Security Service Manager
Metmox Inc
Total years of experience :19 years, 1 Months
Evaluated current security processes, toots, and practices as a member of the information security team reporting directly to the CISO. Charged with evaluating the effectiveness of current solutions and identifying gaps in security protection. Developed a comprehensive security architecture framework to evaluate and manage security architecture strategy for both traditional on-premises and cloud environments. Worked with vendors and cross-organizationally to identify, evaluate, and test (pilot) solutions. Technologies evaluated included data loss prevention (DLP), endpoint detection and response (EDR). traditional endpoint security, email security solutions (on-prem and Office 365), network security tools and capabilities, identity and access management tools and capabilities, application security practices, and cloud security tools.
Main Responsibilities:
> Lead the response to Cyber Security threats and incidents for the collection, analysis, and preservation of digital evidence.
> Oversee day-to-day operations of multiple teams of security analysts and investigators
> Manage critical security infrastructure including IPS, SIEM, etc.
> Conduct root causes analysis to identify gaps and recommendations ultimately remediating risks to the firm.
> Provide complete Solution by gathering customer requirement with assistance of various market unit representatives
> Ability to articulate the product value proposition
> Plan, research, and design robust security architectures.
> Research security standards and security systems
> Prepare cost estimates and identify integration issues
> Provide technical supervision for (and guidance too) a security team
> Define, implement and maintain corporate security policies and procedures
As a member of the enterprise architecture team, charged with broad responsibilities to inject security practices into the overall application stack. Reviewed overall environment and developed an incremental roadmap for addressing critical gaps and charting a progressive course to more effective enterprise security over time. Included collaborating with the team driving a DevOps initiative, as well as initiating changes to implement and leverage sec ops automation.
Main Responsibilities:
> Analysis of an organization's overall security risks and requirements, rating the importance of a company's products and offerings, and the related design, configuration, implementation and support of the information infrastructure to protect the business from potential security breaches.
> Create reports for assigned areas of responsibility; Manage Security Programs; Offer new ideas and suggestions for improvement.
> Involved in rigorous reporting and metric presentation to management with regard to information security and compliance issues.
> Lead and mentor a team of 6 people and took ownership of their deliverables
> Maintaining Assets report of Critical Systems in the organization, Preparing Analysis and trending report for the organization on weekly, monthly basis Monitors security audit and intrusion detection system logs for system and network anomalies.
> Investigates and/or escalates security violations, attempts to gain unauthorized access, virus infections that may affect the network or other event affecting security. Document and reports event(s); Assists in providing engineering analysis, design and support for firewalls, routers, networks and operating systems
> Assists in performing product evaluations and recommends products/services for network security. Validates and tests basic security architecture and design solutions to produce detailed engineering specifications with recommended vendor technologies.
Main Responsibilities:
> Hold multifaceted responsibilities like Implementation, design architecture, upgrades, and health checks and advanced troubleshooting.
> Address and administer peer-level client relationships.
> Facilitate participation in business development and technical pre-sales activities, whenever required.
> Being primary contacts for operations and SOC Operations.
> Designing, implementation, integration, and administration of SIEM technologies
> Conduct knowledge transfer and security awareness sessions for resources.
> Vulnerability Assessment and Penetration Testing.
Main Responsibilities:
> Coordinating the implementation of data processing with personnel and outside vendors and conduct tests to ensure the processing activities and security measures.
> Modifying the security files for incorporating new software and correcting the errors.
> Evaluating the security features of various information systems and products.
> Responsible for handling the disaster scenarios and Implement redundancy, protection mechanisms for critical recourses.
> Applying skills and knowledge to initiate good security practice and planning.
> Ensures that right training is provided to all the levels of the staff.
> Taking responsibility for providing all the arrangements for physical and logical security policies.
> Installation of internal and external firewalls & IPS to ensure that the device is configured optimally
> Evaluating and investigating regarding various threats
> Configure network switches/routers/Juniper SSG devices as per the configuration baselines
> Vendor Management, Incident Management, and Change management.
> To monitor mail logs and critical services for warning/errors, Co-ordinate with anti-spam provider for blacklisting/whitelisting
> Help Desk in Charge, handling client queries, assigning persons to rectify the same.
Main Responsibilities:
> Installation of Workstations/servers at the client end.
> Installation of Networking Devices and Software’s for Co-Operate Banks
> Preparing Documentation for every instruments and location
> Maintaining 100% Uptime on Banking Hours
> Backing up and Restoration of SQL databases
> Installing backup devices on Servers.
Jun 2008 - Jun 2009 National Institute of Management Mumbai, India Master of Business Administration from an ISO 9001:2000 Certified Institute (Accredited by Indian Council for Distance Education) on Information Technology and Human Resource Management
Jun 2005 - April 2008 National Institute of Management Mumbai, India Graduate Diploma in Business Administration from ISO 9001:2000 Certified Institute (Accredited by Indian Council for Distance Education)
Jun 2002 - March 2005 Govt Polytechnic College Palakkad, Kerala, India Engineering Diploma in Computer Hardware Maintenance (Three Year diploma by Department of Technical Education, Kerala) with First class.