santhosh566 566

Sr. Security Consultant (Associate Consultant)

TCS

Jan 2024 - Present

Performed security and privacy assessments, including vulnerability assessments, penetration testing, and compliance audits, to enhance organizational security posture. Led security incident response investigations, identifying root causes and implementing mitigation strategies within SLA timeframes. Utilized SIEM tools (Splunk, QRadar, and Symantec Endpoint Protection) for threat intelligence, log correlation, and incident analysis. Conducted in-depth vulnerability assessments of cloud and on-premise environments using Nessus and OWASP methodologies. Automated security controls, reporting, and threat response workflows, improving operational efficiency. Reviewed, created, and optimized firewall rules while monitoring logs in Checkpoint and Net Screen Firewalls to enforce compliance. Managed end-to-end security hardware/software onboarding projects, ensuring seamless integration with existing systems. Conducted event correlation and deep packet inspection (DPI) using Wireshark, Nessus, and TCP Dump to analyze threats and prevent exploits. Ensured and maintained PCI DSS compliance, implementing security policies to protect payment processing systems. Proactively conducted threat hunting operations to detect and mitigate advanced persistent threats (APTs). Collaborated with third-party penetration testers, analyzing vulnerabilities and implementing remediation strategies. Created Power BI dashboards for security analytics, executive reporting, and trend forecasting. Developed and refined cybersecurity policies, incident response procedures, and SOC playbooks, aligning with industry best practices.

Sr. Security Lead (Technical Lead)

HCL Technologies

Jun 2021 - Dec 2023

Worked on secured Azure AD Connect, Microsoft Azure Active Directory, and Single Sign-On (SSO) to enhance identity and access management. Monitored and investigated security events using SIEM platforms (LogRhythm, McAfee ePO, Palo Alto, and Mimecast), responding to security incidents in real time. Performed cloud-based threat detection, vulnerability assessments, and compliance audits to improve security posture. Conducted in-depth investigations into security alerts from Microsoft Sentinel, ensuring rapid detection and remediation of threats. Monitored and maintained System Security Plans (SSP) in accordance with NIST 800-18 and organizational security policies. Ensured compliance with GDPR, PCI DSS, and HIPAA by performing risk assessments, policy updates, and security gap analysis. Data protection measures, securing sensitive corporate and customer information through DLP solutions. Managed and enhanced email security tools (Proofpoint, Mimecast) to prevent phishing, malware, and business email compromise (BEC) attacks. Monitored compliance dashboards in Office 365 Tenant, aligning with regulatory requirements. Developed cloud incident response plans and SOC playbooks, ensuring an efficient cloud security incident response process. Applied OWASP Top 10 security principles to identify and mitigate software vulnerabilities in cloud-hosted applications. Automated cloud vulnerability scanning and remediation workflows, improving detection and patching efficiency. Integrated cloud-based security solutions with on-premise and hybrid environments, ensuring seamless security operations. Assessed and mitigated cloud security risks, working closely with stakeholders to strengthen cloud security frameworks. Leveraged Power BI and Azure Security tools to track security incidents, analyze threat intelligence, and generate reports for management. Researched and implemented emerging cloud security best practices, staying ahead of evolving cybersecurity threats.

Cyber Security Analyst (Sr. Engineer)

Mindtree Limited

Apr 2018 - Jun 2021

Monitored, analyzed, and triaged security alerts using SIEM tools (QRadar, Splunk), escalating potential cyber threats for further investigation. Conducted advanced threat intelligence, log correlation, and forensic investigations, identifying attack vectors and developing response strategies. Performed web application penetration testing, assessing vulnerabilities and providing remediation recommendations based on OWASP and NIST standards. Maintained PCI DSS compliance for payment applications, ensuring secure transaction environments. Proactively conducted threat hunting initiatives, identifying APT activities and abnormal network behavior. Collaborated with cross-functional teams to review security policies, production changes, and compliance updates. Developed and optimized incident response playbooks, ensuring efficient handling of SOC incidents and escalations. Engaged with clients, delivering security risk assessments, incident response reports, and recommendations for mitigation. Led cybersecurity awareness training sessions, educating internal teams on threat mitigation strategies and best practices. Worked closely with L2 analysts, assisting in deep-dive investigations into complex security incidents and cyber threats. Refined and documented incident response processes, ensuring SOC efficiency and rapid resolution of incidents. Used PowerPoint and internal training platforms to conduct cybersecurity awareness sessions, covering SOC operations, risk management, and phishing awareness.

Senior Operational Professional

IBM India Private Limited

Mar 2016 - Mar 2018

Senior Software Engineer

Accenture

Nov 2014 - Jan 2016

Software Engineer

Experis IT Private Ltd

Jul 2013 - Nov 2014