Abhishek-New (1)
Download as DOCX, PDF0 likes222 views
Abhishek Narasimhan is a security analyst with over 5 years of experience in SIEM, security management, and incident response. He is currently working as a senior analyst at Accenture responsible for monitoring SIEM solutions and isolating infected hosts. Previously he worked as a senior security engineer and team lead at HCL Technologies where he implemented and managed SIEM tools like RSA Envision. He has expertise in network security, penetration testing, and forensics.
Abhishek-New (1)
- 1. Abhishek Narasimhan Abhishek8thdec@gmail.com Contact: +91 8861152227 Career Objective: Seek a position to utilize my skills and abilities in the corporate world that offers professional growth while being resourceful, innovative and flexible. ProfileSummary: • Dynamic professional with 5 years and 1 month of experience in SIEM,Security Management, Real Time Analysis, NetworkSecurity and Incident Management in IT sector. Managing L1 and Supporting L2 Team as a Team Lead. • Analytical and detail-oriented problem solver with excellent communication skills, well-developed troubleshooting skills and a strong workethic. CoreCompetencies: • Planning & scheduling offshoredelivery management for deliverables of completed projects. • Improving the operations, enhancing business growth by setting up infrastructures, projectmanagement and service delivery. • Interacting with team members to ensure smooth progress of project work. • Monitoring and ensuring delivery during the transition period. • Ensuring adherence to quality norms throughout the implementation process. • Handling installation & configuration and maintaining of the Devicesrelated to the security, that helps SIRT teams operation. Professional Experience: 1. Accenture Services Pvt.Ltd : Feb’2016 – Present Accenture-Client:Feb2016 – Present(Bangalore) Working as a Security Senior Analyst responsible forhandling cyber threats and malware infections related to the Infrastructure, time bound monitoring of SIEMsolution to detect unusual networkbehavior and isolate the infected hosts forcontainment and remediation. Triage Collection from Malware Infectedhosts using Mandiant Platforms forperforming malware analysis and reverse engineering the executable fileto identify the Indicators Of Compromise (IOCs).TheLogs from the Devices that are monitored are : Palo Alto Panorama Logpoint(SIEM) Palo Alto Wildfire TrendMicro Snow License Manager Solarwinds
- 2. 2. HCL Technologies :March’2011- Feb’2016 HCLTechnologies – CorpProject:March2014 – Feb 2016(Chennai) Worked as Senior Security Engineer/Team Lead, responsible for Implementation , managing and administering of SIEM tools such as RSA enVision (ver. 4.1) and RSA Security Analyst(both SA forLogs & SA for Packets) (ver.10.3 – 10.5) and FireEYE HX-AX-HXDMZ,RSAEcat, Cisco FireAMP, Nessus. Roles and responsibilities include: Maintenance and Health Monitoring of RSA Security Analytics and RSA enVision. Installing OS Patches, Installing and renewing Web SSL certs for UI’s. Implementation, Deployment and Configuring of SARE, Concentrator, Decoder, ESA, Archiver, Malware Analysis servers . Deployment of VLC(SA) across Globe. User creation/modification/ deletion on SIEM tools. Creation & Fine-tuning of Rules/Reports/Charts and ESA Rules. Continuously monitoring of Dashboard for Log Volumes, outages, devicedown, etc. Deviceintegration, troubleshooting, followsup withIntegrationteams in case Support req. Writing IOCs in HX forPresence/Execution of Infection in the Endpoint using Threat Intel. Deployment of RSA ECAT and Analysis. Vulnerability Assessment forInternet Facing Devices through Nessus. EventMonitoring through Threat Feeds From RSA Live. Constantly Checking forLatest Threats and Updating the Watchlistwith the Malicious Domains and IPs. Co-ordinating with the External Auditing team for VA/PTon Annual Basis forApplication and Infra/Infra solutions Penetration Testing. Installed and Managing VMware infra for SIRT Team(VLC, Lab, etc.) Handling P1 Incidents, and Forensic Analysis as IR Team Member. Leading the L1 Team and Supporting on-call if required. Writing Parser forSA forLogs using EventSource Integration(ESI). Supporting L2 Team in case of Clarification regarding the Incident. Working on Implementation of CIF(CollectiveIntelligence Framework). A go-to Guy forAny support. HCLTechnologies – CorpProject:March’2011 – March’2014(Chennai) Worked as a Security Engineer, Responsible forManaging and Administering forCisco ASA , Checkpoint R65, R71.20, R77.40, Websense WCG, McAfee EEPC,RSA SecurID, McAfee Vulnerability Manager, SIEM Tool RSA Envision, And also log monitoring of the Below Devicesthrough RSA Envision. • Firewalls (Cisco ASA, Checkpoint, Netscreen) • IDS/ IPS (McafeeIntrushield) • Unix Servers • Windows Servers • MS Exchange • Antivirus (Symantec Endpoint Protection) • Proxy (Websense WCG) 1. Monitor and analyze log from various devices such as Firewalls (Cisco ASA, Checkpoint, Netscreen). 2. Raising tickets and incidents with respective team in case of any suspicious activity likenetwork attack, DOSattack, etc. 3. Maintenance and updating of RSA enVision. Installing OS patches, VAM updates and ESU’s as released by RSA.
- 3. 4. Provideoperational and incident related reports to upper management. 5. Creation of new rules, reports and other configuration changes. 6. Health and performance reporting specific to SIEM solutions. 7. Regular Changes and Operations in Cisco ASA and Checkpoint Firewalls. 8. Experience in McAfeeEEPC. 9. Providing RSA SecurID Software Tokens and Troubleshooting in case of any issue. 10. Creation of Users in Checkpoint firewallfor VPNAccess. 11. Handling Vulnerability Assessment forthe Internal Security,Network and Internet Hosted Devices through McAfeeVulnerability manager and Followingit to Closure on Quarterly Basis. 12. Penetration testing for Application or DMZ hosted Deviceson Ad-Hoc and Quarterly forHVA using Core-Impact Pro. 13. Coordinate fortechnical issues and participate in problem management activities. Awards at HCL Technologies: Awards Awarded “OperationsChampion” fortheMaximum number of Incident closed and also Customer Satisfaction during the Security Operations. Awarded “SpotAward” forRestoration of RSA Envision backafter a NAS Failure and Restoration of RSA A-serv/LC. And also forthe Implementation of RSA Security Analytics for Logs & Packets. Won Special Prize in “MADJAM Ideapreneur” forSecurity Analyticsheld across HCL Globally. Academic, Professional& Certification: Qualification Completed MS (CyberLaw AndSecurity)from NationalLawUniversity(NLU,Jodhpur) in 2013with8.57 CGPA through Distance Learning. Completed B.E(ComputerScienceAndEngineering) fromHindustanCollegeof Engineering AffiliatedtoAnnauniversity,Chennai with63% Full time. Professional Skill-set: Domain Knowledge Network Security, Penetration Testing, Incident Response Operating Systems Windows 7, 8, XP, vista, BT 5, Matriux, Cent OS Languages Understanding of Python, XML Firewall Technologies Cisco, Checkpoint, Juniper Cloud Platform Amazon Private Cloud,Xen Virtualization VA/PT McAfee Vulnerability Manager, Nessus, Nmap, Core Impact Pro, Metasploit. Forensics/SIEM RSA Envision, SA for logs/Packets, RSA Ecat, FireEYE HX-AX-HXD, FireAMP, Encase, FTK.
- 4. Certification: Network and Security CCNA, CCNA-Security, SITCS, ACE(Palo Alto) VA/PT CEH, ECSA, LPT(Expired), QCS(Qualys), MVM(McAfee) Forensics CFHI(McAfee Institute), ACE(AccessData),CCFE(IFS), Qualified From McAfee Institute(ORC, CTA, CTFI,EFI) Training Attended RSA Security Analytics Administration, Mandiant In- House IR, Core-Impact Pro Personal Profile: Name: Abhishek Narasimhan Sex: Male Date of Birth: 08/Dec/1988 Marital Status: Married Father’s Name: Mr. Narasimhan Current Location: Bangalore Hobbies: Hearing Songs(Any Genre), Long Drive,Travelling, etc. Date: Place: Abhishek Narasimhan