Tek06921

Cloud Security Specialist - 8 + Year


BTech

Highlights

  • A result driven I.T Professional having overall experience of 8 years as Senior Cloud Administrator & Security Specialist.

  • Having strong ability to analyse and troubleshoot complex problems.

  • Working in shared environment to manage and administer security technologies 

  • Works on vulnerabilities & Threat and recommends mitigation steps for detection issues

  • Strong experience in Microsoft Azure, 365, Sentinel, Defender for Cloud, Endpoint, Office 365, Azure Active Directory

  • Attend troubleshooting call with internal and external stakeholders 

  • Strong experience in Microsoft Azure, 365, Sentinel, Defender for Cloud, Endpoint, Office 365, Azure Active Directory 

  • Investigate potential or security violation or incident in an effort to identify issues that require new security measures & policy change

  • Incident analysis, remediation & Work on automation & Fine-tuning

  • Implementation of Analytics Rule

  • Working with playbook to automate responses to threats & connecting data sources to Microsoft Sentinel.

  • Research and investigate new and emerging vulnerabilities, to include Zero Day events, assess against risk to the corporate and production environments  


Skills
Primary Skills
  • OCI

Secondary Skills
  • GCP
Other Skills
  • Perform Vulnerability Assessment using Qualys VA Tool & Defender 
  • On-boarding new asset into Qualys, Vulnerability Assessment & Management using Qualys 
  • Perform regular Vulnerability Assessment against corporate events (Servers, Network Devices) 
  • Categorizing Vulnerability into different remediation group and ensuring the remediation. 
  • Perform regular Vulnerability assessment to identify known vulnerability and risk to environment. 
  • Vulnerability Scanner is being used for testing  
Projects

Project 1 - IT Industry (36 months)


    • Proactively monitored security offenses in IBM Qradar and prepared various Standard Operating Procedures/Work Instructions for efficient investigation 

    • Worked closely with team members to deliver project requirements, develop solutions and meet deadlines 

    • Attended all the daily calls with the team and highlighted the important points and have provided the possible solutions 

    • I voluntarily participated in Internal training programs on different Tools and technologies related to project and self-Development 

    • Created daily and weekly report on time which helped in understanding the statistics of Security Incidents, server health- check, trends. 


Project 2 - IT Industry (47 months)


    • Actively monitored the alerts that include the malware analysis, network traffic, incident response and other resources (Security News, Security Trends) that provide an insight to filter out suspicious activity and take counter-measures. 

    • Collaborated with administrator’s/business managers to evaluate the effectiveness of the security policies to make necessary changes for a more secure environment. 

    • Solved Security Incidents raised by team and client as per defined SLA with justified evidence 

    • Regular constructive discussion to resolve the issues with technical investigation to mitigate the root cause for the Security Incidents. 




    • Evaluated evidence of violations in company security policies to identify violators and investigate incidents, instructing employees on correct procedures 


Project 3 - IT Industry (24 months)


    • Utilized expertise in Qradar to produce Use-cases, fine-tuning rules, parsing , upgrading and integrating log sources.

    •  Guiding L1 analysts in Security Investigations.

    • Completed various reports and analysed each report to decide where improvements could be made.

    • Documented research findings and prepared polished reports highlighting results and potential improvement strategies


Awards

Certifications

➢            AZ500 – Microsoft Azure Security Technologies

➢          SC900 – Microsoft Security, Compliance, and Identity Fundamentals

➢            CompTIA Security+ (SY0-601)

➢            SC200- Microsoft Security Operations Analyst