Experienced with DLP, Bluecoat websense, Proofpoint, Trend Micro, and IBM QRadar Enterprise SIEM security tools to monitor network environment. Worked on Information security endpoint tools and Group Policy, Symantec Data Loss Prevention, Symantec End- Point Protection Manager, Symantec Endpoint Encryption, Windows Server Update service, Bluecoat Proxy, Syslogs.Dynamic monitoring and analysis of Intrusion Detection Systems (IDS) to identify security issues for remediation. Analyze, recognize, correlate, and report any potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information from SIEM logs and Checkpoint FW logs.Perform & Oversee Vulnerability assessment/ external penetration testing of scoped systems and applications to identify system vulnerabilities. Recognize, adopt, utilize and share industry best practices in cloud security engineering and architectures. Internal Network Vulnerability Assessments to enhance the Information Security culture of an organization through identifying, analyzing and reporting the gaps which may be used to threaten the CIA of information.

Installed, configured, and monitored SIEM platforms such as AlienVault OSSIM/USM, IGLOO, and IBM Qradar to ensure effective security event management.Conducted incident response activities, including host triage and retrieval, malware analysis, remote system analysis, end-user interviews, and remediation efforts.Researched and tested new security tools and products, making recommendations for their implementation in the SOC environment.Developed processes and procedures to enhance incident response times, improve incident analysis, and optimize overall SOC functions.Provided expertise in network intrusion detection, enabling timely and effective decision-making regarding incident declaration.Documented all activities during incident responses, ensuring comprehensive records of actions taken, and provided regular status updates to leadership throughout the incident lifecycle.Analyzed various network and host-based security appliance logs, such as firewalls, NIDS, HIDS, and syslog, to identify and determine appropriate remediation actions and escalation paths for each incident.Collaborated with cross-functional teams to investigate security incidents and coordinate remediation efforts.Conducted ongoing threat research to stay updated on the latest attack techniques, vulnerabilities, and security best practices.Assisted in the development and execution of security awareness and training programs for employees, promoting a security-conscious culture.Provided technical guidance and support to junior team members, sharing knowledge and expertise to enhance the overall effectiveness of the team.Participated in security incident simulations and tabletop exercises to assess and improve incident response capabilities.

Responsible for the development & implementation of the organization specific Security policies & procedures.Configure, test, document, and implement changes or upgrades to security processes, controls, or products as directed.Work closely within the Security Operations Center (SOC) performing incident response activities when an incident has been discovered, participating in investigations to determine root cause of security incidents, and ensuring that proper protection or corrective measures have been taken.Provide operational support, troubleshooting, and maintenance of Security-related processes, controls, or products.Responsible for assessing systems, processes, and projects against compliance requirements, control objectives, and security best practices.Report status on activities, issues, projects, etc. to senior staff/management, including the effectiveness and efficiency of security activities.Propose new standards, tools, policies, and procedures to improve security, compliance and risk management activities based on security operations findings, or security events or incidentsPresent changes at the Change Advisory Board (CAB) as needed. Works with cross-organizational teams to address alert deficiencies.Collaborate with IT teams and security colleagues to ensure audit readiness, and to prepare for internal and external audits. Making BIA/RA also Pen Testing Procedures.Analyze enterprise networks for indicators of network breaches and present findings and recommendations to Senior leadership management.Formulate and implement a comprehensive cybersecurity strategy for the organization, using external vendors and consulting firms.Investigate and address alerts generated by network security controls, to ensure the integrity of corporate data and information.Analyze implemented security measures, identifying gaps in monitoring and alerting.

As part of the IT Security team, develop and implement CLS IT Strategy in consultation with the CLS IT teams, ensuring that all initiatives are mirrored in respective strategies including the overall CLS StrategyProvide security advice and support for information technology projectsResearch new security related products and services to ensure that CLS is equipped with appropriate industry best tools and solutionsOperate and maintain IT Security controls related to SIEM, DLP, Vulnerability Management, Cyber Threat Intelligence, Endpoint Protection, etc. with an emphasis on cloud deployments and implementations.Conduct IT Security risk assessments for all high impact projects, defining security mitigating controls that impact the technology architectures of CLS, service providers, and business partnersSupport 24 x 7 Security Monitoring and Response on a 1/8 rotationReview and update IT Security procedures to reflect best practice and mitigate current and emerging threatsAssigned ownership of IT Security Monitoring and Response related FRB and Internal Audit finding(s) and effective / timely resolution with IT SecurityMaintain relationships with all third-party IT security vendors and strategic partnersPlanned and implemented security systems and standards by evaluating network and security technologies, developing security requirements for the enterprise infrastructure, and maintaining overall user access in support of enterprise objectives and client service delivery.Researched and provided recommendations on methods, software, and technologies to mitigate risk exposures.Performed security log event analysis taking appropriate action as directed or required to address security risk issues or event/incidents.Work closely with teams within Security Operations, Security Engineering, Risk & Compliance, IT, and Product Security to integrate vulnerability management into all elements of Samsara’s technology portfolio

Analyze Vulnerabilities reports from various scans and assessments by acting on high risk / critical Vulnerabilities to other Vulnerabilities. Management of system security and file system security policies and analyzing systems to determine ways of improving performance Conducting routine checks, warranty claims, hardware failure, replacement, software up-gradation, download patches and hotfixes. Infrastructure deployment from the very basis to complete function and Information Security Policy as per PCI-DSS Audit Compliance. Review controls related to various business process of entity for compliance with COSO framework.Responsible for conducting structured security certification and accreditation(C&A) activities utilizing the Risk Management Framework and in compliance with the Federal Information Security Modernization Act (FISMA) requirements Performing OS updates and upgrading application.Used Splunk to monitoring/metric collection for applications in a cloud-based environment. Maintaining all shared resource and monitor free and utilized disk space. Responsible of setting up projector, audio/video devices for meetings and lectures. Keeping and tracking inventory of all loaner laptops issued to students and staffs.