Shweta Kavungal

Suwanee ***** 404-***-**** adzfc3@r.postjobfree.com

Objective

Passion to provide support to organizations in improving cyber security with minimum monetary costs through implementing governance and technical solutions.

Skills & Abilities

NIST Framework, ISO/IEC 27001, PCI-DSS standards, Intrusion Detection, Malware analysis, risk analysis, Rapid7, ExtraHop, Palo Alto, Checkpoint, Cisco ASA, Fortinet, Cyberchef, Autopsy, Wireshark, Aircrack-ng, linux, Visual Basic, Oracle, HTML, Java Script, JSP, Java 1.4, Hibernate, Spring, Struts, Servlets, JAAS, XML, AJAX, JavaScript, VB, C, C++, Python, JSON, SQL, Metasploit, Ghidra, UNIX scripting, HTML5, Nmap, COBOL, Excellent written and oral skills, Git, Carbon Black, Microsoft Defender, CrowdStrike, InsightIDR, InsightConnect, InsightVM, Exabeam, Proofpoint TAP, Azure AD, Application Security, Akamai, SOC Automation, ThreatGrid, ZenGRC, Upguard, Bitsight

Experience

SOC LEAD NATIONAL VISION 2023-Present

● PCI-DSS/CMMC Audit activity for National Vision and its subsidiaries.

●Creating assessments and guidelines for the company’s Cloud, Identity, and DLP security posture.

●Monitor and enforce compliance with information security policies, standards, procedures, and guidelines.

●Collaborating with multiple stakeholders across functional and technical skill sets.

●Engaging business and technology stakeholders at all levels to gather long-term goals and requirements.

●Proactively monitor for intrusion attempts and all other security threats and implement practices to safeguard the enterprises data and technology assets.

SOC LEAD MGT CONSULTING 2020-2021

●Act as Incident Commander for multiple Red team exercises. Performing Investigation, Forensics, Incident Response, RCA and communicating the findings to the C-Suite.

●Use case development based on the MITER Attack and Cyber Kill chain framework. Leading the threat hunting team in identifying threats and recognizing security loopholes,

●Building SOC Automation use cases to build an efficient SOC. .

●Security project governance, delivery review, risk gap and maturity assessment.

●Leading the Organizations Auditing, Table top exercises and Incident Response review procedures.

●Championed the project for amalgamation of the SIEM and ticketing system. Providing the organization with vast cost savings.

●Technology review of upcoming security products and provide the leadership with insights into maximizing the cyber security outlook.

●Performed threat hunting, Incident response activities on a day-to-day basis. Developed and maintained an Information Security Incident Response Plan and trained team on the execution of the plan should an incident occur.

●Actively maintained and implemented information security standards, processes, procedures, and policies across the enterprise. Coordinates with technology and business groups to assess, implement, and monitor information security risks/hazards Works closely with the compliance team to ensure information security policies and practices meet requirements.

●Revise and develop processes to strengthen the current Security Operations Framework, review policies and highlight the challenges in managing SLAs.

●Knowledge of applications, databases, middleware to address security threats against the same.

●Coordination with stakeholders, build and maintain positive working relationships.

●Develop Rapid7 SOAR workflows automations to improve efficiency and security posture.

SOC ANALYST MONEYWISE FINANCIALS 2016-2020

●Experience implementing SIEM Solution from scratch and managing all the components of SIEM.

●Actively responsible for the Managed Detection and Response (MDR) team to effectively prepare, detect, and respond to incidents.

●Perform analysis of log files from a variety of sources (e.g., network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security

●Develop and maintain an educational environment where the knowledge and performance of the group is constantly advancing.

●Ability to create HTTP/URL/DNS Regular Expressions to stop low level attack traffic.

●Identify risk areas that will require vulnerability prevention

●Scripting - PERL, Python, UNIX/LINUX

PROJECT MANAGER/JAVA DEVELOPER TATA CONSULTANCY SERVICES 2000-2008

●Discussing potential projects and their parameters with clients, executives, and software developers.

●Planning out the blueprints for software projects, including defining the scope, allocating resources, setting deadlines, laying out communication strategies, and indicating tests and maintenance.

●Ensuring each project stays on schedule and adheres to the deadlines.

●Determining and overseeing consistent testing, evaluation, and troubleshooting of all products in all stages of completion.

●Tracking milestones, deliverables, and change requests.

●Website development using HTML, JavaScript, spring, struts, Oracle, NOSQL database. Involved in the lifecycle of the project from design, development, testing, maintenance and production support.

●Delivering completed software products to clients using object-oriented design and RAD methods.

Education

MASTER’S DEGREE IN INFORMATION TECHNOLOGY 1997-2000

Certifications and Conferences

Speaker at ISACA Geek Week 2021- Benefits of Fusion Center

Six Sigma Green Belt

AWS Certified Solutions Architect

Certified InsightIDR Specialist

Security+ CySA+ CISM CISSP

CCSP

Azure

ZenGRC

Splunk

Contact this candidate