Kundan Kumar

Experience

• 

  Capgemini

  Jun 2017 - Oct 2019

  Senior Security Analyst

  Responsibilities: Splunk: • Monitoring the Use Cases and analyzing logs received from the devices and raising incidents when offences are triggered with the concerned team and taking necessary actions.• Analyzing the logs and Suppressing the logs for specific IP’s or Fine Tuning false positives. • Performing daily health check for the Log Source devices.• Sending Weekly and Monthly reports to the clients for the activity being done.McAfee IPS: • Monitoring the IPS alerts and investigating the activity logs based upon the severity and creating incidents for the alerts.• Sharing the alert reports and investigating the logs based upon the severity. • Monitoring the health checks of the Sensors and Signature updates.Email phishing analysis:• Investigating the suspicious mails such as analyzing the Body of the Email, Senders Mail ID and the Email headers to find the Sender or Spoofing Mail ID’s, Malicious URLs, Originating IP address and taking necessary actions such as blocking the IP’s, URL’s, senders Mail ID etc. by coordinating with different teams. Triton Websense: • White-listing and Blacklisting the URL's based on the ticket. And blacklisting Malicious URL’s found in Phishing mails.• Monitoring the Websense dashboard for user’s activity.• Managing users AD and user's internet policy groups, based upon the requirement categorize access will be provided to the users.Imperva Database Activity Monitoring: • Monitoring the database activity of MX consoles, Gateway, Agents & system events.• Integrating the Database agents to Imperva secure sphere as per DB team requirement.• Troubleshooting Gateways/Agents which are Disconnected /Running with errors /Disabled. • Performing the Health check for MX consoles, Gateway, Agents every 4 hours once per day.ArcSight: SOX Compliance:• Sarbanes-Oxley Act is followed for the changes made in the Databases, should be validated and it should be sent for auditing team. Show less

• 

  KPMG Global Services (KGS)

  Oct 2019 - Jun 2023

   Responsible for maintaining and improving the security posture of organisation by identifying, scoping, and prioritizing vulnerabilities in our systems. Providing guidance and driving accountability of risk-based vulnerability remediation across business and technology teams in a complex environment. Working in collaboration with security teams, infrastructure services, compliance/regulatory teams, and business partners to drive vulnerability management and remediation across the firm expansive footprint. This includes asset management, scanning, patch management, vulnerability assessment/tracking, develop remediation plans, and track execution. Providing technical support for the resolution of vulnerabilities reported by our automated systems. Establishing, driving, and optimizing vulnerability management processes such as exceptions and advisories. Managing and Reviewing host configuration baselines. Analyzing site/enterprise Computer Network Defense policies and configurations and evaluate compliance with regulations and enterprise directives. Providing leadership hands-on technical direction to deliver problem, solution, tactical, and break-fix capability. Working closely with both business-oriented executives and leads technology-oriented personnel to ensure adequate processes are in place and actions are being taken to mitigate identified risks proactively. Developing strategies to identify, manage, and mitigate identified threats and vulnerabilities to attain desired risk profile and communicate strategies to key stakeholders. Handling large datasets and performing vulnerability analysis. Preparing vulnerability data and develop comprehensive, accurate reports to both technical and executive audiences. Producing vulnerability, configuration, and coverage reporting to demonstrate assessment coverage and remediation effectiveness. Serving as an escalation point on issues, dependencies, and risks related to vulnerability scanning. Show less

  • Consultant

    Oct 2022 - Jun 2023

  • Associate Consultant

    Oct 2019 - Oct 2022
• 

  PwC Acceleration Centers

  Jun 2023 - now

  Senior Associate