- Was part of the team for the development of MDR which is an enterprise-level product to manage security threats in the environment
- Analyzed different kind of web attacks and supported building of the model using deep neural learning
- Also worked on log analysis of malware from endpoint products in the enterprise to detect the potential risk using python and ML
- Was part in the setup of the environment for real-time data flow using python and Cassandra and integrated GTI (Global Threat Intelligence)
- Also updated the GTI into python2 and 3 compatibilities and uploaded in GitHub
senior security engineer
- Strong experience with AWS services such as GuardDuty, Key Management, Inspector, S3, CloudFormation, CloudWatch, Cloudtrail, AWS Config, EC2, VPC, IAM
- Partnered with vendors and third parties to assess their systems in order to understand their cyber security posture and analyze gaps in their systems
- Knowledge of Internet Security technology (e.g. PKI, Federation, SAML, SSO, Authentication and Access Management, 2nd Factor Auth, Fraud Detection, Smartcards / Tokens, Web Services)
- Provide post-sales technical expertise during the installation, implementation and maintenance of company products.
- Perform vulnerability scanning, risk analysis and security assessments on a regular basis for safer client environment.
- Plan, implement and upgrade security measures and controls to protect sensitive data and endpoint systems of the organization against unauthorized access.
- Penetration testing both networks and web applications, reporting the vulnerabilities with POC’s and remediations.
- Analyzing and validating the vulnerabilities that are reported by different tools.
- Participate in a vulnerability management program that includes: external and internal vulnerability scans of applications and systems, documenting and remediating of identified vulnerabilities and exploits.
- Manually verify and confirm the vulnerabilities in the network, applications and servers.
- Working with different operations, development teams to help them improve security around their applications/services and architectures.
- Identify issues and root causes including oversight and facilitation of plans including security concepts, controls, and awareness
- Performed security research, analysis and design for all client computing systems and the network infrastructure.
- Security Training in alignment with SBI bank and various private sector companies.
- Creating detailed design and implementation specifications for complex applications/systems prior to the solutions implementation.
- Conducting network & application security analysis, web application security assessments, mobile application reviews for multiple products like Olacabs, Olastore, TFS, Olamoney, Olashuttle, Olashare, Olacafe etc,.
- Conducted presentations and workshops for unit managers, IT development team, and the developers about issues and security controls.
- Working with developers and administrators to remediation of identified security issues.
- Developing crude automation scripts to help security assessment.