Information Security Vulnerability Management
Resume:
Rajesh S.
**************@*****.*** +1-839-***-**** LinkedIn
INFORMATION SECURITY / CYBER SECURITY / VULNERABILITY MANAGEMENT
COMPETENCIES MATRIX:
Security Information & Event Management
Vulnerability Management
Application Security - DAST and SAST
Risk & Compliance
Threat Hunting
Endpoint & Data Loss Prevention
Cloud Security
Splunk SOAR Automation with Python
Results-driven Information Security & Cybersecurity Professional with over 11 years of expertise in SIEM, vulnerability management, threat detection, and risk mitigation.
Skilled in monitoring, analyzing, and securing IT infrastructure using tools like Splunk, Tenable.io, Nessus, Qualys, CrowdStrike, and AWS security services.
Adept at incident response, malware analysis, and firewall optimization, ensuring robust security postures.
Strong background in compliance, GRC assessments, and third-party risk management using RSA Archer and Risk Recon.
Experienced in leading SOC operations, developing security policies, and coordinating with cross-functional teams to implement security strategies.
Proven ability to analyze vulnerabilities, enhance defenses, and drive continuous improvements in cybersecurity frameworks
Integrated VirusTotal, AbuseIPDB, and Open Threat Exchange (OTX) with Splunk SOAR for real-time threat intelligence enrichment.
Conducted both SAST and DAST in application security to identify and mitigate vulnerabilities, leveraging their complementary strengths for effective risk management.
CAREER HIGHLIGHTS
Enhanced Threat Detection: Improved security monitoring and threat detection by 30% through Splunk analysis and proactive alerts.
Optimized Splunk License Optimization: Achieved a 40% reduction in Splunk license utilization by efficiently migrating data from endpoints to Cribl, and then from Cribl to both Splunk and NextGen SIEM, ensuring cost-effective and streamlined data management.
Optimized EDR and SIEM systems by developing advanced queries, content rules, and implementing automated playbooks with streamlined workflows, reducing incident response time by 25% and enhancing malicious activity detection.
Achieved Compliance Excellence: Led security team to 98% compliance in industry audits, surpassing regulatory standards.
Mitigated Vulnerability Risks: Lowered vulnerability risk by 40% through proactive patch management and security best practices.
CAREER CONTOUR
Jun’21 – Present PEGA Systems, Chicago, IL as Senior Security Engineer
Security Monitoring & Incident Response
Secured internal and client infrastructures through comprehensive monitoring, device onboarding, and threat detection using Splunk, Tenable.io, CrowdStrike, Nessus, and Rapid7.
Managed multi-source data ingestion for Windows, Linux, and application logs, developing actionable reports, dashboards, and alerts to enhance system oversight.
Leveraged Cribl for efficient data migration between endpoints, Splunk, and NextGen SIEM.
Developed Python-driven Splunk SOAR playbooks integrating MITRE ATT&CK to automate threat detection, investigation, and remediation, reducing MTTR by 40%.
Provided 24/7 support, covering multiple regions during evenings and weekends.
Vulnerability Management & Remediation
Conducted vulnerability scans across internal, external, and cloud environments (AWS) using Tenable.io, Nessus, and Rapid7, identifying security risks.
Generated monthly reports highlighting critical vulnerabilities and patching requirements for on-premises and AWS systems.
Collaborated with IT, security, and cloud teams to prioritize vulnerabilities and ensure timely remediation.
Mitigated risks by promptly addressing identified vulnerabilities to maintain a strong security posture.
Application Security Testing (DAST)
Performed application security testing using Netsparker DAST to identify vulnerabilities in web applications and SaaS platforms.
Conducted security assessments with tools like Fiddler, Burp Suite, Postman, and various SaaS applications to analyze and mitigate threats.
Forensic Investigation
Conducted comprehensive forensic investigations to identify root causes of security incidents, preserving evidence and providing actionable insights for remediation and improved security posture.
Endpoint & Identity Protection
Enhanced endpoint security using CrowdStrike and Identity Protection for real-time monitoring, host management, and software policy enforcement.
Developed and applied CrowdStrike security policies, optimizing host group management and proactively identifying threats through advanced threat hunting.
Analyzed CrowdStrike detections to identify IOCs and implement rapid containment actions, strengthening overall security posture.
Assessed Docker, Kubernetes, AWS, and GCP environments using CrowdStrike to identify image vulnerabilities, collaborating with owners for timely remediation.
Threat Intelligence & Security Posture Enhancement
Monitored public and private GitHub/Bitbucket activities using GitGuardian and managed alerts from BitSight and Security Scorecard to proactively enhance the organization’s security posture.
Conducted ad-hoc data analysis to resolve false positives/negatives and optimize threat detection capabilities across large data sets.
Utilized CyberArk to manage privileged access, secure credentials, and enforce least-privilege access policies to mitigate insider threats and enhance system security.
Email Proxy
Experienced in email-based investigations, including phishing campaigns, malicious attachments, and artifact analysis using tools like Proofpoint and Knowbe4.
Operational Excellence & Process Optimization
Optimized firewall workflows to accelerate deliverable timelines and support quicker response times and leveraged the Axonius tool to identify and close security gaps across the organization.
Performed routine device checks, troubleshooting, and system health checks to ensure continuous preventative maintenance, managing incidents and service requests with efficiency.
Leadership & Cross-Functional Collaboration
Provided technical guidance, leadership, and mentorship to security team members and collaborated with architecture, engineering, and operations teams to implement security controls that align with business objectives.
Oversaw ticket resolution, patching, and asset tagging for effective inventory management, ensuring smooth operational continuity and robust compliance frameworks.
Mar’19 – June ’21: IT Convergence, Hyderabad as Senior Security Analyst
Threat Monitoring & Incident Response
Monitored and detected threats using AlienVault by integrating SIEM logs and OTX threat intelligence, and managed incidents through ServiceNow for proactive response.
Device Onboarding & Data Integration
Onboarded devices and managed data ingestion from multiple sources, fine-tuning AlienVault rules and developing dashboards to enhance visibility and reduce false positives.
Cloud Security & Comprehensive Monitoring
Deployed AlienVault USM in AWS environments, integrating McAfee Endpoint Protection and IDS/IPS logs to achieve comprehensive security monitoring.
Vulnerability Management & Patch Coordination
Performed vulnerability management using Nessus, conducted scans, and collaborated with teams to address critical vulnerabilities while implementing machine patching.
GRC & Vendor Risk Assessments Firewall Risk Management & Mitigation
Conducted GRC vendor assessments and risk evaluations using RSA Archer and Risk Recon, managed third-party audits, and remediated findings to ensure compliance.
Reviewed firewall risk assessment reports and developed risk mitigation or acceptance plans, and created firewall baselines/templates for new deployments.
Email Security & Incident Resolution
Analyzed and managed suspicious emails via Proofpoint, effectively blocking/quarantining malicious attachments and URLs to ensure swift incident resolution.
Aug’16 – Jan’19: Diebold Nixdorf Pvt. Ltd., Hyderabad as Security Analyst
Threat Detection & Analysis
Analyzed TAP alerts from Proofpoint to identify and address potential security threats.
Conducted comprehensive malware analysis, including investigations into ransomware infections, to understand and mitigate emerging threats.
Indicator Development & SOC Operations
Developed and defined new Indicators of Compromise (IOCs) to enhance threat detection and response capabilities.
Operated within an Offshore SOC team, monitoring events, detecting intrusion attempts, and implementing effective preventive measures.
Security Tools Management & Configuration
Gained hands-on experience managing and configuring security tools such as firewalls, Active Directory, antivirus software, IDS, and IPS to bolster network defences.
Incident Documentation & Reporting
Prepared documentation and created escalation templates to streamline incident management processes.
Developed and presented weekly and monthly dashboards and reports to customers, providing critical insights into security posture and incident trends.
Mar’15 – Aug’16: Huawei Technologies India Pvt. Ltd. (Deputed to Talentpro India), Bangalore as Security Analyst
IT Infrastructure Management & Monitoring
Managed and monitored IT infrastructure to ensure optimal performance and security across systems.
Log Analysis & Compliance
Analyzed logs using Splunk SIEM and managed McAfee Endpoint & DLP rules, data versions, and compliance to maintain robust security standards.
Technical Support & Troubleshooting
Provided comprehensive technical support and troubleshooting for various IT issues, ensuring minimal downtime and efficient problem resolution.
Security Protocol Development & Deployment
Assisted in the development and deployment of security protocols and measures to safeguard the organization's digital assets.
Documentation & Reporting
Documented technical processes and prepared detailed reports for management to inform strategic decision-making and continuous improvement.
Security Tools Utilization & Forensics
Utilized advanced security tools—including SIEM, Data Leakage Prevention (DLP), forensic tools, network sniffers, and malware analysis software—to detect, analyze, and respond to security incidents.
May'14 - Mar'15: SLK Global Services, Bangalore as Team Member
SCHOLASTICS PORTFOLIO
Bachelor of Computer Applications (BCA), Bangalore University, Bangalore 2013
CERTIFICATIONS
Certified Information Security Manager (CISM) – ISACA
Certified Information Systems Auditor® (CISA) – ISACA
Certificate of Cloud Security Knowledge (CCSK)
Certified ISO/IEC 27001:2022 Lead Implementer
Certified Security Analyst (ECSAv10) – EC-Council
Certified Ethical Hacker (CEHv10) – EC-Council
Cribl Certified Observability Engineer (CCOE) – Admin & User
Certified Splunk - Admin & User
Qualys Guard Vulnerability Management
Oracle Cloud Infrastructure Foundations 2020 Certified Associate
CISSP – Provisioning
Contact this candidate