Proven experience in appsec with focus on AI/ML system,MLSecOps practices and large language Models.Develop and implement security policies, standards, and procedures,access controls, encryption, and data protection.Collaborate with development and operations teams to integrate security practices into the SDLC, including continuous integration/ continuous deployment (CI/CD) pipelines.Experience and Compliance Testing IT Infrastructure, and exposure to GRC tool such as ArcherMonitor and analyze logs and alerts to detect and respond to security incidents, implementing incident response plans.Provide guidance and support to development teams in implementing secure coding practices and conducting security testing.Strong understanding of DevOps methodologies and experience with CI/CD pipelines and tools (e.g., Jenkins, GitHub, SonarQube).In-depth knowledge of cloud security best practices, industry standards, and compliance frameworks Experience with Infrastructure-as-Code (IaC) tools like AWS,Familiarity with security scanning and monitoring tools, such as AWS Security Hub, GuardDuty, Inspector, or third-party solutions.Strong understanding in firewalls, VPNs, and secure network architectures.Knowledge of secure coding practices and experience with application security testing tools (e.g., SAST, DAST, SCA,fuzzing, and secure coding patterns).Participate in incident handling and other related duties to support the information security function.Network design (IPv4 and IPv6, VLANs, BYOIP, Fortinet technologies,Cloudflare)Cloud technologies (focusing on AWS and Azure), and Containerization/Orchestration (Terraform, Vault), including Docker & Kubernetes.Strong understanding of key security concepts like WAF, Exabeam, Application security, network security, Events Analysis, GraphQL and Identity access management.Reviewing and enhancing the rules in security devices/SaaS based applications such as WAF, DLP, APT, IDS, IPS, Firewalls, EDR, CASB.

Cyber Security Risk Management:Identify, prioritize and analyze risks of damage to relevant stakeholders by defining assets, damage scenarios, risk related proprieties and attributes, relevant stakeholders, impact categories (including safety, privacy, financial, operational, quality), phases (innovation, pre-dev, dev, production and manufacturing, maintenance and servicing, decommissioning)For each identified, implement: risk analysis, weighting and rating (using Cyber Security Assurance Level (CAL)), breakdown the risk, define and drive the implementation of the corrective actions.Cyber Security status and report to management:Provides recurring assessment of the project status in terms of Cyber SecurityCreate and update high level project Cyber Security status dashboard: status, risks, action, escalationReport projects status in the management.Api testing, testing in an agile environment ,Xrey tools,STLC,AR/VR/MR setup.Support the definition/review of the system architecture to allocate the cyber security requirements and derive subsystem requirements (mechanical, electric, electronic and software).Define risk treatment verification strategy: scope, work products or process under verification, methods and tools for verification and review, entry/exit and pass/fail criteria and describe the approach to handle failed tests and verification results.Define and drive the implementation of risk treatment validation strategy, that includes vulnerability scanning, penetration testing, fuzz testing, interface testing, Buffer OverFlow,Crossite scripting, sql Injection on checkmark,Fortify,Jfrog.Ability to work with APIs and Plugins to integrate security tools into established CI/CD pipelines.Knowledge of PCI-DSS, HIPPA, NIST and GDPR Standards and Policies and the associated certification and audit processes.SCADA protocols and communication standards ,Enterprise Fraud Risk Management,MYSQL,Docker,Digital Forensic Evidence Extraction ...

Fraud Risk Management,Cyber Forensics, Deception technology, SharePoint,IoT, Automation Anywhere,IR4.0,Cloud Computing , McAfee SIEM and IT-INFRA Security,Bigadata Hadoop and kuberneties , Redhat Anisble.Maintained 15 VMware ESX server connected with two EMC VNX SAN box and managed of two Cisco MDS switch using Fabric Device management tool, Research emerging threats,Hands on experience on LTO,7,8,9 and zoning, Lead security reviews and audits to ensure compliance with relevant regulations (e.g., GDPR, HIPAA) and industry standards (e.g., ISO 27001, NIST),Provide technical guidance and mentorship to security operations teams and other IT staff, promoting a security-conscious culture within the organization.Conduct risk assessments and vulnerability assessments to identify security gaps and recommend appropriate controls and countermeasures.Excellent in patches and packages installation on Linux/Unix Environment.core concepts of security incident response, e.g., the typical phases of response, vulnerabilities vs threats vs actors,IoCs,Implemented cloud services IAAS, PAAS and SaaS which include Openstack , Docker and Openshift Cyberark,Ping identity ,Exabeam,Okta CASB,Cloud Platform: AWS, AZURE and GPC,stack cloud tier .SDLC: Agile, Waterfall MethodologiesDatabase: SQL Server 2008/2012, PL/SQL, MS Access, DB2,MangoDb,Cloudera.Virtualization: VMware,KVM, VCenter, Nutanix Container-based deployments using Docker, working with Docker images, Docker Hub and Docker-registries and Kubernetes.Designed and implemented a continuous build-test-deployment (CI/CD) system with multiple component pipelines using Jenkins to support weekly releases and out-of-cycle releases based on business needs.Level 1,2,3 & 4 Projects based on the client requirement.Compliance : ISO27001,GDPR,SOX,HIPPA,FISMA ,SOC2 & FFIEC,CERT-InProject Completed: Washington trust Bank, Cloumbia_BT Bank,First Citizen Bank,Santander Bank,Glacier Bank,FHN Bank,Global Payments...

Risk & Posture Assessment,Security Scan,Security Model and Concepts .Project Completed : Skin Cancer detection Model, Image structure Model,NLP,PCA,Linear & Non-Linear Regression,SVM,Resampling,Customer Segmentation Model,Adaptive & Predictive Next-Best-Action models,Quality Assurance Models,Neural networks,Clustering,ANOVA.SecOps and tools :Perform Vulnerability Scans on container Environments.Identify OWASP risks using different tools.Analyse data Stored in the DB and finding any anomalies in terms of encryptions(Example joins on encrypted Columns),Key rotation etc..Conduct Security assessments against web applications,APIs,firmware across a variety of technology stacks.Partner effectively with development,InfoSec and Infrastructure teams to integrate security.Drive Improvements in the security testing practice to include execution methodology and metrics.Familiarity with OWASP top 10 and implementing coding techniques in its mitigation.Experience coordinating and performing vulnerability assessments through the use of automated and manual tools (Elastic Search, Jira, Crowdstrike, claroty,Tenable, NMAP, etc).Tools Experience :Veracode,checkmark,Find Bugs,acunetix,Exabeam,Logrhythm.SOC Operations and IT Infra:Provide strategic directions to SOC team and organization for security posture improvements Manage centralized incident response management, continuous and proactive monitoring and preventative maintenance.Experienced in drafting and implementing policy, procedures, and standards.knowledge on information security standard like ISO27001, HIPPA,PCI-DSS,Soc2,RBI,NIST.

Managing Linux Cloud Infrastructure Aws ,Google cloud ,Monitoring and ManageSIEM McFee enterprise Security Manager.Splunk-SIEM,AIOps,Application & Log Management .Improve the perimeter defense solutions in the environment as per agreed architecture with the following solutions: Firewall, Web Gateway, CloudSecurity, WAF, NIPS etc.Operating Systems:Linux Red Hat 4.x, 5.x, 6.x , CentOS 5/6, Fedora, Ubuntu, Sun Solaris 11/10/9/8/7.Tools:Nagios, Zabbix, Cacti, Eucalyptus, Openstack, F5, HP SIM, Puppet,OSSEC, IpTables.Languages:Shell scripting, Perl, Python and databases :MYSQL, Mongo.Hadoop Monitoring tools (Cloudera Manager & Amabari)Working on SEO,Big Data Hadoop & University Data Normalization.Increased efficiency and cost effectiveness by implementing an automatedsecurity surveillance system.Manage Multiple IT- projects simultaneously from conception throughcompletionsManaging Firewall checkpoint ,fortinet & end points shopos for HO andBranch office .Develop & Implement 15 websites through cloud infrastructure.IT budgets and policies ,server configuration Firewall Checkpoint ,Palo-Al-to,Load Balancer,Virtulization,trap,endpoints,ids-ips.Worked on ERP & IT-Infra-solutions designer.Understanding of software development life cycle and be able to communi-cate incident and project status,issues & resolutions

Designed customized & implemented Open Source RADIUS server across all35 locations .Designed,Setup & implemented 35 firewall and Centralized Cloud basedfirewall policy manger and analyzerMonitoring & Maintaining Alien Vault unified Security management Cloudbased SIEM .Managing and monitoring SIEM Mcafee Enterprise security Manager .Team member for NAAC,ISO,UGC,NIRF,QS,AICT affiliations & ComplianceprocessCore Functions on Firewall checkpoint ,fortinet and Load balancer FAT-PIPE,IDS,IPS,End-Points.Worked on RF router IPv6 technologies polycom & open source videoconferencing unit.Maintaining 35 plus websites and blogs .Proficiency in C/C++ Programming and Bash, Python or other scripting languages.Knowledge of predictive analytics skills ,penetrations & forensic software .Worked on ERP IT-Infra-solutions designer.Knowledge of vendor management, central purchase & campus IT-Infrastruc-ture.Apache Hadoop & Cloudera Administrator: Experienced in developing MapReduce programs on different data formats like Text file, CSV file, Log files,backup archival and recovery (BAR) and high availability (HA).Management ofdata,users and job execution on hadoop system.Installation/Administration of RHEL 5.6 and Fedora on Multiple Servers configuration, testing on both physical and virtual machines.Good knowledge of RAID groups and setting up NFS, CIFS and iSCSI protocols in SAN/NAS environment on HPUX 11.31 and Redhat LINUX.Configuring and maintaining virtual server environment using VMWARE ESX, VCenterVSphere.Installed, configured and supported RAID 0, RAID 1, RAID 0 1, and RAID 5 on SANarrays,Installed and configured JUMP START Server.Built more than 1000 servers from scratch and applied relevant patches on existing servers.Hands on experience in development, installation, configuration & testingHadoop ecosystem components.Penetration test,Vulnerability Scan,Cloud Computing:Iass,Saas,Pass, WAF,Secure Web Gateway,Trusted Platform Module

Managing and maintaining different type of OS as windows 2003 server,windows XP etc, backup remote network for Pro-metric, DHCP, WINS,Domain controller, client OS and VPN.Worked on PIX firewall 500 and CFS _linux firewallDesigned and delivered tutorial for course in computer subjects :MCSA,LI-NUX,A+,N+,wireless.Provided one-on-one counseling for students;assisted with virtualization labs.Manage Multiple IT-projects simultaneously from conception through comple-tions .Worked on Extremes/hp/brocad/ruckus/V-sat/ISDN technologies.

Own various IT projects, solutions, and key responsibilities within a larger business initiative.Handle business-critical IT tasks and systems that provide commercial advantage in a global marketplace.Maintain internal infrastructure requirements including, laptop and desktop computers, servers, routers,switches, firewalls, printers, phones, security updates; support internet, intranet, LANs, WANs, and network segments.Maintain SCADA system backups Coordinate maintenance and support with SCADA system hardware and software vendors.Identify and resolve SCADA system problems.Maintenance and calibration of instrumentation and controls, including programming of PLCs and RTUs.Maintain point database.Create views and reports for staff information.Partner with internal and external partners to communicate project status, activities, and achievements.Perform server administration tasks, including user/group administration, security permissions, group policies, print services, research event log warnings and errors, and resource monitoring, ensuring system architecture components work together seamlessly Monitor Datacenter health using preexisting management tools and respond to hardware issues as they arise; help build, test, and maintain new servers as needed. Performs research and development concerning SCADA design function.Collects RAW data for troubleshooting, evaluating, reporting and compliancemonitoring.Works with other IT Systems staff to ensure the security of the SCADA system and othercritical infrastructure(ABB,RW,FP,N)Coordinates SCADA changes with Operations, I&C Technicians, and others, asneeded.Programs SCADA system for advanced controls and sequence to assist in automation anderror trapping to ensure compliance with permit rules and regulations.Documents SCADA system and changes.Maintains backups of SCADA systemCustomer Segments: Manufacturing Industry,Pharmaceutical,chemical Industry,Ministry of Defence, Multinational corporation,Aviation industry.