Experience

• 

  Csc

  Jul 2004 - Sept 2010

  Managed network services

  Associate Manager – Network Specialist: Hired people by conducting second round technical & managerial rounds. Was the Second Level Escalation point of contact for Offshore EMEA network related incidents. Reviewed & forecasted billing for both service-based & full-time equivalent models. Reviewed customer satisfaction scores and identified the concerns & gaps based on customer inputs, preparing & tracking action plans with inputs from team leads. Closely collaborated with onshore managers (Peers/Network Services/Accounts), bringing out challenges faced by offshore teams, progress & ensuring that those are addressed by onshore. Reciprocate the same on offshore issues brought out by them. Worked on Resource management by ensuring backups for critical resources by bringing in people with potential, identify training requirements of the teams & negotiate with the vendors for on/off the campus training sessions, online seminars Analyzed the business impact in case of adverse conditions, consolidating critical services of customers, come up with call trees, business continuity & disaster recovery plans for the teams.Senior Engineer – Network Security: Ensured smooth running of operation activities in the absence of the manager. Worked on Level 2 Escalation point of contact for Offshore EMEA network related incidents Understood conceptual & logical models of entire networks design & connectivity. Coordinated among the teams to address interdependency / conflicts. Owned during service restorations & prompt documentation of RCAs. Participated in change advisory board meetings & played the role of technical approver for any network changes done by the teams. Contributed & Ensured Knowledge management repository of Customer Service Support were updated. Owned handovers & decommissions; ensured the device inventories of both the company & the vendor were updated. Tracked team member activities, training attended/conducted & SLA metrics of individuals. Show less

• 

  Hcltech

  Oct 2012 - now

  Planning & ensuring agreed deliverables in terms of cost, time, effort and quality. Driving business results by winning new clients / projects with high positive customer engagement, satisfaction & referenceability. Created a tailored cybersecurity training program. Cross-functional SPOC for the customer senior management (especially CISOs), center of excellence, engineering & operations teams to deliver Net-New & Existing-New services / solutions. Be the strategic voice of the customer in the internal organization and develop, implement plans to save the TCO by identifying & optimizing areas with automation & tools while continuously monitoring the attack surface and by reducing the risks and vulnerabilities in the environment. Provide leadership to the engineering team & be the technical SME for the transition, transformation, migration and/or integration of tools / services within the customer environment and/or with the MSS environment. Managing & delivering the blue team & red team operations & subsequent governance as per the contracts across various functions:SOC & Incident Response - SIEM, SOAR, Monitoring, Triaging, Qualifying & Responding to the incidents.Perimeter Defense - Firewall / UTM, VPN, IDS/IPS, Web Gateway, Email Gateway, WAFNetwork Defense - Micro Segmentation, NAC, Network DLPEndpoint Defense - Anti Malware, EDR, App Control, EPAM, HIDS, Host Firewall, EncryptionIdentity & Access Management - MFA, SSO, Federation, PAMAssurance - Vulnerability Management & Penetration Testing, Breach Attack Simulation / Predictive Breach AnalysisGovernance - Risk based operations governance, Regular meetings & reviews with the customer executives, Service Level Management, Technical leadership in major incidents (P1,P2) by quantifying the impact, creating action plan, advise workaround to mitigate or circumvent the impact, drive till the resolution and the recovery, conduct lessons learnt & submit RCA with the CAP Show less Program & Technical Tower Head / SME to transition. Built a brand-new cybersecurity center by anchoring a Texas based customer with an extended 24x7 SOC facility & function in Mexico. As a Security Delivery Manager, directly reported to the CISO & ran the engineering and operations as per the contract. As an Security Engineering Manager, technically participated in architecture and engineering discussions, project planning & execution. Manager & SME level contribution in various projectsFusion Center Head, Customer Engagement Lead, Location Delivery Head, New Vista Trainer, Floor Manager and reporting Manager. As a customer engagement lead, explain the MSS offerings to new and existing customers. Walk them through the best practices (Security Incident handling & response process, Threat & Vulnerability advisory process, Attack Surface Reduction & NextGen SOC, Collaborative Threat Intel, Risk Based Operations Governance, SOC Maturity Approach, Cybersecurity career path and upskilling, Key Performance Indicators) and demonstrate the frameworks & tools (SIEM, SOAR, Threat Intel Platform, Breach Attack Simulation), RFP Response, Contract review, Bid defense & due diligence. As a reporting manager and mentor for the fusion center, work with the training department to bring out the training curriculum for the New Vistas, plan & supervise the execution of onboarding people with access and knowledge to the customer environment, continuous assessment, feedback & learning recommendation to upskill and keep abreast with the cybersecurity happenings & trends. Define key performance parameters (goals) for each individual, conduct quarterly & annual performance feedback sessions, assign ratings & recommend for promotions, rewards & recognitions. Show less Migrated the existing SIEM environment of the customer to a child SIEM model & integration with the HCL MSSP Parent SIEM. Key activities:Architecting CLD, HLD & LLD of the solutionPresented to the ARB & got the design sign-offAssisted in the deployment of the solutionCompiled the operations runbook and trained the teamContributed in laying out the idea of a framework, presented to the top-level management & got the sign-off. Key activities:Creation of a proprietary cybersecurity framework using NIST as baseCreation of a roadmap from where we are to where we should beSet up proof of concepts for Alert Monitoring Workflow & Security Advisory Workflow.Segregated 49 member team from the Global SOC to form Threat Advisory Monitoring & Management (TAMM). Key activities:Set up framework for the continuity of deliverables among threat & vulnerability advisory services, SIEM detection, SOC Monitoring & Endpoint response.Regroup and redistribute people to support 23 customers using homogenous processes.Hiring talent by actively working with the recruitment team in the technical interview stage.Seamlessly migrated 11 MSS tenants from netForensics to HP ArcSight. Key activities:Creation of HLD & LLD.Innovative solution using NAT for the seamless experienceSuccessful migration in waves without downtimeSet up a SOC function for the largest Australian retailer by reporting to the CISO directly. Key activities:Customized NIST framework to the customer needDeveloped SOC handbook with procedures & KB articlesMentored the HCL SOC Team Show less

  • Program Lead

    Dec 2021 - now

  • Deliver Manager / Consultant

    Dec 2016 - now

  • Global SOC Security Service Lead, SOC Consultant, & SIEM SME

    Oct 2012 - Nov 2016