Associate Security Support Analyst
Resume:
Puneeth Kumar Raya
**********@*****.***
Address: *-**,
Chinna Gorpadu, Pakala,
Chittoor, Andhra Pradesh,
India – 517112
Summary
Cyber Security Professional with 7+ years of experience in IT security, the past 7 years which have been spent overseeing the end-to-end IT security architect, testing and assessment of public cloud and non-cloud infrastructure.
Expertise in implementing Open Source/Enterprise SIEM Solutions and integrated with various event sources.
Expertise in implementing Malware analysis tools.
Expertise in implementing Centralized Access Management Solutions.
Expertise in implementing DLP Solutions for Workstations.
Strong experiance in tools and technologies being used in the cloud environment to provide security controls and assessments of the applications.
Expertise in implementing Open Source Network Intrusion Detection System Tools.
Worked extensively on customized OSSEC Rules for Host-based Intrusion Detection System.
Experiance in documenting existing process, analyze and propose efficiencies for a security posture.
Experience in security incident management and vulnerability management processes.
Collaborates across multiple teams to achieve secure and efficient Cloud / on-premises integrations and aligns activities to achieve the future state capabilities.
Compliance Experiance with SOC 2, ISO 27001.
Experiance in defining process for User access and authorization accounts reviews periodically.
Experience in defining customized rules in EDR.
Experience in implementing patching strategies for an Organization.
Experience in handling RFP’s from sales and customer assessment questionnaire.
Adaptability, Keen attitude to learn and explore, Initiative, Commitment, Proactive.
Accustomed to handling sensitive, confidential records.
Experience in integrating various cloud service providers with Cloud Posture Management tools.
Significant Achievements / Skills / Expertise in Tools & IT platforms
Cloud Services
Amazon Web Services (AWS), Azure
Security Compliance
ISO 27001, SOC 2
Cloud Posture Management
Rapid7 Insight Cloud Sec
Centralized Access Management
AWS SSM, Azure Bastion, CyberArk
Data Loss Prevention
Microsoft DLP, Endpoint Protector
Operating Systems
Linux, Windows
Scripting
Powershell
Security Testing Tools
Nessus, nmap
Application Security Assessment
Trustwave Trustkeeper, Appcheck-NG AppScanner, Nexpose
SIEM Tools
Rapid7 Insight IDR, ELK for log aggregation
IDS
OSSEC, Wazuh
Patch Management
AWS Systems Manager, WSUS
End Point Management
Symantec Endpoint Protection, Windows Defender ATP
SSL/TLS Certificate Management
AWS Certificate Management, GlobalSign, GoDaddy CA’s
Encryption/PKI
KMS (Key Management Service)
WORK EXPERIENCE
Company: Planview India Pvt. Ltd, Bangalore.
Designation: Security Architect Lead
Work Period: Jan 01, 2022 – Present
Responsibilities:
Leading technical analysis and recommendations on vendor security products based on functional, security and operational requirements.
Working closely with subject matter experts to develop and deliver a complete security architecture solution.
Reviewing and assessing the plans for implementation to ensure robustness, adherence to standards and processes, and delivery of stable and scalable solutions.
Reviewing current system security measures and recommending and implementing enhancements.
Presentation of Security maturity of organization to senior management on a regular basis.
Promptly responding to all security incidents and providing thorough post-event analyses.
Responsible for asses, design, implement, test and automation of information security solutions leveraging AWS and other third-party solutions.
Working closely with Security consultants to work on new Security tools and do the POC.
Being part of active Risk assessment with management.
Creating CSPM guidelines for the organization.
Working with engineering team to deploy Security Policies and framework.
Closely working with R&D teams to incorporate Security framework and enhance on more automation.
Designation: Security Engineer
Work Period: Oct 19,2020- Dec 31, 2021
Responsibilities:
Responsible for asses, design, implement, test and automation of information security solutions leveraging AWS and other third-party solutions.
In-depth knowledge of tools and technologies being used in the cloud environment (SaaS) to provide security controls and assessments of the applications.
Implemented Centralized Access Management solution for Planview infrastructure.
Implemented DLP Solution for Planview Workstations.
Implemented AWS GuardDuty, Cloudtrail to detect, investigate and respond to the potential security incidents.
Implemented security architecture principles (Network segmentation,encryption, logging and multifactor authentication).
Implemented Open Source Malware analysis tool- Cuckoo
Implemented Custom Detection Rules in Windows Defender ATP for various Use cases.
Administrating and managing Rapid7 InsightIDR SIEM tool.
Installing and configuring Rapid7 Agent on customer critical servers and managing the agents
Applying Agent-level filters, creating Aggregation, correlation rules, and fine tuning the events.
Responsible for security integration of new organizations which was acquired by Planview.
Preparing SOP (Standard Operations Procedures) and sharing it with internal Teams for the resolving issues.
Responsible for defining Hardening Standards for Planview Workstations, Cloud Environments and Network Devices.
Documented existing/new security architecture diagrams.
Company: SDL Technologies India Pvt Limited, Bangalore.
Designation: Cloud Ops Associate Security Engineer
Work Period: May 23,2017-Oct 16,2020
Responsibilities:
Responsible for asses, design, implement, test and automation of information security solutions leveraging AWS and other third-party solutions.
In-depth knowledge of tools and technologies being used in the cloud environment to provide security controls and assessments of the applications.
Implemented AWS GuardDuty, SecurityHub to detect, investigate and respond to the potential security incidents.
Implemented security architecture principles (encryption, logging and multifactor authentication).
Good understanding of IAM and cloud use cases.
Conduct security architecture reviews of planned cloud migration initiatives across the organization.
Compliance experience with SOC 2, ISO 27001.
Implemented ISO 27001 ISMS and SOC 2 attestation report for SDL cloud operations.
Own the maintenance of security controls for ISO 27001 and SOC 2 compliance.
Handling risk assessment as part of ISO 27001 and SOC 2.
Responsible for handling RFP’s from sales and customer assessment questionnaire.
Support configuration of Load balancers.
Implemented security incident response plan and security management documents.
Performed vulnerability assessment for SDL SaaS applications and internal applications using Nessus.
Knowledge of cloud cost management tooling, such as: CloudHealth
Implemented User access and authorization accounts reviews periodically.
Performed security compliance testing, vulnerability assessment, server hardening, and automated compliance testing, while also developing key infrastructure implementation guide and multiple IT security guidelines for private and public environments.
Presenting security risk to the business leaders and quantifying real world impact of security findings.
Implemented patch management in SDL Internal and SaaS servers.
Responsible for managing Antivirus solution.
Company: Unilog Content Solutions, Bangalore.
Designation: Support Analyst
Work Period: July,2015-May 19,2017
Responsibilities:
Monitoring the infrastructure for alerts to ensure there are no downtimes using PRTG, Zabbix.
Working on Incident Managements on a daily basis for issues or tasks related to customer products.
Performing Application upgrades, Customizations and installing hotfixes on products.
Performing new Server builds in vCenter and performing Quality analysis.
Performing a Downtime Investigation for the Monthly Uptime Report.
Managing an Off boarding Request for Infrastructure Decommissioning, Internal Tools Clean- up, and Customer Communication.
Involving in ESXI host maintenance activities.
Performing patching activities on Application and DB servers.
Escalate issues to Tier II engineers as appropriate.
Performing Test Restore of SQL Database on monthly basis.
Participate in maintenance rotation, installing application hotfixes and upgrades on a monthly basis.
Follow all change management processes and procedures and consult on peer and technical reviews of changes.
Preparing Runbooks for daily activities.
Core Competencies
Academics
B.E(Bachelor of Engineering) with Computer science with 7.74 CGPA in SCSVMV University(Kancheepuram).
Year of Passed : 2014
Certifications:
AWS Certified Solution Architect – Associate
ComTIA Security+ SY0-601
Trainings:
AWS Solution Architect – Associate from Udemy
ComTIA Security+ Course from SimpleLearn
Contact this candidate