Shaik Mohammed Farook

 Troubleshooting and resolving the issues of Nexus devices, FortiGate Firewalls and Cisco ASA firewalls.  Administering circuit Ids, faulty tickets and incident tickets closing before timeline  Performing the re-design and implementation of Data Centre Migration for expansion of devices and MPLS, TDM links  Trained to team on new projects deployment, process and auditing their work and corresponding the projects  Establishing the Insider Risk & Compliance program for the entire organization; internal control (IT & Non-IT) framework & control design, roll-out and compliance.  Developing action plans to close gaps wherever they exist, and driving them to closure and ensuring insider threat activity is monitored.  Providing leadership across end-to-end risk management functions such as risk and controls assessments, incident capture, scenario analysis and planning  Defining risk management framework/processes for the department & ensuring that the highest level of quality is maintained  Reassessing existing processes & creating new ones that could effectively anticipate, manage and reduce risk  Preparing daily, weekly and monthly report and submitting to superiors as per requirement.  Expert in handling Hardware, LAN, Wireless and Remote access (CISCO-VPN), Active Directory, Internet, MS-Outlook, Web ex, Antivirus, Trellix (ePO) reset Issues.

 Experience on ArcSight SIEM (console & web console), providing operations support at the Security Operations Center for different member firms.  Handling and monitoring WAF (Web Application Firewall) to ensure enhanced security against threats and malicious attacks.  Responsible for monitoring internal network security related issues like; SOC alert monitoring, Risk analysis, investigating the Spam/Phishing mails.  Integration and deploy for the new devices.  Performing Health check of ArcSight, FireEye, and Smoke Screen Devices & Silver Line.  Analyzing Phishing and Spam related activities and notifying to the users.  Following tickets assigned dedicatedly and updating member firms till the incident closure.  Preparing FireEye report and notifying the users.  Working on Real time network traffic by analyzing the logs from IDS, IPS and Firewalls through SIEM Tool and Wire shark.  Handling the complete incident management framework cycle right from incident identification, incident containment, performing root cause analysis, suggestion and implementation of preventive and corrective controls and perform network analysis as needed on a case to case basis.

 Lead the team responsible for the detection, analysis, and response to security incidents in the organization.  Implement and managed an MDR (Managed Detection and Response) ELK Stack solution for security monitoring and incident response.  Mitigating potential security threats. Using MITRE Attack framework Tactic and Technics.  Develop and implement security policies, procedures, and controls that align with industry standards and best practices.  Conducting security assessments and penetration testing to identify vulnerabilities (VAPT) and potential threats.  Conduct threat intelligence analysis to identify emerging threats and risks to the organization.  Develop and manage the security incident response plan and conduct regular exercises to test its effectiveness.  Provide guidance and support to junior members of the SOC team and ensure that all team members are adequately trained on the latest security threats and trends.  Notifying the team about threat feeds from different open source threat intelligence platforms and publishing advisories with IOCs.  Involving security plans for technology implementations Network architecture such as Firewalls (IPS\IDS), Routers, Switches and WAF devices.  Coordinating with IT department on ISO 27001 security controls, and performed internal \ External audits to ensure compliance.  SPOC for all aspects of information security, including access management, endpoint protection, PCI DSS and Audit logs requirements.  Providing ongoing support to clients to ensure the continued effectiveness of the ISMS, gap analysis and risk assessments to identify areas of non-compliance and remediation plans Achievements:  Identified True Positive security incidents to the Leadership with relevant counter measures.  Received appreciation from clients for providing on time service as per their requirements and responding to their queries, ensuring customer satisfaction and retention.  Got the appreciation from Company’s Head for 10/10 in NPS score from clients, on No escalations from the last 19 months.