ABHIJITH GOPIDAS

Perform Vulnerability Assessments for websites, mobile and web applications. Generate detailed report on the basis of security testing. Conducted Security audits.

Conduct Vulnerability Assessment on web servers, websites, mobile applications, and web applications. Develop and maintain security policies and procedures that align with industry standards and regulatory requirements. Conduct security audits to identify gaps in the organization's security posture and also work with management to develop and implement security plans. Malware analysis and removal of infected files Perform manual testing for websites and web applications

Perform VAPT of all assets in the bank every quarter using Tenable and Burp Suite tools and Gaps identified during the assessment is taken up with the concerned team and follow-up for closure. Ensure compliance by adhering to advisories/circulars issued by regulatory bodies and reporting compliance status to regulatory entities. Implementing and managing different security solutions like SIEM tool, EDR, DLP, DAM, Proxy Solution, data classification solution and Firewall Analyzer. Integration of network/security devices, and servers with SIEM tool and monitoring of security alerts. Creating use cases based on SIEM logs and overall monitoring of SOC team and their activities. Resolving log stoppage by restoring system functionality, repairing hardware or software issues, or reconfiguring logging settings and reporting the log stoppage incident to the appropriate stakeholders Monitor endpoints using the EDR tools to detect and respond to security incidents and anomalies, such as suspicious processes, network connections, and file changes. Block IOCs within the EDR tool to prevent further attacks and maintain the overall security posture of the organization. Participated in the latest cyber drill conducted by the Institute for Development and Research in Banking Technology (IDRBT) and successfully detected three out of four simulated cyberattacks. Perform periodic reviews of all critical systems of the bank. This includes user access review, review of all security solutions including Privileged Identity Management, Active Directory, Proxy, Core banking application, Email, review of administrative privileges, Review of patch updation, Review of VPN access, Review of third-party users and other security controls in place. Ensure compliance by adhering to advisories/circulars issued by regulatory bodies and reporting compliance status to regulatory entities.