Information Security Engineer

Balne Ajay Goud, Hyderabad.

Email *************@*****.***

Mobile +91-868*******

LinkedIn https://www.linkedin.com/in/ajaygoudbalne/

Professional Profile Summary

Have around 2.5 years of experience.

1.2 year in Vulnerability Assessment and Policy compliance.

6 Months in IAM (Identity and Access Management)

8 Months in SOC (Security Operation Centre)

Hands on experience on Threat analysis and Security Monitoring and Operation.

Good understanding of security solutions like Anti-virus, DLP, proxy, Firewall, IPS, Email Security etc.

Hands on experience with QRadar and LogRhythm SIEM tool for logs monitoring and analysis.

Good knowledge on networking concepts including OSI layers, subnet, TCP/IP, ports, DNS, DHCP etc.

Investigating and creating case for the security threats and forwarding it to Onsite SOC team for further investigation and action.

Create, Modify and Update Security Information Event Management (SIEM) Tools.

Perform Cyber and Technical Threat Analyses.

Experienced in Creating, updating, modifying and managing the Assets.

Hands on experience in Commissioning the Oracle, UNIX servers.

Hands on Experience Kali Linux, UNIX system.

Hands on experience in Managing Local Linux Users and Groups.

Good in Analyzing and Storing Logs.

Experienced in doing automation tool feasibility study, identifying automation scenarios based on application complexity, scripting, automation report generation and analysis of result.

Good leadership skills, adaptability Quality, & understanding of business processes.

The ability to communicate and work effectively with all facets of the corporation is expected along with expertise in communicating with Management Demonstrates competence and attention to detail in performing task activities

Mature, self-motivated, adaptable and an effective team player

Able to manage changing prioritizations effectively while ensuring timely delivery

Capable of responding effectively to queries and taking ownership of requests to final conclusion and within the designated time frames

Responsible for planning, scheduling, running and mitigating vulnerability and configuration scans in accordance with direction from the Director of Vulnerability Management

Coordinate and communicate with clients, gathering the client requirements and end-to-end test efforts.

Achievements

Red hat certified engineer (RHCE).

Red hat certified system administrator (RHCSA).

Certified Ethical Hacker (CEH).

Education

Degree

University

Year of Passing

Percentage

B. Tech

Jawaharlal Nehru Technological University, Hyderabad

(Bachelor’s Degree in Computer science)

2017

63

10+2

Narayana Junior college, Hyderabad

2013

83

10

St. Peter’s Model School, Hyderabad

2011

75

Technical Expertise

Testing Skills

Nmap

Tools

Qradar, LogRthym, McAfee DLP Endpoint, Fire Eye, Qualys, Nesus and related Tools

Operating system

Microsoft Windows, Unix, Kali linux, Linux

Scripting Languages

Batch Scripting, python scripting

Employment History

LOCUZ enterprise solutions pvt. Ltd., Hyderabad, India Sep 2019 - Present

Current role - Technology Associate - SOC

Project experience:

SOC (Security Operation Centre)

Security Operation Center (SOC) is the center where we mainly includes various cyber security phases such as IDS (Intrusion Detection System), IPS (Intrusion Prevention System), SIEM (Security Information and Event Management), Network Administration and Monitoring, etc. This are the processes that are to be managed in order to keep organization and its technical infrastructure along with their sensitive information from being by any malicious users and hackers.

Roles and Responsibilities:

Monitoring 24x7 for Security Alerts by using SIEM tool and similar sounding domains.

Created filters, active channels, queries, Rules, Dashboard etc. for monitoring purpose.

Work closely with business units to ensure how to forward data into QRadar and to create network hierarchy, classify Log Sources within the QRadar SIEM.

Detailed reporting of the incident with proper artifact and necessary recommendations.

Development and deployment of use-cases based on Client requirement. Performing Threat profiling with respect to Assets available to create custom use cases.

Creation of reports and dashboards and fine tuning of existing use-cases.

Perform trend analysis [weekly, monthly] on alerts triggered and improvements/recommendations will be suggesting to clients on the same.

Research and Investigation of Botnets, CnC and Ransom ware and Phishing attacks in the network.

Monitoring the customer network using IBM Qradar SIEM tool, LogRthym.

Performing Real-Time Monitoring, Investigation, Analysis of Security Events from Multiple log sources.

Escalating the security incidents based on the client SLA and providing meaningful information related to security incidents by doing in-depth analysis of event payload, providing recommendations regarding security incidents mitigation which in turn makes the customer business safe and secure.

Contacting the customers directly in case of high priority incidents and helping the customer in the process of mitigating the attacks.

Co-ordinate extensively with networking teams to maintain and establish communication to remote QRadar Collectors/Processors.

Troubleshooting SIEM dashboard issues when there are no reports getting generated or no data available.

Determine the scope of security incident and its potential impact to Client network recommends steps to handle the security incident with all information and supporting evidence of security events.

HSBC Software Development India Pvt.ltd, Hyderabad, India Mar 2019 – Sep 2019

Current role - Associate cyber security

Project experience:

IAM (Identity and Access Management)

Administer Identity and access management globally for user and functional accounts across multiple systems and applications. This includes on-boarding/off-boarding associated with access entitlements and terminations as well as emergency privileged Access management.

Responsibilities:

Perform IAM (Identity and Access Management) Operations tasks – User Account Administration / Profile Administration / Logs Review etc while providing access related assistance to the users.

Implement automation solutions to improve operational processes, including scripting and enhancements to existing workflows.

Also Familiar with various IT systems (Unix and Windows servers, Databases, Active Directory etc..)

Manage the privileged user’s access credentials.

Monitor, detect and respond to any anomalies related to privileged access.

Monitoring and evaluating system access controls as well as security features to protect data from unauthorized access.

Troubleshooting and resolving access management and provisioning workflow errors.

Establishes and maintains good working relationships with all IAM users.

Updating existing access management and provisioning workflows.

Work with team on project work to keep project going according to schedule.

CDA Technologies India Pvt. Ltd, Hyderabad, India Jan 2018 - Feb 2019

Role – Technical Assosiate

Project experience:

Client: Novartis, Hyderabad, India

Role: Information security and Risk Management

ISRM (Vulnerability management and Policy compliance)

ISRM Project objective, Vulnerability management (VM) is to yield a prioritized list of vulnerabilities for clients who already understand they are not where they want to be in terms of security. Policy Compliance (PC) is a cloud service that performs automated security configuration assessment. We will customize and deliver comprehensive reports to document progress for business executives, risk managers, auditors and other IT and Information Security stakeholders.

Technology: Linux, Qualys Tool, Nesus

Responsibilities:

Identify critical flaws in applications and systems that cyber attackers could exploit

Conduct vulnerability assessments for networks, applications and operating systems

Conduct network security audits and scanning on a predetermined basis

Use tools to pinpoint vulnerabilities and reduce time-consuming tasks

Perform vulnerability testing, risk analyses and security assessments

Use manual testing techniques and methods to gain a better understanding of the environment and reduce false negatives

Monitoring and checking Qualys guard health and all the appliances are online

Scheduling the scans, ensuring they have completed successfully. Reporting if any anomalies found.

Conducts periodic security testing of controls (vulnerability analysis, policy compliance, etc.)

Manually validate report findings to reduce false positives

Compile and track vulnerabilities over time for metrics purposes

Review and define requirements for information security solutions

Develop and maintain a vulnerability assessment database.

Commissioning the Oracle, UNIX servers.

Creating, updating, modifying and managing the Assets.

Knowledge of and familiar with identity and authentication management and their architecture

A working knowledge of vulnerabilities and configuration settings and their exploitation in order to gain access to networks, applications, hosts, and desktops

Work with internal business units to drive secure configurations in images used for desktops, servers, network devices, and wireless network devices

Responds to information security requests, incidents, and trouble tickets according to a defined SLA.

Participates in an on-call rotation for information security and resolve service outages within SLA.

Contact this candidate