AMAN TYAGI

***, ********** *****, *****, ** - ***41 • Contact No: +1-484-***-**** • E-mail: adyrua@r.postjobfree.com Summary

• Diligent Cybersecurity professional with expertise in Information Security, Incident Response, and SOC Operations.

• Proven track record in monitoring and safeguarding large organizations against cyber threats.

• Specialized in enhancing security protocols and implementing effective risk mitigation strategies.

• Proficient in identifying and responding to security incidents, ensuring rapid and precise resolution.

• Adept at analyzing security logs and data to proactively detect potential vulnerabilities.

• Skilled in implementing security measures to protect sensitive data and maintain regulatory compliance.

• Collaborative team player with a strong commitment to maintaining a robust cybersecurity posture.

• Constantly staying updated with the latest cybersecurity trends and emerging threats to adapt defenses accordingly. Summary of Experience

Coforge Team Lead (Cyber Security Services) Dec 2020 to Apr 2023 HCL Technologies Senior Specialist (Cyber Security – IR Team) Mar 2019 to Dec 2020 Wipro Administrator (Global Cyber Security) Nov 2017 to Jan 2019 Renovision Automation Network Engineer and NOC Lead June 2014 to Nov 2017 Vyapar Nayak Newspapers Desktop Support Engineer Aug 2013 to May 2014 Detailed Experience

Coforge, Team Lead (Analyst - Cyber Security Services) - May 2022 to April 2023 Client: SEI Investments

SEI deliver technology and investment solutions that connect the financial services industry. Responsibilities:

• Managing Cyber Security operations for US based client while leading a team of 15 members.

• Conduct continuous analysis of security threat information (viruses, malicious code, industry events, hackers and zero- day exploits, DDOS attacks, IDS/IPS and SIEM alerting, etc.) to proactively assess and investigate emerging threats and potential impact to organization’s operations and systems.

• Deploy endpoint detection and prevention tools to thwart malicious hacks.

• Ability to identify and mitigate vulnerabilities within the network, compute platform, and application environment.

• Triage and drive vulnerability issues to a thorough, immediate, and effective conclusion.

• Working with the MITRE ATTACK Framework and YARA rules to identify any security threat.

• Experience with implementing managing and monitoring security infrastructure and tools.

• Establish the core set of objectives for the IAM solution.

• Identify core stakeholders to help with identity mapping and defining user access rules.

• Strong knowledge of or experience with state and federal regulations around identity management.

• Protecting the sensitive data within the system and securing the system itself.

• Ability to determine when role-based access control methods can be used to provision access.

• Work with business and solution owners to identify and maintain user role definitions.

• Experience with security tools such as SIEM, IDS/IPS, DLP, EDR, NDR, and other security related technologies.

• Monitor and recommend changes in standards that affect application security, around privacy and identity theft.

• Working knowledge and Cloud based Security (AWS, Azure).

• Working technical knowledge of Network Security and Firewalls.

• In-depth understanding of common operating systems (Linux/Windows), networking protocols, application security, databases, and Internet applications development.

• Ensure effective coordination with team and clients.

• Indulging regular meetings with the Internal / Client Security team to review the results and mitigation performed on threats that have been detected over the period.

• Planning security awareness training and maintaining playbooks. Analyst (Cyber Security Services) - December 2020 to April 2022 Client: SEI Investments

SEI deliver technology and investment solutions that connect the financial services industry. Responsibilities:

• Investigate, document, and report on information security issues and trends that are observed through security monitoring.

• Investigate phishing / Spam incidents reported through various channels.

• Perform remediation for the threat detected during analysis of alerts generated in system.

• Monitor implemented network and other security control activities and perform threat analysis on traffic which includes Vulnerability/Exploit detection, virus detection and identification of false positives, evasion detection and more.

• Create tickets in a help system for threats found during traffic / alert analysis.

• Fine tuning of the alerts.

Skills: SOC, Phishing and Malware Analysis, Endpoint detection, Intrusion detection and prevention, MITRE Framework and YARA, Incident Response, Following security frameworks and compliance standards, Team management. Tools: Crowd strike, Palo Alto, Perch Security, Graylag, Twinwave, Cisco Email gateway, Abnormal Security. HCL Technologies, Senior Specialist (Cyber Security – Incident Response Team) March 2019 to December 2020 Client: Becton, Dickinson and Company

Becton, Dickinson and Company, also known as BD, is an American multinational medical technology company that manufactures and sells medical devices, instrument systems, and reagents. Responsibilities:

• Managing Cyber Security operations for US based Healthcare Company.

• Working on Cyber Security and privacy Incidents reported in client environment.

• Triage of Incidents based on the severity within defined SLA.

• Involving all relevant teams for investigating the incident and sharing regular status updates to Stakeholders.

• Reviewing IDS/IPS events and identify anomalous activities or potential network security risks.

• Investigating phishing / Spam incidents reported through various channels.

• Preparing detailed Root Cause Analysis of Incident and involving counterpart associates in finalizing it.

• Responsible for analyzing and investigation of security alerts triggered by RSA Net witness.

• Preparing Daily, Weekly Security Operations reports, dashboards and presenting it to client over call. Skills: Cyber Security Incident response, SOC, SIEM analysis and remediation, phishing email analysis, Malware Analysis. Tools: Proof point, Crowdstrike, Palo Alto, RSA Net witness, Fire-eye (HX/NX), Service Now. Wipro Limited, Administrator - November 2017 to January 2019 Project: Global Cyber Security Team

Responsibilities:

• Worked as a Project Engineer in Wipro’s Global security team.

• Handling global requests raised by users for access in Firewall and proxy.

• Initiating and following the change management process for user’s request.

• Worked with internal teams to get the request implemented.

• Monitoring through Firewall to check for reported issues.

• Helping users in distribution and authentication of secure ID tokens (RSA / VPN).

• Fetching of Utilization reports from proxy as per the user request.

• Working on the phishing emails reported.

• Ensuring the change management process is executed within agreed timeline. Skills: Networking, SOC Operations, Team handling, Incident response, Change management, Managed customer communication and escalations.

Tools: Palo Alto, Cisco ASA, Proof point, Service Now, RSA SecurID. Renovision Automation Services, Network Engineer and NOC Lead, June 2014 to November 2017 Client: Telenor

Telenor Communications Private Limited, formerly known as Uninor, was an Indian mobile network operator. The company was a wholly owned subsidiary of Norwegian telecommunications company Telenor Group. Responsibilities:

• Handling Client’s - Telenor India (later migrated to Airtel) telecom operation.

• Monitoring of PAN India MPLS and ILL Network Links in coordination with ISPs.

• Monitoring of Application and server alerts (Including Data centers and Client sites).

• Managing Incidents (alerts) /Major Incidents occurring in day to day service operations.

• Ensuring correct execution of Incident Management Processes.

• Updating to management and end users via communication channels (Mails /SMS).

• To be able to coordinate with various teams and can escalate both functionally and hierarchically during critical and high priority Incidents, to ensure more expertise is available to resolve the incident within the defined SLAs.

• Responsible to establish bridge/conference calls as required and involve all relevant teams/vendors/service providers till closure of the incident.

• Recording incident life cycle.

• Collaborating with resolver groups, participated in Problem Review Board / PIR (post Incident review) and publishing the RCA with corrective and preventative actions.

Skills: Network L1 analyst, NOC operations, Team handling, Incident response, Change management, Managed customer escalations.

Tools: HP OpenView Operations, HP Operations Manager, HP Service Health Reporter, HP NNM, HPBSM. VYAPAR NAYAK NEWSPAPERS PVT. LTD., Delhi

Responsibilities:

Desktop Support Engineer (IT Operations), August 2013 to May/2014

• Troubleshooting hardware and software issues.

• Troubleshooting networking and connection issues.

• Installing and maintaining hardware and computer peripherals.

• Installing and upgrading operating systems and computer software.

• Advising on software or hardware upgrades.

Education

Uttar Pradesh Technical University, India

Bachelor of Technology: Information Technology – 2013 Core Competencies

Cyber Security, Information Security, SIEM, Phishing detection, Malware Analysis, YARA, Endpoint Management, Intrusion detection, MITRE Framework.

Learnings & Certificates

Google Cybersecurity Professional Certificate issued by coursera LinkedIn Profile: https://www.linkedin.com/in/amantyagi2211/

Contact this candidate