Experience

• 

  Tata consultancy services

  Jan 2012 - Mar 2018

  It analyst
• 

  The buffett way financial coaching

  Mar 2019 - Jun 2019

  Software developer(intern)

  • Researching, designing, implementing and managing software programs• Testing and evaluating new programs• Identifying areas for modification in existing programs and subsequently developing these modifications• Writing and implementing efficient code

• 

  Sonoco metal packaging

  Jun 2019 - Jan 2022

  • Supervising daily tasks of the IT Security Team• Project manage key IT Security Initiatives• Lead forensics of potential as well as identified cyber-Incidents• Support for incident response process improvements and table-top exercises to validate emergency preparedness program success• Analyze available threat data, assess the possible impact, and action that intelligence to determine which mitigations or controls can assist in preventing any attacks• Utilize strong analytical and problem-solving skills to identify security threats and risks to the enterprise• Guided implementation of company-wide enterprise security strategy and roadmap in compliance with NIST CSF & CIS control Framework.• Formalize IT Risk Register Management Process and Conduct Quarterly Risk Acceptance Exercise with IT Management• Conduct Privilege Access and Separation of Duty Review of key IT Applications across enterprise.• Review Audit Reports, Security Certifications like SOC2, SOC3 ISO 27001 and ISO 9001 etc. for critical third-party IT applications and perform vendor risk assessment• Leverage Security tool and technologies like Windows Defender ATP, Cloud App Security, Microsoft Intune, Forti Analyzer, Qualys Vulnerability Management, O365 Security and Compliance, Knowbe4 to improve the security posture of the organization.• Conduct phishing campaigns, security awareness, training, and education across enterprise. • Work alongside IT leadership and other business users to provide support with various activities on key strategic initiatives • Manage specific activities within various Cybersecurity initiatives (i.e. communications, test planning, etc.) • Reach out and communicate with various orgs inside and outside of IT • Create and update project-related documents like Information Security Policies, Processes and Procedures, issue logs, test logs, project plans, training materials, guidelines, security best practices etc. Show less • Analyze available threat data, assess the possible impact and action that intelligence to determine which mitigations or controls can assist in preventing any attacks• Support for incident response process improvements and table-top exercises to validate emergencypreparedness program success• Enhance security awareness, training, and education program• Provide support for various cybersecurity and information assurance activities• Utilize strong analytical and problem-solving skills to identify security threats and risks to the enterprise• Create/analyze security process documentation to increase efficiency• Work alongside IT leadership and other business users to provide support with various activities on key strategic initiatives• Manage specific activities within various Cybersecurity initiatives (ie: communications, test planning, etc)• Reach out and communicate with various organization inside and outside of IT• Assist with the review and updates to IT SharePoint Security Website• Assist with the review and updates of IT Security Controls, Processes & Templates Show less

  • IT Cyber Security Analyst

    Apr 2020 - Jan 2022

  • Cyber Security Intern

    Jun 2019 - Apr 2020
• 

  Sonoco

  Jan 2022 - now

  - Work closely with IT, HR, Compliance, and other departments to align security awareness efforts with overall security strategy and compliance requirements.- Plan and execute simulated phishing campaigns to test employee responses and improve awareness. - Responsible for development of policies and procedures to align with industry standards and regulatory requirements- Assist with NIST CSF Risk Assessments and gap analysis to identify areas for improvement and ensure compliance- Collaborate cross functionally with IT and Compliance teams to address security issues and implement controls- Develop and maintain comprehensive metrics and reporting dashboards for executive management, providing insights into compliance and risk posture- Ensure third-party vendors adhere to security requirements and mitigating potential risks- Evaluating new regulatory and industry best practices related to information security and data privacy- Demonstrated track record of successfully executing projects with an emphasis on delivering results Show less • Conduct in-depth analysis of email threats, including phishing attacks, spear phishing, business email compromise (BEC), and ransomware campaigns. • Develop and maintain a comprehensive understanding of the evolving tactics, techniques, and procedures (TTPs) used by threat actors in email-based attacks.• Collaborate with cross-functional teams to investigate and analyze suspicious emails and campaigns, providing actionable insights and recommendations for detection and response.• Utilize threat intelligence platforms, open-source intelligence (OSINT) tools, and internal data sources to gather, correlate, and analyze threat indicators.• Up to date knowledge on industry trends, security vulnerabilities, and email security best practices to effectively anticipate and counter emerging threats.• Create threat intelligence reports, including indicators of compromise (IOCs), network and host-based indicators, and behavioral patterns.• Share knowledge and expertise through documentation, presentations, and training sessions to enhance the overall security awareness and capabilities of the organization.• Successfully accomplished the project to deploy Vulnerability Management Solution in 20,000+ Assets coordinating with cross functional teams within 3 months.• Manage Enterprise-wide Phishing Security Awareness Training Program and Phishing Campaigns• Identify, categorize, prioritize, and investigate correlated events and perform investigation and triage of events and incidents and escalate• Third Party Vendor Risk Assessment Show less

  • GRC Analyst 2

    Sept 2023 - now

  • Security Operations Analyst III

    Jan 2022 - Sept 2023