*

Yasodha Srinivasan Senior Cloud Security Engineer

ARLO Technologies

Career Profile

Cyber Security Professional with 10+ years of Significant experience in Threat Intelligence, Vulnerability Assessment, SOC & Enterprise based incident response with strong performance background in wide variety of professional Knowledge with intelligence analysis methods and intelligence lifecycle along with exposure to system security Vulnerabilities as well as remediation techniques and threat hunting mechanism including both manual and machine-assisted capabilities, aims to find the tactics, Techniques and Procedure(TTPs)of advance adversaries. Ability to write high-Quality intelligence assessments and briefings for a senior –level audience. Experience in distilling raw information inti intelligence products. Currently working as Sr.Cloud Security Engineer in Corporate Security team for Arlo Technologies since 23

rd

Nov 2022

Objective

To be part of a team of hi-caliber professionals in a progressive, transnational organization, thus sharpening my own professional skills, while at the same time, contributing my best to the overall development of the organization. Obtain a demanding position in the field of cyber security where I can maximize my technical experience in Threat Intelligence, Vulnerability management in Cloud Platform Vulnerability Assessment, and Enterprise based incident response. Core Competencies:

• In depth knowledge of the Cyber Kill Chain, Diamond Model of Intrusion Analysis, or other relevant network defense and intelligence frameworks.

• Caliber to write high–quality intelligence assessments, post the analysis and briefings for a senior–level audience.

• Ability to make information security risk determinations based on intelligence analysis.

• Experience refining raw information from various sources into intelligence products.

2

• Perform basic static analysis of malicious threats including PE and web-based malware.

• Experience with the critical tools used in security event analysis, incident response, computer forensics, malware analysis and other areas of security operations.

• Involve in active conversation by consuming and contributing observables in NCSC community, FIRST.org community, ISAC, FBI, US-CERT & DHS.

• Broadcast Threat Intelligence Advisory to Strategic stakeholders, Tracking APT campaigns that are part of profiled Threat Actors, investigation and publish reports on ICS outbreaks.

• Proficient in Intel gatherings, processing, enrichment and contextual building. Role - Senior Information Security Analyst

Duration - Nov 2022 – Presently

Arlo Technologies

• Implemented and utilized automation to improve processes.

(Worked on Qualys ITSM & ServiceNow Integration Project)

• Gathered vulnerability and threat information from various internal and external sources within the Org.

• Provided technical assistance to owners of the impacted systems and applications to remediate and mitigate vulnerabilities.

• Generate Scorecard reports on all AWS Accounts based on severity level in Qualys Scorecard Scorecards

• Contact asset owners whose host "Project ID" is found in the scorecard report to fix their vulnerability.

• Conducted vulnerability scans of servers, applications, infrastructure, and EC2s.

• Coordinated PCI-DSS vulnerability scans and remediation efforts with the Cloud Security Team.

• Tracked and provided metrics and insights on vulnerabilities and remediation within the Org.

• Worked on ITSM Implementation with service Now Project.

• Container Image Scanning implementation by using the CICD Tools.

• PCI ASV Scan for all the webservers and find the vulnerability & work for remediation plan .

• Creating Tags, Dashboard for any new Cloud agent Installation Role – Senior Information Security Engineer –Threat Intelligence Research Duration – March 2015 – Nov 21st, 2022

3

Wells Fargo Solutions

Role and Responsibilities:

• As Part of Cyber Threat Intelligence team, produce threat intelligence providing situation awareness of cyber threats impacting global network infrastructure.

• Proactively research emerging cyber threats. Apply analytical understanding of hacker methodologies and tactics, system vulnerabilities and key indicators of attacks and exploits.

• Understand and experience in evaluating nation-state, hacktivists, and cybercriminal capabilities and activity.

• Respond to and ensure requests for information are answered in a thorough and expedient manner. Assist in the development of Standard Operation Procedures.

• Mentor and knowledge sharing to other team members.

• Coordinate resources during enterprise incident response efforts, driving incidents to resolution.

• Employ advanced forensic tools and techniques for attack reconstruction and intelligence gathering.

• Hunting for threads using both manual and machine-assisted capabilities, and aims to find the Tactics, Techniques and Procedures (TTPs) of advanced adversaries.

• Maximizing network transparency and analyzing logs of all network devices is essential for the threat hunter to identify security issues for remediation.

• Examine behavioral attributes of network users and place activity in the appropriate context in order to detect advanced threats

• Recognized potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.

• Leveraged EDR solutions for polling live results from the endpoints across the infrastructure. And interacted closely with blue team and red team by leveraging the findings and analysis about an insider threat and in the threat events around the world.

• Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.

Role - Information Security Analyst

Duration - July 2013 - FEB 2015 Cognizant Technology Solutions 4

Role and Responsibilities:

• Performed regular and Adhoc request based vulnerability assessment projects.

• Provided reports and made necessary recommendations on the findings in responsive fashion.

• Proposed remediation’s and aid development teams to improve their security status.

• Strong understanding on the scanner technologies such as Qualys, Vera code, Nessus and other related Products.

• Have good knowledge of Designing, Deployment and operational support of all aspects of Enterprise -Vulnerability Solution Management

• Good knowledge of Qualys Enterprise level reporting formats report analysis, providing additional information to fix the vulnerabilities.

• Interacted with Qualys at various instances during false positive analysis.

• Strong experience in methodologies and approach for information security principles, including risk assessment and management, threat and vulnerability management, incident response lifecycle, and identity, access management and compliances.

Tools & Technology Stack: Qualysguard, Nessus, Jira, Crowd strike, Guardium. Professional Qualification:

• MCA( Computer science) 95%

Anna University, Coimbatore

• BCA( Computer Science) 80%

Sri Ramakrishna College, Coimbatore.

Personal Details:

Address: Vee.Emm Residency, Flat 305, 3rd Cross,

14th main Ramamurthy Nagar, Bangalore, India

Phone: +91-809*******

E Mail: adz9wp@r.postjobfree.com

Name as in Passport: YASODHA SRINIVASAN

Languages Known: English, Tamil and Kannada.

I hereby declare that the above-mentioned information is correct to best of my knowledge.

LinkedIn: http://in.linkedin.com/in/YasodhaSrinivasan

Contact this candidate