Experience

• 

  E2e serwizsol pvt ltd

  Jun 2004 - Dec 2005

  Customer care executive
• 

  Hcltech

  Jul 2006 - Jun 2007

  Technical support officer
• 

  E4e business solutions india pvt ltd

  Jul 2007 - Jun 2008

  Senior technical support engineer
• 

  E4e busines solutions india pvt ltd

  Oct 2008 - Nov 2009

  Process trainer
• 

  Symantec

  Nov 2009 - Jul 2016

  • Managing multiple shifts of Technical Service Engineers and Security Analysts performing security event monitoring and incident identification for 24x7 Security Operations Centre (SOC) in the weekend.• Handling critical situation management process for customer and coordinate internally with global management team• Collaborating with Global Team Managers to provide tactical and strategic direction for the SOC’s staff, program development and maturity roadmap tracking critical issues for customers who are in high Heat Index.• Developing an operational support plan for the sustained success of the team, including measuring the team’s performance against existing KRAs, training and development of the staff and identifying process improvements• Stay current on the latest threats and vulnerabilities to ensure operational tools and processes are up to date• Collaborate on security architecture, engineering, operations and incident response to ensure effective SOC monitoring is implemented for all environments.• Performing Root Cause Analysis/After Action Report for all reported issues during the weekend and identify any trends or possible ways to prevent recurrence. Show less Offering a higher standard of protection for top Fortune 500 customers through performance-based SLAs ensuring security intelligence that guarantee response times and countermeasures for security events and to ensure minimal impact for Business Operations.Subject Matter expert (SME) for Symantec Endpoint Protection providing expert level assistance Lifecycle Management - Deploy Endpoint Protection Management Server OS patches and service packs - Deploy Endpoint Protection Manager maintenance releases and service packs Fault / Incident Management - Monitor SEP Management console for availability, SEPM Database Server for availability, Application processes for faults, status of content updates, troubleshoot issues affecting management console. Change Management - User Administration - Add/change/delete Administrator accounts, Administrator password reset, send command to endpoint or group, Generate Endpoint Protection Client installation package, Add/change/delete endpoint group or location, Remove or move endpoints between groups Policy Management - Anti-virus policy changes - Anti-virus scan scheduling, User notification settings change, Anti-virus action settings changes.- Firewall policy changes - Add/Remove/modify Firewall Rules- IPS policy changes - IPS custom signature creation, IPS remove block from signature, Add excluded host (permit all to/from host) - Application control & Device control policy changes – Allow/Block Applications and Devices Centralized Exception - Add/change/delete centralized exception Database Management - Enabling replication between existing Endpoint Protection Database sites, Changes to existing Endpoint Protection Database Site replication configuration - Adding additional Management Consoles to existing Endpoint Protection Database Implementation and Management of Log Collection Platforms such as Remote Importer, Symantec SSIM and Syslog. Show less

  • Supervisor

    Jan 2014 - Jul 2016

  • Senior Security Engineer - Managed Security Services

    Jan 2012 - Dec 2013

  • Security Engineer - Managed Security Services

    Nov 2009 - Dec 2011
• 

  Standard chartered

  Aug 2016 - Jan 2019

  Information security manager

  * Building Standard Operating Procedures / Playbooks for handling Cyber Security Incidents.* Actively participated in large scope high impact cyber security incidents and managedIncident Response workflow and actively supported response and remediation by doingdeep-dive analysis and RCA* Proactive identification of threats on the network and handled end to end till remediationand recovery.* Use threat intelligence to initiate investigation and identify malicious activity that are nototherwise identified by Managed Security Services.* Perform deep dive analysis to reduce false positive and recurring incidents.* Coordinating with the external entities like ISP's and internal departments like BISO's andLegal & Compliance for security incidents.* Initiatives to contribute and / or influence business strategy, own end to end ownershipand responsibilities on operational governance.* Help the organization track interesting trends on emerging technologies that are relevantto its business and take advantage of such technology trends* Involving Cyber security best practice and knowledge into the organization whiledeveloping a cyber security strategy and owning its implementation* Reporting threat landscape to Senior Executive management including CISO and CIO* Worked closely with the Security Operation Center, Legal and Data Loss Prevention teamsto support tier 1 and 2 security incident management.* Provide investigation findings for management reporting to relevant business units to helpimprove information security posture* Provide leadership/mentorship to junior analysts and serve as the "escalation" point forthem to assist with performing a detailed analysis of potential threats. Show less

• 

  Comcast

  Feb 2019 - now

  The role entails end to end management of all SIRT’s responsibilities ensuring Global Cyber Security Incident Response coverage.

  • Manager

    Feb 2019 - now

  • Manager

    Feb 2019 - Jan 2023
• 

  Genpact

  Jan 2023 - now

  Assistant vice president