Rajesh More

Experience

• 

  Orange Business Services

  Oct 2007 - Dec 2009

  Security Engineer

  Responsible for 24x7 SOC Operations including Log monitoring through Novell Sentinel.Managing customer SLAs for real time alerting and response.Monitor, identify and analyze network security events from IDS/IPS, Firewalls Websense and other network devices in a global setup.Coordinate with incident response team and provide detailed technical recommendations to mitigate threats to company resources.Coordinate with support teams at various locations across the globe and tracking issues to resolution. Show less

• 

  NSEiT

  Dec 2009 - Dec 2013

  Executive Engineer

  1) Network Security OperationsEvaluation and implementation of network security solutions.Vulnerability Assessment of mission critical Servers and network devices. Integrating vulnerability assessment reports with Arcsight ESM for correlation with events from other log sources.Responsible for the planning and executing movement of mission critical Network security devices during data-center movement in NSE.Managing Firewalls in highly sensitive critical infrastructure.Patch management of critical servers.Managing proxy to provide internet access as per organization policy.Creating and managing Websense policies to regulate internet browsing from the organizationManaging IDS/IPS policies to protect the organization assets from web related threats.Managing Email Gateway policies to restrict attachment size, file types etc.Streamlining and fine tuning configurations of various network security products after initial setup.Managing AAA solution includes creation and deletion of users and policies to facilitate access control over servers, network and network security devices. 2) Security Operations CenterOperations and maintenance of ArcSight Products(ESM and Logger) including ArcSight content developments i.e rules, dashboards.Security event analysis and intrusion detection by review and analysis of events generated by various components including IDS/IPS, firewalls, switches, databases, operating system, and various types of security devices.Incident tracking and follow-up with built-in feature of Case management.Network Modeling in ArcSight with assets, zones, networks and categories.Development of multiple custom connectors using ArcSight Flex Connectors for the following types of event sources: Business applications, Non standard log sources.ArcSight administration including health checks, backup, upgrades of ArcSight components include the managers, databases, connectors content and context upgrades. Show less

• 

  Nomura

  Dec 2013 - now

  • Lead - Threat Hunting

    Jun 2020 - now

  • Team Lead SOC

    Jan 2016 - May 2020

  • Senior SOC Analyst

    Dec 2013 - Dec 2015