RAJ PRANESH M
About Candidate
| ● 2.5+ years of IT industry experience specializing in cybersecurity with a focus on penetration testing, vulnerability management, and incident response. ● Proficient in conducting comprehensive penetration tests on web, mobile, and API applications using tools such as Burp Suite, Postman, and other open-source options. ● Skilled in managing vulnerability assessment programs and prioritizing remediation efforts to enhance overall security posture. ● Experienced in deploying and configuring EDR solutions like CrowdStrike Falcon and Sophos for real-time security threat monitoring and mitigation. ● Adept at implementing MDM systems, particularly Microsoft Intune, to ensure the security of corporate devices and sensitive data. ● Knowledgeable about cloud security principles and best practices, with hands-on experience in AWS environments. ● Proficient in network security tools such as Wireshark and Nmap for monitoring and analyzing network traffic. ● Skilled in incident response procedures, including detection, analysis, containment, eradication, and recovery. ● Experience with SOAR (Security Orchestration, Automation, and Response) platforms to automate security operations and enhance incident response capabilities efficiently. ● Strong understanding of secure coding practices, threat modeling, and security testing methodologies. ● Proficient in driving automation initiatives through Jenkins DevSecOps pipelines to streamline security processes. ● Expertise in Identity and Access Management (IAM), ensuring appropriate access controls, least privilege principles, and compliance with security policies and regulations. ● Skilled in performing enterprise security gap assessments to identify weaknesses, vulnerabilities, and areas for improvement in existing security measures. ● Dedicated to continuous learning and staying updated with emerging cybersecurity trends and technologies. ● Proactive approach to risk mitigation and strengthening overall security posture. ● Dedicated to upholding the principles of the CIA triad, ensuring confidentiality, integrity, and availability in cybersecurity operations. |
Education
Work & Experience
ROLES & RESPONSIBILITIES ● Conducted penetration tests on Web, Mobile, and API applications using Burp Suite, Postman, and open-source tools to identify vulnerabilities. Provided detailed reports with recommendations for mitigation. ● Managed vulnerability assessment programs using Qualys for web application and server scanning. ● Deployed and configured Sophos endpoint security solutions across all devices within the organization, creating policies, monitoring, and mitigating identified threats. ● Implemented and managed mobile device management (MDM) using Microsoft Intune for securing corporate devices and data. Configured policies and compliance rules for enhanced security. ● Conducted AWS cloud security audits, providing detailed reports and recommendations to mitigate identified issues. ● Implemented cloud security best practices, AWS Security, Inspector, Config, and GuardDuty to secure cloud environments. ● Automated AWS cloud security audits, AWS GuardDuty, and Sophos alerts integration into both Slack and Microsoft Teams deployed on AWS Lambda, leveraging Python and Bash scripting. ● Implemented Jenkins DevSecOps pipeline to streamline security processes. Integrated SAST, SCA, DAST, and Container security open-source tools into the pipeline to identify vulnerabilities in the SDLC lifecycle and mitigate them effectively. ● Monitored and created firewall policies to block unwanted applications and sites, ensuring network security and control over traffic flow. ● Conducted security awareness training sessions for employees to educate them about phishing and other cybersecurity best practices. ● Set up phishing campaigns to test employee awareness and response to phishing attacks, analyzing results to identify areas for improvement in security awareness training and policies. ● Established the integration of web server and firewall logs into the Sumo Logic tool, configuring metrics and a live dashboard for real-time monitoring and analysis. ● Utilized SIEM tools to detect and respond to security incidents and created tickets for every time the incident occurred. ● Investigating malicious files, phishing emails, IP addresses, and domains using VirusTotal or other open-source tools, and providing recommendations for appropriate blocking based on the analysis. ● Remediating issues within the given SLAs and documenting findings to maintain accurate records for audit and compliance purposes. ● Performed the Enterprise security Gap assessment to identify weaknesses, vulnerabilities, and areas for improvement in existing security measures. ● Created threat modeling reports to proactively identify potential security threats and vulnerabilities, enabling preemptive action and risk mitigation. ● Utilized VirusTotal and other threat intelligence platforms for proactive threat hunting, analyzing suspicious files, URLs, and indicators of compromise to identify potential security threats and vulnerabilities. ● Managed AWS IAM users and permissions sets, ensuring appropriate access controls, least privilege principles, and compliance with security policies and regulations. ● Regularly reviewed and updated IAM policies to maintain security posture and mitigate risks associated with unauthorized access.
