Shivam Tripathi

Experience

• 

  Infosys

  Feb 2016 - Jun 2017

  System Engineer

  As a Linux administrator, I have been performing below responsibilities.• Administrating Linux (Red hat, Centos) production/non-production server, Installing, Configuration, Troubleshooting, administration of Linux, Basic shell scripting, User administration (setup and maintaining account)• Disk Management with Disk Quotas, LVM and ACL implementations and Security implementation by using ACL's & special file permissions

• 

  Infosys

  Aug 2017 - Jan 2020

  Senior System Engineer

  As a security Analyst, I have been involved in various client engagements and having experience on below domains,• Perform Vulnerability Assessment of Infrastructure components using vulnerability Management scanning tools (i.e Qualys Guard)• Reviewing vulnerabilities scan results and providing the recommendations toward the mitigation of vulnerabilities• Configure Splunk as SIEM solutions for optimal performance in security operation center (SOC)• Investigate and respond to reported security incidents using Splunk Show less

• 

  Accenture

  Jan 2020 - Jan 2022

  Cloud Security Analyst

  (01/2020-01/2022): AccentureAs a security Analyst, I am responsible for ongoing management and/or improvement of activities related to the Security Infrastructure services for hybrid environment.Responsibilities include:a) Azure Cloud Security• Working on Microsoft Defender for Cloud and Microsoft Defender Endpoint• Deploying Windows Defender and MDE agent on virtual machines in Azure as Antimalware and EDR capabilities• Working on Azure DDOS, Storage account security, Securing database and Key-vault security• Working on Azure policy for cloud and compliance management and automating security solutions deployment• Integrating Log sources in SIEM solution using Azure Sentinel for Azure environment• Performing Identity and access management, Conditional access, RBAC and access reviews using Azure Active Directory.• Worked on Azure firewall and Azure FIMb) Vulnerability Management:• Analyze vulnerabilities from scan results using Qualys and evaluates threats and vulnerabilities to determine and recommend safeguards for system or application owners.• Develop processes and implement tools and techniques to perform ongoing security assessments of the environment• Implement processes and manage tools used to identify vulnerabilities and track their remediation within the environment• Understand approaches for addressing vulnerabilities including system patching, deployment of specialized controls, code or infrastructure changes, changes in development processes and cloud devices• Identify and resolve any false positive findings in assessment resultsc) Endpoint Security• Administrating Trend Micro for monitoring and deploying IPS and antimalware rules on Cloud Servers and Onprem servers and Tanium for file integrity Monitoringd) Firewall review • Reviewing firewall rules across infrastructure to remove risky rules, decommissioned subnets, restrict unwanted connection and validate IPs added in rules with help of network and application team Show less

• 

  PwC India

  Jan 2022 - Oct 2022

  Assistant Manager

  • Perform third party risk assessments on Security risk, Operational risk and Technical risk for Infrastructures deployed in Clouds environment as well as data center• Perform Cloud assessments to find the security risk for the workloads in public Clouds• Perform architecture review of applications which will be deploying in Public Cloud (mainly Azure and GCP) with respect to network security and configurations • Design secure architecture for workloads migrating in Public Cloud (mainly Azure and GCP)• Deployed and maintain Azure firewall • Perform network security review for applications and workloads hosted in Public Clouds (mainly Azure and GCP) Show less

• 

  Milliman

  Nov 2022 - now

  Cloud and Information Security Architect