Security Administration• Ensure all GID system managed by GSO are working fine for daily operations.• Handling the patching activity of all GSO servers without any interruption.• Giving continuous feedbacks and pointing out issues for improvement of sec admin track.• Handling GSO monitoring events related to SC. Also, other monitoring events handled on time.• Handling follow up on curvature tickets and the incidents raise in a timely manner.• Involved in administration of the GSO Case Management System.

Vulnerability Management:• Ensure critical and exploitable vulnerabilities are communicated to System owners.• Communicate the risk in an effective manner and ensure remediation at the earliest.• Handling all real time scan request in CORP and PSNET domain• GIB monthly KPI report preparation without error.• Worked on SC upgrade activity along with TIMS validation• Troubleshooting on different issue occurred in SC and documenting the same in confluence if required.• Providing required help/KT to the new joiners in the team .• Leading the follow up process on 2 critical vulnerabilities i.e. MS-17-011 and bluekeep.

Splunk SIEM:• Monitors & manage IT Security in Novo Nordisk. This includes complex analysis of logs from systems across the organization and monitors network traffic in Splunk by performing regular searches through logged network traffic. • Excellence in managing IT systems owned by Global Security Operations across the world. • Analysing the logs as per relevant events and take an action as per reputation of malicious file or threat to secure the organization network and hosts. • Creating network policies and authorisation roles and defending against unauthorised access, modification and destruction. • Working on different kind of alerts and handling events accordingly and as needed identifies potential threats and respond to internally and externally. • Blocking malicious/phishing sites in Zscaler integrated Cloud security solution software to protect against cyber-attack and theft detected. • Stay current in all areas of information technology concerning security breaches or malicious attacks. Communicate with appropriate stakeholders in the organization to help ensure the identified security incidents get resolved. • Handling the phishing events alerts which also include sandboxing.• Responds to different security queries which comes to GSO mailbox

ArcSight SIEM: • Responsible for monitoring and analyzing information security events and initiating information security incident tickets. • Event analysis, Attack identification, deep investigation of potential attack and potentially compromised system. • Provide recommendations to optimize ArcSight detection capabilities. • Generate required SOC report. IDS/IPS: • Manage, operate and analyze data from corporate security systems including CISCO Source fire, IBM Proventia, Check Point IPS. • Monitored events responded to incidents and reported findings.• Reap the benefits of application control and intrusion protection (IPS), as well as extensibility support for additional security capabilities. • Log Analysis.• Fine Tuning of the events. Vulnerability and Threat intelligence service (VaTIS): • Responsible role in carryout VaTIS process where we cover vulnerability identified in any product or any new threat identified in wild and sends the advisory globally. • Covering different vulnerability, threat and Zero Day exploit identified in wild and responsible to notify all via advisory. • Following up different patching team to work on patching and providing remediation steps. Antivirus: • We have Symantec antivirus in our environment and having brief knowledge of this. Qualys guard Vulnerability management: • Responsible to do vulnerability scanning using Qualys guard. This is based on our current Global Process and should be used in conjunction with the information seeds dealing each region’s local requirements.ARBOR FOR DDOS/DOS • At a time when availability has never been more important, a DDoS attack has never been more innovative, dynamic or consequential. It won’t come as any surprise to security professionals that the modern DDoS attack is increasing in sophistication, scale and frequency. Responsible for monitoring events in ARBOR and report the report findings to MIM.