To pursue my interest and make my own mark in the field of Information Security/ Information Systems Audit
ISO 27001 Audits, Application Security, Cyber Forensics, Incident Response & Vulnerability Assessment Operating Systems: Workable knowledge of Linux Operating system, Windows 2012 Server
Network Scanners: Nmap, Wireshark, Vulnerability Scanners: McAfee Foundstone, Nessus, Retina Wireless Scanners: Netstumbler Application Security Tools: Burp, Fiddler, ZAP, SwfInvestigator, DirBuster Cyber Forensics Skills: S-Tools, WinHex, PC Inspector, PGP Systems Applications: Windows Active Directory, McAfee Antivirus, McAfee Host Intrusion Prevention System (HIPS), McAfee E-Policy Orchestrator (Anti-Virus Management Console)
Microsoft Applications: Word, Excel, PowerPoint, Outlook.
Event Management, Team Player, Honesty, Hard work, Patience
Cyber Crime Investigation Course Solved various Cyber Crime cases consisting of online fraud, terrorist cases, e-mail threats PGP encryption & decryption, steganography, password recovery, data recovery, social engineering etc Traced, tracked and analyzed emails Familiarized with various sections under the Indian Penal Code & the Information Technology Act 2000.
Senior Information Security Analyst06/2011 to CurrentAccenture Services Pvt Ltd, Pune
Managed Internal Security Compliance Assessments based on ISO 27001 Security Framework for Servers, Network devices, Workstations and Physical Security domains, across India and other global locations Involved in system configuration review of servers, network devices (switches, routers, firewalls, VPN devices etc.) etc.
ensuring that the same adheres to company policy and standards Conducted Firewall Rule base checks for compliance Reviewed Server and Workstation Security configurations for compliance Involved in Application Security Assessments for internally developed applications/ third party applications etc., for testing of CSRF attacks, XSS attacks, SQL Injection attacks, Session Management, Authorization, and Authentication etc.
Ensured Non Compliance findings are remediated within the defined timelines with negligible escalation.
Worked as Information Security location SPOC, ensuring that the operation, design, and management of information systems adhere to the organizational policies & standards Involved in risk assessment of Airtight Wireless Intrusion Prevention System, for checking various scenarios with respect to wireless attack attempts Instigated vulnerability assessment scans on workstations and servers on quarterly basis Involved in review of network design document for Accenture projects and security exceptions Received Accenture Celebrates Excellence (ACE) Award for excellence in business operations.
Information Security Specialist07/2010 to 06/2011IBM India Pvt Ltd IDEA Cellular Ltd Pune
Handled Security Incident Response Management for issues comprising of unauthorized changes, unauthorized money transfer, virus attacks, application malfunction etc.
Managed Vulnerability Assessment Scan (VA Scan) process, in coordination with the respective support teams for remediation of the found vulnerabilities.
IT-Technical Associate10/2007 to 07/2010Information Security BMC Software Pvt Ltd, Pune
Implemented Vulnerability Assessment Scan (VA Scan), on Unix and Windows Systems and providing appropriate recommendations for open ports and vulnerabilities followed by compliance and co-ordination for patch management Familiarized with risk management framework, such as ISO 27001 Handled Incident Response Management for suspected alerts generated from IDS Provided informational assistance for security policy violations and objectionable requests for allowing URL's being accessed on the corporate network McAfee Antivirus issues, Host Intrusion Prevention System issues, patch management and running compliance tests for patched machines Created exceptional policies in McAfee E Policy Orchestrator (EPO) based on business justification and access issues.
Maintained McAfee E-Policy Orchestrator (security management platform to centrally manage systems) Handled User Access Administration (Creation of user & service accounts, terminating user access, account renewals, home directory creation etc) Handled RSA SecurID access & authentication issues for SSL-VPN (remote connectivity) Verified 3rd Party VPN access request forms for accessing resources on the corporate network & risk analysis McAfee Safe boot encryption troubleshooting issues Troubleshooting of account lockout issues and handled password management Generated Weekly Metrics Report for Host Intrusion Prevention System, Anti Spyware & Virus Scan Handled weekly audit of System Access Termination Reports in compliance with SOX Controls GCC 2023.
Intern Hardware Engineer01/2007 to 04/2007Nilson Technology
Windows Installation, Antivirus Installation and Troubleshooting.
Postgraduate Diploma: Mass Communication06PGDMCMass Communication
B.Sc: Electronics04Indira School of Communication University of PunePuneElectronics
Certified Information Systems Auditor (CISA) ISACA IBM-Cloud Computing Infrastructure Architect V1 IBM ISO 27001 Lead Auditor Certification IRCA, UK Certified Ethical Hacker (C | EH) v6 EC-Council ITIL Version 3 Certification Certified Cyber Crime Investigator Asian School of Cyber Laws, Pune
English, Marathi, Hindi (Proficient)
Active Directory, Anti-Virus, Antivirus, Microsoft Applications, Architect, business operations, C, CISA, Council, encryption, English, Event Management, firewalls, Firewall, forms, Hindi, IBM, IDS, Information Security, Information Systems, Inspector, ISO, ITIL, Linux, McAfee, Access, Excel, money, Outlook, PowerPoint, Windows, Word, network design, Network, Operating Systems, Operating system, organizational, policies, risk analysis, risk assessment, risk management, routers, Scanners, Servers, SQL, SSL, switches, system configuration, Team Player, Troubleshooting, Unix, VPN