Digital Analyst
Resume:
Atindranath Das
E-mail id: ***********@*******.***
LinkedIn: Atindranath Das
Contact No.: +91-984*******
Professional Summary:
An experienced, disciplined, strong investigative and problem-solving skills combined with a pragmatic approach, a fervent Cyber Forensic Analyst with 4+ years of experience combined in cyber security and digital forensics domain. Looking for a challenging opportunity in digital forensics and incident response domain to leverage my technical skills and also to explore my professional expertise.
Professional and Industry History:
DFIR and Threat Intel Analyst: UnitedHealth Group - OGS [Sep '19 – Till Date]
Multiple digital forensic and incident response cases analysis and reporting on Level 2 and Level 3
Triaging and Investigation using Splunk, FireEye Helix and ArcSight SIEM solution
Email investigation
Acquisition and forensic analysis using EnCase as primary investigation tool
Automated and manual analysis of logs for investigation purpose aggregated from various sources of IT Infrastructure
Proactive threat hunting
Perform Basic Static and Dynamic Malware Analysis Forensic and Security Analyst – MDR: Paladion Network Pvt. Ltd. [Oct '18 – Sep'19]
Executed multiple digital forensic and incident response cases for leading clients and covered spectrum of cases
Investigated and solved multiple cyber-attacks related to banking, phishing, policy violation, network, and Infrastructure, data theft, ransomware and VoIP attacks
Performed Digital Forensics (Disk, Memory and Mobile phone forensics) for leading clients for Financial Fraud, Bid Rigging, Collusion, Bribery, and Vendor/supplier due diligence.
Automated and manual Log analysis of logs aggregated from various sources of IT Infrastructure
Proactive Threat hunting and Creation of Use cases for SOC
Fervent member of Physical team (Red Team), scripting and creation of HID attack use cases
Performed Basic Static and Dynamic Malware Analysis Risk Consultant - Cyber Forensic Analyst: KPMG India [Apr '17 – Oct'18]
Executed multiple incident response cases for leading clients and covered spectrum of cases
Investigated and solved multiple cyber-attacks related to banking, phishing, policy violation, network, and Infrastructure, data theft, and ransomware attacks
Performed Digital Forensics (Disk, Memory and Mobile phone forensics) for leading clients for Financial Fraud, Bid Rigging, Collusion, Bribery, and Vendor/supplier due diligence.
Automated and manual Log analysis of logs aggregated from various sources of IT Infrastructure
Performed Basic Static and Dynamic Malware Analysis Digital forensic Analyst- Forensics Technology: CCFIS Pvt Ltd [Dec '16 - Apr '17]
Analysis, Implementation and Training of Digital forensic lab
Active Participation in Digital Forensics and Incident Response
Log Analysis of different type aggregated from various components of IT Infrastructure
Day to day Security operation and management at Digital forensic lab of Amity University
Static and Dynamic Malware Analysis
Performed Disk and Mobile phone Forensics for various clients Digital Forensic Analyst Trainee: Data64 Pvt. Ltd. [Mar. '16 – Sep. '16]
Hands On experience on Forensic Hardware – Hancom GMD's Mobile Forensic Kit, Paraben
Worked on Forensic Framework – DEFT, Helix 3, Volatility, Sleuthkit (+Autopsy), Kali Linux exploit tools
Fervent with Disk Forensic and analysis Tools – Encase, FTK, Axiom Internet Evidence Finder
Worked on following Network Forensic Software:
o TCPDump (+Windump)
o Wireshark
o Cain and Abel Packet Sniffer
Performed cases in Encryption and Steganography software’s, used Hex-Editors – WinHex, X-Ways Forensics, dtsearch for keyword searching
Technical Skills:
SIEM and Log Management Analysis: Sound knowledge of SIEM, Implementation of Splunk and ELK, Good at Analysing logs of various IT Infrastructure components, like: Windows, SIEM, Apache, IIS, Nginx, FTP, SSH, DHCP, DNS, Switch, Routers, Various Firewalls, NIDS, End-Point Security, DLP, Anti-Virus, Mac OS, Linux, Access Logs,Office365 Message Tracer logs, Audit logs and Others. Approach for analysing logs with respect to Forensics Incident Response Investigation and SIEM. Also provided Training on SIEM, Splunk, and Log analysis for different sources.
Forensics Incident Response: Having very strong analytics, investigative and pragmatic approach, executed multiple engagements for leading clients in Incident Response. Have performed process of Incident response by:
Identification, understanding and Interview of client for the incident.
Evidence collection and containment by Triaging, Imaging, Recovery and advisory
Tracing the source of incident by analysing and investigating using triage report, image and logs.
Report and Recovery by final incident reporting, advisory, assessment and training. Sound understanding of Cyber Kill Chain, TTP, The Diamond Model, SANS FOR578 and Active Cyber Defence Cycle. Have performed Incident Response for various cases of:
SWIFT Attacks and Banking Heist
Malware Attack
Phishing Attacks
VoIP Attack
Suspicious Network Activity
Data Theft
IT Policy Violation
Denial Of Service Attack
Investigating the evidence by analysing Web artefacts, documents, Mails box, LNK file, Shellbags, message tracer logs, mail audit logs, Startup Items, Registry-HKLM HKCU, Windows event logs, Mac OS unified system logs, SWIFT logs, Web application logs, and others. Tools and Technology Used: Use of Tableau and Flacon write blockers for forensic acquisition, EnCase(v6, v7 and v8), DFIR Triage Toolkit, Sysinternal Tools, Mandiant Redline, Memoryze, LiME, Belkasoft, FTK, AXIOM and Magnet Internet Evidence Finder, Nuix, Glogg, SOF-ELK, GRR Rapid Response, Tcpdump, Volatility, OS Forensics, OSX Collector, Wireshark, Threat Intelligence, Virustotal, Cuckoo, Anyrun Malware Analysis, Comprehensive Log analysis with Glogg, Splunk, Excel and Others
Digital Forensics: Executed engagements of Financial Fraud, Bid Rigging, Collusion, Bribery, and Vendor/supplier due diligence. Performed Imaging for Windows, Linux and Mac OS, Image processing, Data Recovery, Data Carving, Repairing, Indexing, Searching, Analyzing, Investigating and Reporting. Tools: EnCase, Nuix, Intella, UFED For Touch cellebrite, Oxygen Forensics, AXIOM, Magnet Internet Evidence Finder(IEF), Falcon, Tableau Kit, FTK Imager, ABBYY, Passware Kit, Paladin, Guy Imager, AOR, EaseUS Tools, and Other.
Threat Intelligence: Implementation, Collecting Information, Correlating Events and Analysis using Modern Honey Network(MHN), Dionaea honeypot, HoneyD, Dionaea-FR, Scrumblr, Cisco GOSINT, IntelMQ, Virustotal, Cuckoo, Hybrid-Analysis, AlientVault OTX, IBMs Xforce, FireEye intelligence, Malware patrol and others.
Malware Analysis: Tracing, Extraction and Analysis Malware using Basics of Static and Dynamic Malware Analysis. Tools Usage: Cuckoo Sandbox, PEiD, UPX, Dependency Walker, PE View, PE Browse, PE Explorer, FakeNet, Binwalk, Resource Hacker, Procmon, Process Explorer, Autorun, Regshot, Tcpdump, Volatility, RegRipper, RegShot, Wireshark, Hybrid-Analysis, Malwr, Virustotal, REMnux, Sysinternal tools and Others.
Network Vulnerability Assessment: Information Gathering and Enumeration Tools, Nessus, Nexpose, OpenVAS, Metasploit Framework, Exploit-DB, Nmap, Wireshark, Tcpdump, Netcat, Tor's Hammer, THC- Hydra, & others.
Programming: Basics of C, C++, HTML, JavaScript, PHP, Python Certifications:
Certified Ethical Hacker (CEH)v9 by EC-Council
EC-Council Certified Incident Handler (ECIH)v1 by EC-Council
RHEL Certification RHCSA and RHCE v_7, trained by CMS IT solutions ACADEMIC BACKGROUND
Degree/ Course University Year of Passing
B. Tech (ECE) Bharath Institute of Science and
Technology, Bharath University
2015
HSC Kendriya Vidyalaya, CBSE 2011
SSC Kendriya Vidyalaya, CBSE 2018
Interpersonal Skills:
Working hard with smart approach, and believes in pushing the limits.
Organized and have capability to handle work in more than one field.
Capability to work under pressure, with co-ordination with team.
Curious, innovative, and sincere approach towards work.
Good and clear communication skill.
Personal Details:
Father’s Name: Rathindranath Das
Date of Birth: 18th February 1993
Gender: Male
Language Known: English, Hindi, Bengali and Gujarati.
Permanent Address: Flat No. 2, Plot No.110, Vrindavan Apartment, IP Extension, Patpargunj, New Delhi - 110092
Contact this candidate