Post Job Free
Sign in

Power Plant Information Security

Location:
Vasant Nagar, Karnataka, India
Posted:
September 14, 2021

Contact this candidate

Resume:

Carrier objective

My objective is to utilize my skills and apply my knowledge which would enable me to grow while fulfilling organizational goals.

Having 4+ yrs of experience in IT industry, 1yr experience in Power Electronics & 7 months in Power

sector

Certified in Cyber Security, Information security, Cloud Computing, Project Management for managers,

Electric vehicles, Embedded system, IoT

Skills & Certification

Cyber Security Network Security Cloud Computing Project Management for managers

Academic Qualification

Qualification

University

Year

Percentage

B.Tech (Electrical & Electronics Engineering)

Visvesvaraya Technological University

2010- 2014

71%

Intermediate

Pre-University Education

2010

70%

School

Karnataka Secondary Education Examination Board

2008

85.44%

Work History

Company

Capgemini

Role

Associate Consultant

Duration

Mar 2017 - till date

Certification

Cyber security & Network security

Task

Activation & addition of devices, rules etc

Aligning organization strategy to cyber strategy

Automation of the deployments, configuration of management tools, monitoring compliance with standards & established control objectives, application security.

Audit & review IT compliance

Budgeting for equipment & assembly costs.

Checking & verification of security policy, network architecture diagram, corporate network is segregated, adherence to the SOP

Design & develop cyber security controls, automated analysis tools, plans and roadmap.

Development & documentation of security incidents & resolution, system & network configuration, installation, cabling layouts, design, change controls, exceptions, formal reports, security operations processes, security technology roadmaps, best practices, Standard Operational Procedures, dashboards (Splunk) and reports, information security / cyber security policies and procedures, cyber strategy roadmap, helping in implementation

have experience in working in teams and managing internal and external stakeholders

Strengthening of organizations business continuity posture

Periodical assessment & analysis of vulnerability, security alerts\incidents, risk (end-to-end Information Security & third party), KPI reports, network performance, network traffic, malware, behavior, forensic data breach, data collected from scan tools, network, mobile application & web application penetration testing, processes within SaaS, IaaS, PaaS environments, AD Security, captures on Routers & Firewall, results or data collected from scan tools such as vulnerability scanners & application scanners, Security information and event management (SIEM), security of information, cyber, network (wired & wireless), existing applications, technology, VOIP, root cause, any errors /deficiencies pointed out in the monitoring service, Cloud Risk, Vendor risk, business impact, security incident analysis for Application security and System, System log, metrics, all-source, complexity, statistics, log files, history of connections, history of connections, hardware facilities, software installations, code listing, timelines, VMs, Modus operandi, response, human behaviour, stylometry, Risk assessment of new activity and consulting solution from security perspective to the new project deployment, Security Risk, third party risk, privacy risk, Privacy Impact, Application/Infra risk, the risk assessment from Cyber Security, Business Continuity and Privacy perspective

Configuration, troubleshooting & administration of user creation, network devices & product, security protocol, Switches, Firewall (Baracudda Web Application), load balancer (Server load balancer(LTM), Global Load Balancer(GTM)), Routers (Mikrotik) OLT, ONT, CMTS, VoIP, WAF, NGF, Big IQ Centralized Management Console, security, policies in to Firewalls and WLCs, security policies to control physical and virtual access to systems.

Coordination / work closely with end users, customer, external auditors, vendors, privacy team, global team, security leads, network & server team, technology owners in case of any new threats is observed, IT teams, 3rd parties for incident, change and problem management, with functional SPOCs, technical architects, customers on queries and improvements related to service deliverables, client and Accenture operations teams

Communicate internal data protection policies & processes to employees, customers, members etc

Conduct formal tests on web-based applications, networks, computer systems on a regular basis, data protection impact assessments (DPIAs), internal & external PT in the guidance of external auditor, employee security awareness training

Consulting with business partners to clarify & define project requirements, budgets, business cases, statements of work, projects, technology / service maturity

Creation of security-related policies & processes, incidents upon alert validation in the monitoring tool against the correct Configuration item (CI) with SOP provided. SOP based changes e.g. Move Add Change Delete (MACD), procedures, new test cases, reports/presentation, reports of vulnerability, penetration test results, project deliverables /reports, documents

Debugging of network traffic and packet information

Defining network security policy, roles and responsibilities, the security architecture

Deployment of Baracudda Web Application Firewall, Apache/Tomcat, VPN, network infrastructures such as involving routing, switching, Firewalls, load balancers, routers, enterprise applications in Azure cloud, Designing solutions as per customer requirements, new network, Architecture concepts, software components in Rhapsody, IT infrastructure, Network, new network solutions, Data Privacy Policy

Define security requirements / guidelines, security architecture,

Development of architecture plans for voice & data services, system architecture, security policies, plans for patching of infrastructure components, PCI Control Framework

Design of FTTH, network security, roadmap, secure network connectivity, security controls, best practices, security architectures, infra and network security solutions

Determing the networking needs

Drive to resolution

Enabling wireless & wired connectivity

Engineer solutions for endpoint security technologies, network security technologies, SIEM technologies, Intrusion Prevention technologies, Web Gateway technologies

Enhance the security posture of IT assets, network and information

Ensuring delivery of security operations, technologies are configured appropriately, maintenance of records of processing operations. mechanisms are in place to identify and respond to personal data beaches, all threats at customer environment are detected and notified in timely manner, new systems comply with Cyber Assurance standards, Compliance with industry standards like ISO 27001 and NIST Standards, that the organization's data and infrastructure are protected by enabling the appropriate security controls, it meets the business requirements, performance goals security architecture, ensuring that it meets the business requirements and performance goals.

Enhancing existing offerings, Data center, managed security services, infrastructure managed services, solutions, integrity, confidentiality and availability of information, full coverage of the vulnerability discovery, best practices, compliance to internal and external audits through the enforcement of policies, procedures, automation and internal controls awareness / education, personal data in the organization is identified, classified and inventoried.

Estimating impact of cyber threats on Financial, Productivity, Safety, Security for an organization.

Evaluation of vendors, emerging techniques, and technologies, engineering processes for potential improvements, impact of current security trends, advisories, publications, enhancements, business requests, security standards, procedures and guidelines

Execution of penetration testing

Expertise across a variety of security products.

Fine tune performance aspects,

Hands-on experience with leading cloud servicing platforms, Nessus VA tool

Identifying & communicating to stakeholders the risks, threats, improvements, security crisis, Security breaches, false positives if any and report, resolution, vulnerabilities, patches, application security defects, new versions of security products to ensure security technologies stay up to date, solutions, potential integration issues, security gaps, overdue system remediation efforts, scan problems, vulnerabilities, network traffic, packet information, continuous improvements in monitoring including threat scenarios and operating procedures, vulnerability in the network and network devices and can provide resolution to remediate them

Implementation of program, procedures, performance metrics, status reporting, patches, software requirements for firmware components, customer features with quality & hardware, security technology roadmaps, Cyber Security features in software, SW Design in code using Rhapsody / Embedded C to MISRA standard, Information Security Management System based on the ISOIEC 27000, PCI, HITRUST standards. Enhancements, new network solutions, internal controls that will provide the client organization with protection from compliance risk, Data Privacy Policy

Installation of WAF, NGF, Server Load balancer(LTM), Global Load Balancer(GTM) and Big IQ Centralized Management Console, Web Application firewall, network equipment including routers, Firewalls, Core switches, WAN accelerators, SD-WAN

Implementation of SNMP, remote servers monitoring tools, Security technologies in cloud environments, perimeter security controls such as firewalls, IDS/IPS, WAF, network access controls, and network segmentation etc, infra and network security solutions, activities to improve compliance with internal policies and standards and internal and external audits, automated security mechanisms such as VA/PT, IDS/HIDS and auditing.

Improving the efficiency of current networks

Investigation of security alerts\incidents from SIEM, faults in the network, phishing / malicious emails

Integrate automation tools like Jenkins, Jira etc

Leading major global programs, technical engineering, design work

Managing program/project related risks according to the Project Management Policy, incident management, vendor management, user problems, SLA, Security projects like SIEM, Firewall Migrations, 2FA, V Proxy, DDOS, waf, cyber, cloud, telecoms and hardware, user problems, SLA, Security projects like SIEM, Firewall Migrations, 2FA, V Proxy, DDOS, WAF, cyber, cloud, telecoms, iRule, and hardware, Security POCs & POVs, quality Inspections, Security Strategy team, product security incident response, various scanning tools, Vulnerability, subcontractors involved with network installation, Team, Client, enterprise applications in Azure cloud, compliance to various information security & data privacy standard, regulations. adherence to policies and procedures, policies, procedures and standards related to Information Security Management System, updated knowledge in the field of risk management and compliance to efficiently work on frameworks & Standards including ISO27001, SOC2, CSA Star, GDPR etc., application which included incident & problem. Maintain a log of any incidents and remedial recommendations and actions, Cyber Strategy, Information security governance, risk and compliance, incorporation of applications into the SDP process, Threat Intelligence, brand monitoring process, Incident Response, Incident Forensics, security operation and maintenance of large production network (more than 10K servers), common algorithms on machine learning, Firewall, Proxy, IPS (Fortinet, Palo Alto, Checkpoint, Cloud proxy, security device, SIEM (QRadar). end-to-end Information security, cyber security for its organizations

Maintenance of System, workstation and server security, security, backup and redundancy strategies, hardware, software and network firewalls and encryption protocols, PCI Control Framework, going compliance

Mitigation of the security events, vulnerabilities,

Modeling of threat

Monitoring of capacity of data center devices, Network, insights gathered from these sensors for threats, health checks on VPN devices, Vital Parameters of the proxy: number of sessions, CPU, Memory, Connectivity issues: Link, Network Capacity, errors, Firewall Essentials: Logs generation, CPU, memory, error message: Interface or environmental parameters (Temp, Power), Performance, security alerts, IT security controls, logs in the Log Collection Solution, vulnerabilities, security incidents, SIEM, network security, SOC, known and or emerging threats, network infrastructure logs, system logs, Timely closer of Network Tickets, Network traffic, Bandwidth utilization, Device failure from monitoring tool, effectiveness of control measures, compliance with laws, regulations, and policies, control effectiveness, metrics of Organization's compliance with Data Privacy requirements, production activities of on boarded applications, cyber incidents, security systems, compliance with company policies and procedures.

Onboarding of new applications into the Separation of Duties (SDP) process

Organizing training for end users

Penetration testing of wireless,

Performing periodically system and application VAPT (Vulnerability Assessment and Penetration Testing) using automated and manual approach, asset and network discovery activities, cyber threat intelligence, threat actor based investigations,

Proficient in Incident Management and Response

Procuring network equipment

Provide input into the creation of the annual IT Security budget, technical guidance.

Planning of new product/service roll out, layout, bandwidth allocation for SDC LAN & Financials in consultation with the products, sales & engineering teams drives product engineering, delivery and customer lifecycle management, Network Service Providers to provide appropriate connectivity to various departments via routers, security architectures, automated security mechanisms such as VA/PT, IDS/HIDS and auditing.

Presentation of risks to key stakeholders, business partners and RISOs.

Preparing efforts estimates for all infra and network security solutions

Providing Tier4 level consultation/troubleshooting, technical design / architecture advice to internal teams, training and feedback to Security Analysts to ensure high quality deliverables, administrative and technical assistance in the management of information security such as developing, monitoring and enforcing practices Assist in investigations regarding data breaches as per applicable privacy laws and undertake reporting/remedial action as required.

Recognition of cyber intrusion events, attacks & compromise events via analysis & review of security log events

Recommending solutions, new security techniques, network upgrades, security improvements, optimal solutions to meet security and regulatory requirements,

Renewal of license & certificate

Remediate findings for on-prem devices, remote workforce, cloud assets, and virtual devices.

Reporting performance to Senior Management, security incidents, discovered vulnerabilities, newly identified vulnerabilities

Resolving any critical issues, security alert, network issues & proxy related issue with advance troubleshooting & coordination with onsite support teams and vendors, customer security questionnaires,

Review of configuration, design, network architecture & infra, requirements, security to ensure compliance with defined standards, secure code, security log events, technical reviews of new and existing IT systems, current technologies as implemented to identify possible enhancements, Secure Code, data privacy compliance reviews across various countries, Security Architecture

risk assessments for variety of Information assets such as Infrastructure, Business and Enterprise scale applications, Commercial of the shelf Software, Ingress and egress, Data sharing, IT General Controls, GLBA, SOX, Private Cloud and etc, of Incidents to ensure compliance with standard operating procedures, network, server, firewall and antivirus configuration & logs, Inventory complete IT, information security, incident response plan, Security Architecture

Selection of vendor solutions, technologies, methodologies & Frameworks.

Segregating servers in appropriate VLANs as required by SDC security guidelines

Setting up of network, any cloud environment, VPN Tunnel, scheduled upgrades

Support network equipment, specifically Cisco products, Infrastructure support for security operations, Managed security Services (standard and custom offer), Business continuity planning and Disaster Recovery plan

Translation of complex security risks to dollars

Testing of all elements of the network (software, Application, network penetration, Web Application Penetration, Thick Client Application Penetration, deployed security solutions

Troubleshooting of layer (L2 to L7 layer), OSI Model, high priority issues, during installation, runtime

Tuning of performance, alerts,

Providing subject matter expertise, advice & technical leadership to the team

Understanding customer requirements,

Updation of SD SOPs, application technology Matrix, Architecture diagrams, Run book, software, new releases, network equipment to the latest firmware releases, cyber threat landscape, servers within the CDE periodically, Inventory complete IT

Simulation of attacks on networks, firewalls, operating systems, web applications

Supporting the global network, routers

Uploading the applications to be tested

Upgradation of Firmware, Software. security systems, Application Technology Matrix, Architecture diagrams, Run book, SD SOPs etc

Validation of data, policies & regulations compliance requirements with enterprise standards, etc

Verification of application results by conducting system audits of technologies implemented, Firewall policy, adherence to company security policies and procedures of Firewall policy, application results by conducting system audits of technologies implemented.

Work on continuous improvement

Cyber Incident Response

Regulatory compliance assistance in Cyber for some of the key sectors including Telecom, BFSI, Oil and Gas, IT/ ITeS, Retail and others

Exposure to international standards like NIST, CIS 20, ISO27001, ISO 22301, ISO 20000, PCI-DSS, certifications like CISA, CISSP, CIPP, CIPM

Company

RECPDCL (Team lease Payroll)

Position

Site engineer

Experience

Dec 2015 – Jun 2016 (Contract)

Domain

Power sector

Client

BESCOM, APSPDCL

Skills

Survey & inspection

Task

Collaboration with team, power utility personals & contractors

Design of systems installations

Development of maintenance & operating standards for electrical & electronic systems & equipment

Erection of Terminal Bays,

Estimation of material, cost & time

Execution of switch yards leveling, Earthing of fence, Bus bar connections, earthing

Foundations of Protective devices. Isolators, lightning arrestors, Circuit breakers, CTs, PTs,

Inspection of power distribution system.

Installation of Circuit breakers, HT/LT metering arrangement in 33/ 11 KV new sub-station Distribution Transformer, New 132KV, 220KV Transmission lines and 220KV Substation, Earth Mats, auxiliary supply system, Station Lighting System,

Laying of cables, stringing of conductors

Management of distribution network, system operation, Project site handling, all aspects of the project

Monitoring of the project (Technical, Physical and Financial)

Oversee smooth implementation of the project in the allocated districts

Planning of monthly work, for quality work with adequate safety measures,

Prepare detailed work plan of the activities and tours with timelines

Submission of weekly reports on the status of implementation

Reporting of plans, reconciliation of consumption statement of High Value items, project status,

Supply & erection of equipment, tower,

Survey of plans, transmissions projects, distribution networks, Transmission line route, line profiles

Quality control, surveillance & check of Feeders as per the approved drawings and generating, of at Sites

Selection & placing of optimum Tower types,

Supervising/overseeing the construction of tower bases, foundations and erection & stringing of conductors and usage of machinery, equipment and tools used for stringing work.

Testing & commissioning during execution of the work.

Company

Real Power Vision

Position

Trainee

Experience

2014 - 2015

Domain

Manufacture

Client

Zeal tech, TMI system

Skills

Power electronics, MS Office, OrCAD

Task

Circuit design, development, testing, simulation and verification of Power Electronics system

Proficient in Power supply, assembly and testing

Power converter topologies DC/DC, AC/DC, DC/AC converters, thermal considerations Buck, Boost, Fly back etc

Switching and Energy storage components

Manufacture of Power supply, variable capacitor, resistor, inductor, Motor control box & IC trainer

Soft skills

Ability of taking Decisions Decision making Quick learner

Adapt to change Dedicated Problem solving

Analytical skills Highly motivated

Academic Project details

Project Name

Smart phone based automated irrigation system

Technology used

GSM, Andriod OS, Java for application development, PCB designing, procurement of components, testing of electonic components

Description

Usually power will be given to agriculture field in the off peak period so to help the farmer for mobile operation of motors we have implemented this project.

Vocational training

Service of solar water Pumps & Compressor at Sathya Sai Electrical works

Solar PV system at Echo soch

Eco friendly servicing of air conditioners

Industrial visit

Diesel power plant in Bangalore

Thermal Power plant in Raichur

Hobbies & Interest

Reading, writing & publishing articles

Browsing, drawing, cooking

Personal details

Date of Birth :- 28th January 1993

Language Known:- English, Hindi, Kannada, Marathi

Declaration

I do hereby declare that the above information is true to the best of my knowledge.

Place: Date:

Dheeraj C

Address: No 23, Priyadharshini Layout, Kadbagere, Magadi

Mobile Number – 740-***-****

Email ID – ********@*****.***

, Matadahalli, Karnataka



Contact this candidate