•Partner with Data Science team to Identify and Quantify Risky behaviors by insiders in enterprise network.•Perform Insider Threat related research like, Identifying new sequences for risky behaviors, Threat landscape Investigations.•Perform Threat hunting activities to discover real world Insiders by combining alerts across signals from Microsoft 365 Defender.•Validate and provide proof of concept for new features in Microsoft Purview Insider risk management solution… Show more •Partner with Data Science team to Identify and Quantify Risky behaviors by insiders in enterprise network.•Perform Insider Threat related research like, Identifying new sequences for risky behaviors, Threat landscape Investigations.•Perform Threat hunting activities to discover real world Insiders by combining alerts across signals from Microsoft 365 Defender.•Validate and provide proof of concept for new features in Microsoft Purview Insider risk management solution. •Correlate Microsoft purview Data loss prevention and Insider risk management solution to develop new Indicators & Detections. Help Engineering and Data Science team to perform validation on existing detections.•Worked with internal Microsoft Security team to identify gaps in Insider risk Program ran internally. Provided suggestions and present case studies to improve overall security landscape.•Bridging the gap between Product manager and Engineering teams to fasten the process of validation of new features. Show less

•Tool migration from Existing DLP solution (McAfee) to MIP (Microsoft Information Protection). •Management of DLP Policy creation, Administrating over all DLP and Information protection program.•Creation and Administration of DLP alert tuning program. End to end responsibility of DLP Policy changes, Logs management and approval process.•Helped in creating robust CCB (Change management board) creation and management. Provide detailed report to Leadership for effective decision… Show more •Tool migration from Existing DLP solution (McAfee) to MIP (Microsoft Information Protection). •Management of DLP Policy creation, Administrating over all DLP and Information protection program.•Creation and Administration of DLP alert tuning program. End to end responsibility of DLP Policy changes, Logs management and approval process.•Helped in creating robust CCB (Change management board) creation and management. Provide detailed report to Leadership for effective decision making.•Part of Insider threat team which hunts for Insider threat activities by employees. Escalation of critical cases, preparation of Investigation reports. •Identifying and creation of new use cases with help of available tools and security controls.•Use various tools like SPLUNK, UEBA (Securonix), Microsoft Compliance hold, Intella, eDiscovery for Investigation, Analysis and reporting of Insider threat cases. Show less

•Implementing Security products and technologies across Honeywell enterprise. Experience in preparing, planning, and designing, implementing and optimizing Security products and a broader understanding of Cyber Security industry trends.•McAfee ePO Administration & responsible for maintaining sustainable support environment, resolving Performance/ Technical/ Troubleshooting issues produced at end users and applications.•Working on Security solutions like McAfee DLP, McAfee FRP, McAfee… Show more •Implementing Security products and technologies across Honeywell enterprise. Experience in preparing, planning, and designing, implementing and optimizing Security products and a broader understanding of Cyber Security industry trends.•McAfee ePO Administration & responsible for maintaining sustainable support environment, resolving Performance/ Technical/ Troubleshooting issues produced at end users and applications.•Working on Security solutions like McAfee DLP, McAfee FRP, McAfee Endpoint security, Boldon James Classifier, McAfee MVISION CASB, McAfee Discovery scans, Azure Information Protection (AIP) for Honeywell’s Data Protection team. •Documentation of testing results for Top management analysis. Creating SOP’s for processes, providing consultation and identifying best practices for addressing critical and complex processes.•Carry out troubleshooting for the critical issues, engaging with Vendors and cross functional teams to find out the root cause with thorough testing and validations.•Responsible for Policy creation, Finetuning for reduction of false positives as per business requirement.•Perform POC’s, Testing & Validations for new/existing Security Solutions on different OS platforms like Windows & MAC. •Writing procedures and work instructions for support and implementation process.•Implemented DLP endpoint solution across 120K+ machines. Show less

•Threat hunting and Incident escalation through Data Breach Incident Management process.•Monitor adherence and compliance of process and procedures, regular review of existing process and procedures as per business requirement, suggest and implement changes to improve security posture of organization.•Fine tune existing DLP policies to minimize false positives and maximize coverage.•Follow company Change Management Process to accept, review and implement changes for DLP policies and… Show more •Threat hunting and Incident escalation through Data Breach Incident Management process.•Monitor adherence and compliance of process and procedures, regular review of existing process and procedures as per business requirement, suggest and implement changes to improve security posture of organization.•Fine tune existing DLP policies to minimize false positives and maximize coverage.•Follow company Change Management Process to accept, review and implement changes for DLP policies and application parameters.•Interact with business users/data owners/data custodians to get more inputs to policy creation and fine tuning by improvising on existing data registers and collecting sample data.•Assess and Identify any risk to the execution of Information Security program and escalates Potential risk and control issues across teams. Pro-active follow up on potential security risk and incidents.•Hands on experience on security tools like Symantec DLP, ARCOS PIM (Privilege Identity Management), SIEM (Q Radar), Seclore IRM (Information Rights management).•Coordinate with external / internal audit and regulators on control environment and Issues. Managed team of 6-8 information security professionals and contributed towards strategic planning and technical advancements. Show less

Handling and Resolving Customer Issue Tickets,Enabling and Disabling Services for a particular Customer, Application Installation and Troubleshooting .