sharad sankpal: Security Administrator in Mumbai, MH

• Prepare guidelines and procedures for operations and prepare weekly security operations reports. • Manage a range of security related services including operation, security incident and event management, breach investigation, virus and patch management, supporting system penetration testing and vulnerability • Investigate security incidents and requests ensuring resolution in a timely manner • Serve as an internal subject matter expert for information security issues, trends and leading practices, maintaining an in-depth holistic understanding of attack vectors, current threats and remediation strategies • Experience in managing security in agile environments • Manage all security events and take lead responsibility in any major security incident response activity • Manage security for on premise and Cloud services such as Office365, Microsoft Azure IAAS, SAAS platforms etc. • Perform Internal/External audits e.g. PCI Audits • Work with third party vendors to ensure appropriate security solutions and /or assessments are undertaken, including ongoing assessments • Influence and develop awareness of training security across the organization, track attendance and review effectiveness • Monitor for all threats/breaches to BCD Travel and provide recommendations and advice on risk mitigation, design, implementation and operations • The project is to work independently within a team on all the security related tasks such as security monitoring, manage the SIEM infrastructure, security incident handling, security event log management and analysing issues and coordination with different teams (Database, Windows, Unix and Firewall) for security related issues and task. • Involved in SOC Operations activities such as Network traffic monitoring, real time security event and log monitoring, log analysis, responsible for identifying and classifying attempted compromises to client networks through identification of suspicious traffic • Working on high severity security incidents and working with key stakeholders to mitigate the intrusion. • Intrusion detection and compromise attempts through analysis of relevant event information, i.e., based on their signatures using IDS/IPS Source fire. Other responsibilities include differentiating false positives from true intrusion attempts. • Well understanding of different types of attacks including Zero Day, Exploits and malware and corresponding the mitigation techniques in place to encounter those attacks. • Collaborate with IT management, the legal department, safety and security, and law enforcement agencies to manage security vulnerabilities • Monitor and escalate potential health issues of customer's devices to the customer and/or vendor for remediation, ensuring incident resolution with the SLA. • Document procedures and processes on team wiki, so SOCs across all regions are kept up-to-date and to provide a consistent level of service. Tools with hands on experience: Nexpose, Burp Suit, Symantec (SEP), Nessus, KALI Linux, Open Source Tools: In BT Test Lab 1) Maltego: Integration of with multiple open source API for reconnaissance. Threat Intel reports development Network reconnaissance Social Engineering framework development 2) Cuckoo Sandboxing: Malware analysis through Sandbox, Simulate Windows, Linux Environment Development of Malware Analysis reports PROFESSIONAL EXPERIENCE