performance and capacity issues• Assists manager in resolving high level conflicts or program issues by making decisions or negotiating with affected senior management• Ensures accomplishment of Support Service Level Objectives and Key Performance Indicators working in partnership with Service Providers and Software Vendors• Jointly with Partner, establishes, collaborates and monitors a Continuous Improvement plan to identify and remove the service delivery gaps• Establishes weekly and monthly service status review meetings with key stakeholders (Business , IS and Service Providers)• Ensures and promotes ITIL best practices for Incident, Problem, Change, Release management within IS and Service Providers• Work with other service managers and product owners to balance and prioritize services to meet overall customer requirements, constraints, and objectives.

IAM analyst, Information Security Analyst, Security Operation, Varonis

• Design, implement and monitor security measures for the protection of websites,• Design web application security architecture for internal and external web applications,• Identify, define & implement system security requirements for external and internal facing web applications.• Palo Alto Firewall development and operation.• Application security analysis in Azure environment.• Build, deployment and support of Palo Alto firewalls in AWS and Azure environment.• Global Protect VPN configuration for multiple world regions.• Management of 70 Palo Alto firewalls through Panorama.• Performance and Health check monitoring.• Firewall rule analysis.• To troubleshoot issues related with network traffic.• To help in establishing connectivity with cloud providers and data centers via Palo Alto firewalls (e.g.• S2S, Over MPLS, etc.).• Security Policy Management in the firewall.• Management of Firewall rule-set, Keep track of the configuration, cleansing, validation of the firewall rule sets on periodic basis.• Coordination with AWS infrastructure team on regular basis to ensure that no conflict on the rules opened on Palo Alto and SG at AWS front.• To manage the wildfire, IPS module of the Palo Alto firewalls, Threat feed, etc.• Coordinate with product vendor, application teams, and Network teams for issues.• Solution fine tuning recommendations.• Configuration of SOC SIEM solution in Building and operation Phase• Patch management.• Monitor and analyze security data; produce and present security reports for management,• Troubleshoot and document security incidents,• Apply the NIST Special Publication 800-64, Security Considerations in the SDLC standards to the Web Services sites and applications, and• Apply the internal publication, Website Developers Checklist, requirements to the Web Services sites and applications.

• Palo Alto Firewall development and operation.• Application security analysis in Azure environment.• Build, deployment and support of Palo Alto firewalls in AWS and Azure environment.• Global Protect VPN configuration for multiple world regions.• Management of 70 Palo Alto firewalls through Panorama.• Performance and Health check monitoring.• Firewall rule analysis.• Knowledge transfer and assessment of the existing solutions (TrendMicro Deep Security, Palo Alto firewall, AWS security).• Creation of Standard operation procedure and Workbooks.• To participate in discussions around Akamai DDoS and Alert logic insight manager with vendors and understand the support functions of it post deployment to be managed.• Leveraging the RL incident management process, Configuration process and integrated into Security operations.• Discussion with team and assessment of RL configuration management tool to integrate the process and creation of specific distribution list etc.• Define and document operational and service reporting templates.• Define and agree on the RACI matrix.• Assessment and design of SIEM solution for Ralph Lauren.• Configuration of SIEM and SOC solution Incident and alarm response procedures, engagement with operations teams to manage incidents• Define/Processing the existing of processes and procedures based on customer and Infosys security team feedback.• Measure incident and change management incident response and resolution times and baseline the SLA.• Review/Update the reporting templates.

• Worked closely with Big Lots IT Security to understand current event monitoring processes and define and reach agreement on processes to be followed by Infosys for remote SIEM monitoring.• Document the agreed processes for event classification and escalation to Big Lots IT Security Team.• Ensure the documents are reviewed quarterly with Big Lots' IT SEC SOC Manager and/or Big Lots' IT SEC Director.• Make updates as necessary.• Utilize well-defined and documented procedures to properly triage, respond, and report and document security events.• Implement a Duty Log to record details of events, significant shift activities and further actions required of oncoming shift personnel to ensure continuity of operations.• Engaged in SOC solution for Building, Design and operation with SIEM.

• Interaction with Business Owners and IT owners of around hundreds of applications for details and compiling role analysis and document the findings in a sheet and finally remediation action.• Providing a complete view of access-related data that includes the user's access; the "who, why, how, and where" of that access; whether the access violates defined SoD policies; how the access was granted to the user, whether it was previously certified, and activity associated with the access.• Automating the entire process of certifying and reviewing access and removing inappropriately assigned access.• Providing evidence that access is being defined according to established policies.• Enabling changes in access based on changes in users' roles to minimize the disruptive effects of change on user productivity.

• Responsible for the Migration of OAM 10g to OAM 11g Application• Implementation of new requirement to the OAM for integration, user control.• Overall Product optimization, Solution recommendation roadmap for further enhancement to their current Infrastructure.

• Overall Product Maintenance L3 support, Requirement gathering and implementation of• New features in the existing Product. Handling a team of 3 members• Responsible for the Application end to end L3 support.• Implementation of new requirement to the OAM for integration, user control.• Overall Product optimization, Solution recommendation roadmap for further enhancement to their current Infrastructure.

• Tools/Technology: Oracle Identity Manager, Oracle, MySQL, Java, UNIX.• Description: Worked as application analyst and Technical lead for migration of OIM from 9.0.1.3.3 to OIM 9.1.0.2.• End to end analysis of OIM product.• UI remediation.• Testing.• Business components testing.• Migration of application to new environment.• Installation of application in clustered and non-clustered environments.

• Project: Design and implementation of new Component from Scratch for EFI Color Express Product Role: Software Programmer • Tools/Technology: wxWidgets, C, C++, Visual Studio.• Design and implementation of new Component from Scratch for EFI Color Express Product which is used to verify Color for Quality and Analysis.• Development & Implementation of new features using C, C++, Widgets and integrating them with the existing software on Visual Studio 2005.• Working on Efi Color Proof XF Product on Client side which is Client Server Architecture Product.• Addition of new features and bug fixing in the existing product for future release.• Requirement gathering, Clarification Issue requirement with clients & Implementation on coding phase.• Prepared test cases for new features and completed modules.

• Software Design, Coding and UI development of Statistical Product in C++ and VC++.• Communicating with the Researchers and Developers for transfer of Technical know-how.• Restructuring existing Source codes using OOPs, OOAD and UML.