SlideShare uma empresa Scribd logo

Dhishant -Latest Resume

Transferir como DOCX, PDF
Dhishant Abrol
Dhishant Abrol
1 de 4
DHISHANT ABROL Email: dhishant@outlook.com Contact No.:+91-9811787372 Objective: To achieve the high standards of being the best among all, through hard work, positive attitude and dedication and to be placed in an organization which sets high standards for itself and gives me an opportunity to achieve my goal. Summary: I have 6+ Years of dedicated experience in the field of Information/Network Security. Currently working in Cyber Intelligence Center of a US based client as Security Researcher. Here leading a team of CSIRT (Cyber Security Incident response Team) to handle major incidents and escalations. Also managing Vulnerability Assessment/Penetration Testing (Based on OWASP Top 10) of Web Applications and Network. Performing Malware Analysis, DDoS Prevention, analyzing various threats. Managing Compliance and performing Risk Assessment & threat intelligence of client network for the latest security threats. Performing Internal Auditing based on (ISO27001, PCI-DSS/HIPPA) and delivering security awareness trainings. Academic Qualifications:  B.TECH (Electronics Communication) from VIVEKANAND (V.I.T.S) ENGINEERING COLLEGE, JINDAL NAGAR, GHAZIABAD in 2010 Secured 65.20%  12th from C.B.S.E Board, in 2006. DAV PUBLIC SCHOOL, DELHI Secured 72.40%  10th from C.B.S.E Board in 2004, PLATO PUBIC SCHOOL, DELHI Secured 75.20% Certifications:  Cisco Certified Network Associate (CCNA)  ITIL V3 Foundation  Certified Ethical Hacker V9  Cambridge Certified Security Associate  ISO 27001 Lead Auditor  Qualys Guard Vulnerability Management Specialist  McAfee ePO 4.6  McAfee FoundStone 6.0  Airtight Certified Wireless Security Administrator(ACWSA)  Websense Web Security Gateway & Data Loss Prevention 7.7.3
Tools, Technologies and Skills: - IDS/IPS: SNORT, IBM Proventia, Cisco Sourcefire. Web Security - Websense, Cisco IronPort, Barracuda, Bluecoat Content Filter. Auditing: ISO27001, PCI-DSS, HIPPA Microsoft technologies: AD, ADFS, LDAP, Windows PKI, SharePoint. WSUS, Antivirus – MacAfee ePO, SEPM, Trend Micro, FEP, SCEP. Data Loss prevention – Websense, Symantec & MacAfee. SIEM: HP-ArcSight, IBM-Q-radar, RSA Envision. Compliance-Symantec ESM& Control Compliance Suit. Vulnerability Assessment/PT: Nessus, Qualysguard, Nexpose, McAfee FondStone & Metasploit Process Skills: Information Security Management System, BCP/DR Planning. DDoS attack: UDP/ICMP Flood, SYN Flood, HTTP Get Flood, TCP Connection Attack, TCP Flag-based Attacks Monitoring: BMC Remedy, Site Scope. Honeypots: - Database Honeypots (Elastic honey), Web honeypots (Glastopf, Shadow Daemon, Google Hack Honeypot), Service Honeypots (Kippo, troje), Deployment (Dionaea, honeypotpi). Cryptography: Encryption Algorithms, Digital Signature, Deploying PKI. Malware Analysis: Process Explorer, Process Monitor, Net witness. VPN: IPSEC, PPTP, L2TP, Open VPN Virtualization: VMWARE & VMWARE ESXI Cyber Forensic tools: Encase, PTK Forensics, FTK, X-Way Forensics, Backlight. Network Tools: Snort, hping, tcpdump, Ethereal (packet analyzer), Wireshark, NMAP. Protocols: - TCP/IP, UDP, HTTP, HTTPS, GRE, SMTP, DNS, BGP, OSPF, IGRP, EIGRP, SSL, DHCP, FTP. Experience Details:  HCL Technologies || 22-06-2015 to Present ||Security Researcher  Enterprise security architectures and security components that implement these architectures including SIEM, DLP, IAM and leading security products.  Q radar administration for configuration and developing correlation rules for different devices.  Enterprise network architectures, topologies and components that implement these networks including TCP/IP, firewalls, proxies, and routers.  Client/server architectures and, server and end point component and technologies including Linux and Microsoft servers, computers, and mobile devices.  Conduct open-source and classified research on emerging/trending threats and vulnerabilities.  Deploying, managing MacAfee ePO, and McAfee HDLP for the entire world.  Setup different types of honeypots to collect malware samples.  Create finished, all-source intelligence assessments for inclusion in various Agency and IC intelligence products.  Performs analysis related to the detection, characterization, monitoring and warning of suspected unauthorized network activity and relationships that may pose a threat.  Initiates projects and plans leveraging broad research and analysis that affect cyber network defense.  Using different types of malware analysis/reversing tools (IDA Pro, Ollydbg) to find out the root cause and analyzing the malware samples.
 Provides rapid response to ad hoc requests from decision makers (e.g., special intelligence analyses or personal briefings).  Developing analytical tools and methodologies to fill present gaps and address future gaps.  Reviews reported tips and leads for threat information and sit uational awareness, including determining location, activity, and severity and reporting trends.  Compares and contrasts new data with information already in intelligenc e databases; seeks corroborative data; assesses individual pieces of information in the context of broader assessments or operations; and disseminates significant intelligence as appropriate.  Creating releasable products and weekly threat brief reports for Senior Leadership.  Analyzing a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident.  Accenture Services Private Limited Gurgaon ||31-05-2013 to 15-06-2015|| Client: Travel, Construction & Hospitality Client  Managing Network /Information Security for multiple clients.  Daily Operations and incident management related to proxies – ISA & Iron Port  Daily Operation and incident management related to Symantec DLP  VA using Qualys Guard Scanner  Daily Operations and incident management related to Web Filtering – Barracuda, Websense & Bluecoat.  Preventing any intrusion in Network via Cisco IPS and Source fire IPS.  Ensuring compliance of machines reporting to Forefront Endpoint Protection and McAfee Virus Scan Enterprise.  Managing & Implementation of Microsoft UAG, as a reverse Proxy solution for Publishing of Applications & VPN for the remote users.  Deployment of Network Access Protection (NAP) servers for client network.  Handing Security & Compliance for a US Based Hospitality Client.  Corporate SOC OF TCS Gurgaon ||25-4-2011 to 30-05-2013|| Client: TCS (Tata Consultancy Services Pvt. Ltd.)  Implemented and managing setup for Websense Web and DLP solution in TCS.  Managing SIM - logs from different security devices in common formats and analyzing the logs.  Implementation of Event Source and VAM updates.  Responsible for maintaining machine compliance using Symantec ESM in entire TCS environment.  Eliminating false positives and tuning security infrastructure for clarity in tracking incidents.  Managed Airtight Wireless IPS for protection against Wireless Attacks.  Virus Remediation - Tackling different variants of Virus through centrally managed SEPM, McAfee ePO, Malware Bytes & Microsoft Safety Scanner.  VA analysis for the TCS Servers through Nessus & Qualys Guard Scan.  Tackling SQL injection & XSS attempts.  Ticket creation & resolved within SLA in BMC remedy suite.  Incident handling, incident response and escalation management in a 24x7 environment.  Preparing SOPs, presentations and various Work Instruction documents for the project.  Keeping track of any attack exploit in TCS network
Roles and Responsibilities: 1) Incident management, Problem Management & Change management related to Web Proxies, ESM, Antivirus, DLP, VA, IPS. 2) Managing complete Security & Compliance for the client network. 3) Monitoring & Analyzing Real-Time & Co-related events, generated on SIEM. 4) Creation & Modification of Co-relation rules on SIEM. 5) Handling & deep investigating the incidents following Incident Response cycle. 6) Ensuring the signatures for all the devices (IBM IPS, Websense, SEPM, and FEP) are patched on timely basis. 7) Remediating remotely the Trojan, Virus or Rootkit infected machine. 8) Vulnerability Analysis for endpoints via Nessus Scan & McAfee Found Stone. 9) Vulnerability Analysis for the websites via Qualys Scan. 10) Managing various machines on McAfee ePO & SEPM. 11) Analyzing Credit Card Number Disclosure events via Symantec& Websense DLP. 12) Regularly updating Knowledgebase. 13) Updating the policies, procedures & guideline documents as per the requirements. 14) Checking health of production devices & updating the latest patch available for all the devices installed at client’s network. 15) Managing the daily, weekly & monthly reports sent to higher management.  Dell International as Security Engineer from ||30-11-2010 to 22-04-2011||  IBM DAKSH as a Security Analyst from ||23-06-2010 to 23-11-2010 || Assets: 1) Developed analytical problem solving skills 2) Positive attitude & Self-Motivated 3) Technical & Good Presentation Skills Personal information: Gender : Male Father’s Name : Late Shri ASHOK RATTAN ABROL Date of Birth : 20 Sep 1988 Languages Known : English, Hindi, and Punjabi Permanent Address : Z-15 A NAVEEN SHAHDARA DELHI 110032 Nationality : Indian Marital Status : Married Declaration: I hereby dec lare that the above - mentioned information is c orrec t up to my knowledge and I bear the responsibility for the c orrec tness of the above- mentioned partic ulars.

Recomendados

Cyber Kill Chain vs. Cyber Criminals
Cyber Kill Chain vs. Cyber CriminalsCyber Kill Chain vs. Cyber Criminals
Cyber Kill Chain vs. Cyber CriminalsDavid Sweigert
 
Corporate threat vector and landscape
Corporate threat vector and landscapeCorporate threat vector and landscape
Corporate threat vector and landscapeyohansurya2
 
Understanding Cyber Kill Chain and OODA loop
Understanding Cyber Kill Chain and OODA loopUnderstanding Cyber Kill Chain and OODA loop
Understanding Cyber Kill Chain and OODA loopDavid Sweigert
 
Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.Ricardo Resnik
 
Damballa automated breach defense june 2014
Damballa automated breach defense june 2014Damballa automated breach defense june 2014
Damballa automated breach defense june 2014Ricardo Resnik
 
Phases of Incident Response
Phases of Incident ResponsePhases of Incident Response
Phases of Incident ResponseEC-Council
 
Application Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingApplication Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingPriyanka Aash
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]David Sweigert
 

Recomendados

Cyber Kill Chain vs. Cyber Criminals
Cyber Kill Chain vs. Cyber CriminalsCyber Kill Chain vs. Cyber Criminals
Cyber Kill Chain vs. Cyber CriminalsDavid Sweigert
 
Corporate threat vector and landscape
Corporate threat vector and landscapeCorporate threat vector and landscape
Corporate threat vector and landscapeyohansurya2
 
Understanding Cyber Kill Chain and OODA loop
Understanding Cyber Kill Chain and OODA loopUnderstanding Cyber Kill Chain and OODA loop
Understanding Cyber Kill Chain and OODA loopDavid Sweigert
 
Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.Ricardo Resnik
 
Damballa automated breach defense june 2014
Damballa automated breach defense june 2014Damballa automated breach defense june 2014
Damballa automated breach defense june 2014Ricardo Resnik
 
Phases of Incident Response
Phases of Incident ResponsePhases of Incident Response
Phases of Incident ResponseEC-Council
 
Application Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingApplication Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingPriyanka Aash
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]David Sweigert
 
Addressing the cyber kill chain
Addressing the cyber kill chainAddressing the cyber kill chain
Addressing the cyber kill chainSymantec Brasil
 
CIO Review 2016-AUG SentinelOne
CIO Review 2016-AUG SentinelOneCIO Review 2016-AUG SentinelOne
CIO Review 2016-AUG SentinelOneSean Roth
 
Marlabs cyber threat management
Marlabs cyber threat managementMarlabs cyber threat management
Marlabs cyber threat managementRajendra Menon
 
Mapping the Enterprise Threat, Risk, and Security Control Landscape with Splunk
Mapping the Enterprise Threat, Risk, and Security Control Landscape with SplunkMapping the Enterprise Threat, Risk, and Security Control Landscape with Splunk
Mapping the Enterprise Threat, Risk, and Security Control Landscape with SplunkAndrew Gerber
 
Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...
Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...
Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...Cristian Garcia G.
 
Application Security
Application SecurityApplication Security
Application SecurityReggie Niccolo Santos
 
Application security
Application securityApplication security
Application securityHagar Alaa el-din
 
Cyber Kill Chain Deck for General Audience
Cyber Kill Chain Deck for General AudienceCyber Kill Chain Deck for General Audience
Cyber Kill Chain Deck for General AudienceTom K
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security GovernancePriyanka Aash
 
The Incident Response Playbook for Android and iOS
The Incident Response Playbook for Android and iOSThe Incident Response Playbook for Android and iOS
The Incident Response Playbook for Android and iOSPriyanka Aash
 
APT Monitoring and Compliance
APT Monitoring and ComplianceAPT Monitoring and Compliance
APT Monitoring and ComplianceMarcus Clarke
 
Cisa ransomware guide
Cisa ransomware guideCisa ransomware guide
Cisa ransomware guideanpapathanasiou
 
Anticipate and Prevent Cyber Attack Scenarios, Before They Occur
Anticipate and Prevent Cyber Attack Scenarios, Before They OccurAnticipate and Prevent Cyber Attack Scenarios, Before They Occur
Anticipate and Prevent Cyber Attack Scenarios, Before They OccurSkybox Security
 
Next Generation Defense in Depth Model - Tari Schreider, CCISO, Chief Cybers...
Next Generation Defense in Depth Model - Tari Schreider, CCISO, Chief Cybers...Next Generation Defense in Depth Model - Tari Schreider, CCISO, Chief Cybers...
Next Generation Defense in Depth Model - Tari Schreider, CCISO, Chief Cybers...EC-Council
 
Proactive cyber defence through adversary emulation for improving your securi...
Proactive cyber defence through adversary emulation for improving your securi...Proactive cyber defence through adversary emulation for improving your securi...
Proactive cyber defence through adversary emulation for improving your securi...idsecconf
 
Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...
Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...
Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...Sounil Yu
 
Talos threat-intelligence
Talos threat-intelligenceTalos threat-intelligence
Talos threat-intelligencexband
 
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...James Anderson
 
Keynote Session : The Non - Evolution of Security
Keynote Session : The Non - Evolution of SecurityKeynote Session : The Non - Evolution of Security
Keynote Session : The Non - Evolution of SecurityPriyanka Aash
 
Hands on Security, Disrupting the Kill Chain, SplunkLive! Austin
Hands on Security, Disrupting the Kill Chain, SplunkLive! AustinHands on Security, Disrupting the Kill Chain, SplunkLive! Austin
Hands on Security, Disrupting the Kill Chain, SplunkLive! AustinSplunk
 
Tener una vida postural de calidad. HIgiene Postural.
Tener una vida postural de calidad. HIgiene Postural.Tener una vida postural de calidad. HIgiene Postural.
Tener una vida postural de calidad. HIgiene Postural.MPD Método Pilar Domínguez
 
Phuket Real Estate Thailand
Phuket Real Estate ThailandPhuket Real Estate Thailand
Phuket Real Estate Thailandglobaltechsource
 

Mais conteúdo relacionado

Mais procurados

Addressing the cyber kill chain
Addressing the cyber kill chainAddressing the cyber kill chain
Addressing the cyber kill chainSymantec Brasil
 
CIO Review 2016-AUG SentinelOne
CIO Review 2016-AUG SentinelOneCIO Review 2016-AUG SentinelOne
CIO Review 2016-AUG SentinelOneSean Roth
 
Marlabs cyber threat management
Marlabs cyber threat managementMarlabs cyber threat management
Marlabs cyber threat managementRajendra Menon
 
Mapping the Enterprise Threat, Risk, and Security Control Landscape with Splunk
Mapping the Enterprise Threat, Risk, and Security Control Landscape with SplunkMapping the Enterprise Threat, Risk, and Security Control Landscape with Splunk
Mapping the Enterprise Threat, Risk, and Security Control Landscape with SplunkAndrew Gerber
 
Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...
Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...
Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...Cristian Garcia G.
 
Cyber Kill Chain Deck for General Audience
Cyber Kill Chain Deck for General AudienceCyber Kill Chain Deck for General Audience
Cyber Kill Chain Deck for General AudienceTom K
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security GovernancePriyanka Aash
 
The Incident Response Playbook for Android and iOS
The Incident Response Playbook for Android and iOSThe Incident Response Playbook for Android and iOS
The Incident Response Playbook for Android and iOSPriyanka Aash
 
APT Monitoring and Compliance
APT Monitoring and ComplianceAPT Monitoring and Compliance
APT Monitoring and ComplianceMarcus Clarke
 
Anticipate and Prevent Cyber Attack Scenarios, Before They Occur
Anticipate and Prevent Cyber Attack Scenarios, Before They OccurAnticipate and Prevent Cyber Attack Scenarios, Before They Occur
Anticipate and Prevent Cyber Attack Scenarios, Before They OccurSkybox Security
 
Next Generation Defense in Depth Model - Tari Schreider, CCISO, Chief Cybers...
Next Generation Defense in Depth Model - Tari Schreider, CCISO, Chief Cybers...Next Generation Defense in Depth Model - Tari Schreider, CCISO, Chief Cybers...
Next Generation Defense in Depth Model - Tari Schreider, CCISO, Chief Cybers...EC-Council
 
Proactive cyber defence through adversary emulation for improving your securi...
Proactive cyber defence through adversary emulation for improving your securi...Proactive cyber defence through adversary emulation for improving your securi...
Proactive cyber defence through adversary emulation for improving your securi...idsecconf
 
Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...
Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...
Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...Sounil Yu
 
Talos threat-intelligence
Talos threat-intelligenceTalos threat-intelligence
Talos threat-intelligencexband
 
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...James Anderson
 
Keynote Session : The Non - Evolution of Security
Keynote Session : The Non - Evolution of SecurityKeynote Session : The Non - Evolution of Security
Keynote Session : The Non - Evolution of SecurityPriyanka Aash
 
Hands on Security, Disrupting the Kill Chain, SplunkLive! Austin
Hands on Security, Disrupting the Kill Chain, SplunkLive! AustinHands on Security, Disrupting the Kill Chain, SplunkLive! Austin
Hands on Security, Disrupting the Kill Chain, SplunkLive! AustinSplunk
 

Mais procurados (20)

Addressing the cyber kill chain
Addressing the cyber kill chainAddressing the cyber kill chain
Addressing the cyber kill chain
 
CIO Review 2016-AUG SentinelOne
CIO Review 2016-AUG SentinelOneCIO Review 2016-AUG SentinelOne
CIO Review 2016-AUG SentinelOne
 
Marlabs cyber threat management
Marlabs cyber threat managementMarlabs cyber threat management
Marlabs cyber threat management
 
Mapping the Enterprise Threat, Risk, and Security Control Landscape with Splunk
Mapping the Enterprise Threat, Risk, and Security Control Landscape with SplunkMapping the Enterprise Threat, Risk, and Security Control Landscape with Splunk
Mapping the Enterprise Threat, Risk, and Security Control Landscape with Splunk
 
Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...
Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...
Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...
 
Application Security
Application SecurityApplication Security
Application Security
 
Application security
Application securityApplication security
Application security
 
Cyber Kill Chain Deck for General Audience
Cyber Kill Chain Deck for General AudienceCyber Kill Chain Deck for General Audience
Cyber Kill Chain Deck for General Audience
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security Governance
 
The Incident Response Playbook for Android and iOS
The Incident Response Playbook for Android and iOSThe Incident Response Playbook for Android and iOS
The Incident Response Playbook for Android and iOS
 
APT Monitoring and Compliance
APT Monitoring and ComplianceAPT Monitoring and Compliance
APT Monitoring and Compliance
 
Cisa ransomware guide
Cisa ransomware guideCisa ransomware guide
Cisa ransomware guide
 
Anticipate and Prevent Cyber Attack Scenarios, Before They Occur
Anticipate and Prevent Cyber Attack Scenarios, Before They OccurAnticipate and Prevent Cyber Attack Scenarios, Before They Occur
Anticipate and Prevent Cyber Attack Scenarios, Before They Occur
 
Next Generation Defense in Depth Model - Tari Schreider, CCISO, Chief Cybers...
Next Generation Defense in Depth Model - Tari Schreider, CCISO, Chief Cybers...Next Generation Defense in Depth Model - Tari Schreider, CCISO, Chief Cybers...
Next Generation Defense in Depth Model - Tari Schreider, CCISO, Chief Cybers...
 
Proactive cyber defence through adversary emulation for improving your securi...
Proactive cyber defence through adversary emulation for improving your securi...Proactive cyber defence through adversary emulation for improving your securi...
Proactive cyber defence through adversary emulation for improving your securi...
 
Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...
Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...
Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...
 
Talos threat-intelligence
Talos threat-intelligenceTalos threat-intelligence
Talos threat-intelligence
 
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
 
Keynote Session : The Non - Evolution of Security
Keynote Session : The Non - Evolution of SecurityKeynote Session : The Non - Evolution of Security
Keynote Session : The Non - Evolution of Security
 
Hands on Security, Disrupting the Kill Chain, SplunkLive! Austin
Hands on Security, Disrupting the Kill Chain, SplunkLive! AustinHands on Security, Disrupting the Kill Chain, SplunkLive! Austin
Hands on Security, Disrupting the Kill Chain, SplunkLive! Austin
 

Destaque

Tener una vida postural de calidad. HIgiene Postural.
Tener una vida postural de calidad. HIgiene Postural.Tener una vida postural de calidad. HIgiene Postural.
Tener una vida postural de calidad. HIgiene Postural.MPD Método Pilar Domínguez
 
Phuket Real Estate Thailand
Phuket Real Estate ThailandPhuket Real Estate Thailand
Phuket Real Estate Thailandglobaltechsource
 
Revista Oficial ANECPLA: Infoplagas. Nº 51 JUN 2013
Revista Oficial ANECPLA: Infoplagas. Nº 51 JUN 2013Revista Oficial ANECPLA: Infoplagas. Nº 51 JUN 2013
Revista Oficial ANECPLA: Infoplagas. Nº 51 JUN 2013ANECPLA
 
Power compra local
Power compra localPower compra local
Power compra localInma Garrido
 
Amazing prediction know youself
Amazing prediction know youself Amazing prediction know youself
Amazing prediction know youself ricksilversteine
 
Iglesia en Valladolid, 2ª quincena noviembre
Iglesia en Valladolid, 2ª quincena noviembreIglesia en Valladolid, 2ª quincena noviembre
Iglesia en Valladolid, 2ª quincena noviembrecristinamoreubi
 
Diego Montesano -. Genes.com.ar
Diego Montesano -. Genes.com.arDiego Montesano -. Genes.com.ar
Diego Montesano -. Genes.com.arDiego Montesano
 
PROYECTO SEGURIDAD VIAL EXPOTIT@
PROYECTO SEGURIDAD VIAL EXPOTIT@PROYECTO SEGURIDAD VIAL EXPOTIT@
PROYECTO SEGURIDAD VIAL EXPOTIT@gloriaelena325
 
Presentación de powerpoint
Presentación de powerpointPresentación de powerpoint
Presentación de powerpointamy1920moreno
 
Digital Pulse Summit - The Forces Shaping the Web - Mike Lundgren, VML
Digital Pulse Summit - The Forces Shaping the Web - Mike Lundgren, VMLDigital Pulse Summit - The Forces Shaping the Web - Mike Lundgren, VML
Digital Pulse Summit - The Forces Shaping the Web - Mike Lundgren, VMLDigital Clarity Group
 
Support for Kids with Incarcerated Parents (SKIP)
Support for Kids with Incarcerated Parents (SKIP)Support for Kids with Incarcerated Parents (SKIP)
Support for Kids with Incarcerated Parents (SKIP)Pennsylvania Prison Society
 
Informe pv92 m1 lacc2
Informe pv92 m1 lacc2Informe pv92 m1 lacc2
Informe pv92 m1 lacc2Alba Gándara
 
ISISO product broshures
ISISO product broshuresISISO product broshures
ISISO product broshuresŞakir Musa
 
C-K: Hard-Working-Class Study
C-K: Hard-Working-Class StudyC-K: Hard-Working-Class Study
C-K: Hard-Working-Class StudyCramer-Krasselt
 

Destaque (20)

Tener una vida postural de calidad. HIgiene Postural.
Tener una vida postural de calidad. HIgiene Postural.Tener una vida postural de calidad. HIgiene Postural.
Tener una vida postural de calidad. HIgiene Postural.
 
Phuket Real Estate Thailand
Phuket Real Estate ThailandPhuket Real Estate Thailand
Phuket Real Estate Thailand
 
Revista Oficial ANECPLA: Infoplagas. Nº 51 JUN 2013
Revista Oficial ANECPLA: Infoplagas. Nº 51 JUN 2013Revista Oficial ANECPLA: Infoplagas. Nº 51 JUN 2013
Revista Oficial ANECPLA: Infoplagas. Nº 51 JUN 2013
 
Fax
FaxFax
Fax
 
Power compra local
Power compra localPower compra local
Power compra local
 
Amazing prediction know youself
Amazing prediction know youself Amazing prediction know youself
Amazing prediction know youself
 
Iglesia en Valladolid, 2ª quincena noviembre
Iglesia en Valladolid, 2ª quincena noviembreIglesia en Valladolid, 2ª quincena noviembre
Iglesia en Valladolid, 2ª quincena noviembre
 
Patrick hochstenbach mobilize u gent
Patrick hochstenbach mobilize u gentPatrick hochstenbach mobilize u gent
Patrick hochstenbach mobilize u gent
 
Diego Montesano -. Genes.com.ar
Diego Montesano -. Genes.com.arDiego Montesano -. Genes.com.ar
Diego Montesano -. Genes.com.ar
 
PROYECTO SEGURIDAD VIAL EXPOTIT@
PROYECTO SEGURIDAD VIAL EXPOTIT@PROYECTO SEGURIDAD VIAL EXPOTIT@
PROYECTO SEGURIDAD VIAL EXPOTIT@
 
Felipe, león el hacha
Felipe, león el hachaFelipe, león el hacha
Felipe, león el hacha
 
Rsf ejercicio
Rsf ejercicio Rsf ejercicio
Rsf ejercicio
 
Presentación de powerpoint
Presentación de powerpointPresentación de powerpoint
Presentación de powerpoint
 
Portafolio
PortafolioPortafolio
Portafolio
 
Digital Pulse Summit - The Forces Shaping the Web - Mike Lundgren, VML
Digital Pulse Summit - The Forces Shaping the Web - Mike Lundgren, VMLDigital Pulse Summit - The Forces Shaping the Web - Mike Lundgren, VML
Digital Pulse Summit - The Forces Shaping the Web - Mike Lundgren, VML
 
Support for Kids with Incarcerated Parents (SKIP)
Support for Kids with Incarcerated Parents (SKIP)Support for Kids with Incarcerated Parents (SKIP)
Support for Kids with Incarcerated Parents (SKIP)
 
Informe pv92 m1 lacc2
Informe pv92 m1 lacc2Informe pv92 m1 lacc2
Informe pv92 m1 lacc2
 
ISISO product broshures
ISISO product broshuresISISO product broshures
ISISO product broshures
 
India Cross Culture Training Shivoo
India Cross Culture Training ShivooIndia Cross Culture Training Shivoo
India Cross Culture Training Shivoo
 
C-K: Hard-Working-Class Study
C-K: Hard-Working-Class StudyC-K: Hard-Working-Class Study
C-K: Hard-Working-Class Study
 

Semelhante a Dhishant -Latest Resume

David Patterson IT Security Resumes 2016
David Patterson IT Security Resumes 2016David Patterson IT Security Resumes 2016
David Patterson IT Security Resumes 2016David Patterson
 
Prabhu Resume
Prabhu ResumePrabhu Resume
Prabhu ResumePrabhu P
 
Lancy-Curriculum Vitae
Lancy-Curriculum VitaeLancy-Curriculum Vitae
Lancy-Curriculum VitaeLancy Menezes
 
Noel_De_Leon_Alvior_CV
Noel_De_Leon_Alvior_CVNoel_De_Leon_Alvior_CV
Noel_De_Leon_Alvior_CVNoel Alvior
 
Operational Security Intelligence
Operational Security IntelligenceOperational Security Intelligence
Operational Security IntelligenceSplunk
 
Pramod Yadav_Security Operations Center Manager
Pramod Yadav_Security Operations Center ManagerPramod Yadav_Security Operations Center Manager
Pramod Yadav_Security Operations Center ManagerPramod Yadav
 
8 Top Cybersecurity Tools.pptx
8 Top Cybersecurity Tools.pptx8 Top Cybersecurity Tools.pptx
8 Top Cybersecurity Tools.pptxMetaorange
 
8 Top Cybersecurity Tools.pdf
8 Top Cybersecurity Tools.pdf8 Top Cybersecurity Tools.pdf
8 Top Cybersecurity Tools.pdfMetaorange
 
Infosec cert service
Infosec cert serviceInfosec cert service
Infosec cert serviceMinh Le
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security PresentationSimplex
 
AKS IT Corporate Presentation
AKS IT Corporate PresentationAKS IT Corporate Presentation
AKS IT Corporate Presentationaksit_services
 

Semelhante a Dhishant -Latest Resume (20)

David Patterson IT Security Resumes 2016
David Patterson IT Security Resumes 2016David Patterson IT Security Resumes 2016
David Patterson IT Security Resumes 2016
 
Prabhu Resume
Prabhu ResumePrabhu Resume
Prabhu Resume
 
tarunidhar
tarunidhartarunidhar
tarunidhar
 
resume IT security
resume IT securityresume IT security
resume IT security
 
Lancy-Curriculum Vitae
Lancy-Curriculum VitaeLancy-Curriculum Vitae
Lancy-Curriculum Vitae
 
Saravanan_Resume_IBM Updated
Saravanan_Resume_IBM UpdatedSaravanan_Resume_IBM Updated
Saravanan_Resume_IBM Updated
 
Noel_De_Leon_Alvior_CV
Noel_De_Leon_Alvior_CVNoel_De_Leon_Alvior_CV
Noel_De_Leon_Alvior_CV
 
Operational Security Intelligence
Operational Security IntelligenceOperational Security Intelligence
Operational Security Intelligence
 
Shashikant Chavan_Resume
Shashikant Chavan_ResumeShashikant Chavan_Resume
Shashikant Chavan_Resume
 
Pramod Yadav_Security Operations Center Manager
Pramod Yadav_Security Operations Center ManagerPramod Yadav_Security Operations Center Manager
Pramod Yadav_Security Operations Center Manager
 
8 Top Cybersecurity Tools.pptx
8 Top Cybersecurity Tools.pptx8 Top Cybersecurity Tools.pptx
8 Top Cybersecurity Tools.pptx
 
8 Top Cybersecurity Tools.pdf
8 Top Cybersecurity Tools.pdf8 Top Cybersecurity Tools.pdf
8 Top Cybersecurity Tools.pdf
 
Deepika_Resume
Deepika_ResumeDeepika_Resume
Deepika_Resume
 
Infosec cert service
Infosec cert serviceInfosec cert service
Infosec cert service
 
Imran Resume
Imran ResumeImran Resume
Imran Resume
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security Presentation
 
Cybersecurity - Jim Butterworth
Cybersecurity - Jim ButterworthCybersecurity - Jim Butterworth
Cybersecurity - Jim Butterworth
 
AKS IT Corporate Presentation
AKS IT Corporate PresentationAKS IT Corporate Presentation
AKS IT Corporate Presentation
 
Aksit profile final
Aksit profile finalAksit profile final
Aksit profile final
 
CV_A-Barakat
CV_A-BarakatCV_A-Barakat
CV_A-Barakat
 

Dhishant -Latest Resume

  • 1. DHISHANT ABROL Email: dhishant@outlook.com Contact No.:+91-9811787372 Objective: To achieve the high standards of being the best among all, through hard work, positive attitude and dedication and to be placed in an organization which sets high standards for itself and gives me an opportunity to achieve my goal. Summary: I have 6+ Years of dedicated experience in the field of Information/Network Security. Currently working in Cyber Intelligence Center of a US based client as Security Researcher. Here leading a team of CSIRT (Cyber Security Incident response Team) to handle major incidents and escalations. Also managing Vulnerability Assessment/Penetration Testing (Based on OWASP Top 10) of Web Applications and Network. Performing Malware Analysis, DDoS Prevention, analyzing various threats. Managing Compliance and performing Risk Assessment & threat intelligence of client network for the latest security threats. Performing Internal Auditing based on (ISO27001, PCI-DSS/HIPPA) and delivering security awareness trainings. Academic Qualifications:  B.TECH (Electronics Communication) from VIVEKANAND (V.I.T.S) ENGINEERING COLLEGE, JINDAL NAGAR, GHAZIABAD in 2010 Secured 65.20%  12th from C.B.S.E Board, in 2006. DAV PUBLIC SCHOOL, DELHI Secured 72.40%  10th from C.B.S.E Board in 2004, PLATO PUBIC SCHOOL, DELHI Secured 75.20% Certifications:  Cisco Certified Network Associate (CCNA)  ITIL V3 Foundation  Certified Ethical Hacker V9  Cambridge Certified Security Associate  ISO 27001 Lead Auditor  Qualys Guard Vulnerability Management Specialist  McAfee ePO 4.6  McAfee FoundStone 6.0  Airtight Certified Wireless Security Administrator(ACWSA)  Websense Web Security Gateway & Data Loss Prevention 7.7.3
  • 2. Tools, Technologies and Skills: - IDS/IPS: SNORT, IBM Proventia, Cisco Sourcefire. Web Security - Websense, Cisco IronPort, Barracuda, Bluecoat Content Filter. Auditing: ISO27001, PCI-DSS, HIPPA Microsoft technologies: AD, ADFS, LDAP, Windows PKI, SharePoint. WSUS, Antivirus – MacAfee ePO, SEPM, Trend Micro, FEP, SCEP. Data Loss prevention – Websense, Symantec & MacAfee. SIEM: HP-ArcSight, IBM-Q-radar, RSA Envision. Compliance-Symantec ESM& Control Compliance Suit. Vulnerability Assessment/PT: Nessus, Qualysguard, Nexpose, McAfee FondStone & Metasploit Process Skills: Information Security Management System, BCP/DR Planning. DDoS attack: UDP/ICMP Flood, SYN Flood, HTTP Get Flood, TCP Connection Attack, TCP Flag-based Attacks Monitoring: BMC Remedy, Site Scope. Honeypots: - Database Honeypots (Elastic honey), Web honeypots (Glastopf, Shadow Daemon, Google Hack Honeypot), Service Honeypots (Kippo, troje), Deployment (Dionaea, honeypotpi). Cryptography: Encryption Algorithms, Digital Signature, Deploying PKI. Malware Analysis: Process Explorer, Process Monitor, Net witness. VPN: IPSEC, PPTP, L2TP, Open VPN Virtualization: VMWARE & VMWARE ESXI Cyber Forensic tools: Encase, PTK Forensics, FTK, X-Way Forensics, Backlight. Network Tools: Snort, hping, tcpdump, Ethereal (packet analyzer), Wireshark, NMAP. Protocols: - TCP/IP, UDP, HTTP, HTTPS, GRE, SMTP, DNS, BGP, OSPF, IGRP, EIGRP, SSL, DHCP, FTP. Experience Details:  HCL Technologies || 22-06-2015 to Present ||Security Researcher  Enterprise security architectures and security components that implement these architectures including SIEM, DLP, IAM and leading security products.  Q radar administration for configuration and developing correlation rules for different devices.  Enterprise network architectures, topologies and components that implement these networks including TCP/IP, firewalls, proxies, and routers.  Client/server architectures and, server and end point component and technologies including Linux and Microsoft servers, computers, and mobile devices.  Conduct open-source and classified research on emerging/trending threats and vulnerabilities.  Deploying, managing MacAfee ePO, and McAfee HDLP for the entire world.  Setup different types of honeypots to collect malware samples.  Create finished, all-source intelligence assessments for inclusion in various Agency and IC intelligence products.  Performs analysis related to the detection, characterization, monitoring and warning of suspected unauthorized network activity and relationships that may pose a threat.  Initiates projects and plans leveraging broad research and analysis that affect cyber network defense.  Using different types of malware analysis/reversing tools (IDA Pro, Ollydbg) to find out the root cause and analyzing the malware samples.
  • 3.  Provides rapid response to ad hoc requests from decision makers (e.g., special intelligence analyses or personal briefings).  Developing analytical tools and methodologies to fill present gaps and address future gaps.  Reviews reported tips and leads for threat information and sit uational awareness, including determining location, activity, and severity and reporting trends.  Compares and contrasts new data with information already in intelligenc e databases; seeks corroborative data; assesses individual pieces of information in the context of broader assessments or operations; and disseminates significant intelligence as appropriate.  Creating releasable products and weekly threat brief reports for Senior Leadership.  Analyzing a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident.  Accenture Services Private Limited Gurgaon ||31-05-2013 to 15-06-2015|| Client: Travel, Construction & Hospitality Client  Managing Network /Information Security for multiple clients.  Daily Operations and incident management related to proxies – ISA & Iron Port  Daily Operation and incident management related to Symantec DLP  VA using Qualys Guard Scanner  Daily Operations and incident management related to Web Filtering – Barracuda, Websense & Bluecoat.  Preventing any intrusion in Network via Cisco IPS and Source fire IPS.  Ensuring compliance of machines reporting to Forefront Endpoint Protection and McAfee Virus Scan Enterprise.  Managing & Implementation of Microsoft UAG, as a reverse Proxy solution for Publishing of Applications & VPN for the remote users.  Deployment of Network Access Protection (NAP) servers for client network.  Handing Security & Compliance for a US Based Hospitality Client.  Corporate SOC OF TCS Gurgaon ||25-4-2011 to 30-05-2013|| Client: TCS (Tata Consultancy Services Pvt. Ltd.)  Implemented and managing setup for Websense Web and DLP solution in TCS.  Managing SIM - logs from different security devices in common formats and analyzing the logs.  Implementation of Event Source and VAM updates.  Responsible for maintaining machine compliance using Symantec ESM in entire TCS environment.  Eliminating false positives and tuning security infrastructure for clarity in tracking incidents.  Managed Airtight Wireless IPS for protection against Wireless Attacks.  Virus Remediation - Tackling different variants of Virus through centrally managed SEPM, McAfee ePO, Malware Bytes & Microsoft Safety Scanner.  VA analysis for the TCS Servers through Nessus & Qualys Guard Scan.  Tackling SQL injection & XSS attempts.  Ticket creation & resolved within SLA in BMC remedy suite.  Incident handling, incident response and escalation management in a 24x7 environment.  Preparing SOPs, presentations and various Work Instruction documents for the project.  Keeping track of any attack exploit in TCS network
  • 4. Roles and Responsibilities: 1) Incident management, Problem Management & Change management related to Web Proxies, ESM, Antivirus, DLP, VA, IPS. 2) Managing complete Security & Compliance for the client network. 3) Monitoring & Analyzing Real-Time & Co-related events, generated on SIEM. 4) Creation & Modification of Co-relation rules on SIEM. 5) Handling & deep investigating the incidents following Incident Response cycle. 6) Ensuring the signatures for all the devices (IBM IPS, Websense, SEPM, and FEP) are patched on timely basis. 7) Remediating remotely the Trojan, Virus or Rootkit infected machine. 8) Vulnerability Analysis for endpoints via Nessus Scan & McAfee Found Stone. 9) Vulnerability Analysis for the websites via Qualys Scan. 10) Managing various machines on McAfee ePO & SEPM. 11) Analyzing Credit Card Number Disclosure events via Symantec& Websense DLP. 12) Regularly updating Knowledgebase. 13) Updating the policies, procedures & guideline documents as per the requirements. 14) Checking health of production devices & updating the latest patch available for all the devices installed at client’s network. 15) Managing the daily, weekly & monthly reports sent to higher management.  Dell International as Security Engineer from ||30-11-2010 to 22-04-2011||  IBM DAKSH as a Security Analyst from ||23-06-2010 to 23-11-2010 || Assets: 1) Developed analytical problem solving skills 2) Positive attitude & Self-Motivated 3) Technical & Good Presentation Skills Personal information: Gender : Male Father’s Name : Late Shri ASHOK RATTAN ABROL Date of Birth : 20 Sep 1988 Languages Known : English, Hindi, and Punjabi Permanent Address : Z-15 A NAVEEN SHAHDARA DELHI 110032 Nationality : Indian Marital Status : Married Declaration: I hereby dec lare that the above - mentioned information is c orrec t up to my knowledge and I bear the responsibility for the c orrec tness of the above- mentioned partic ulars.