1. DHISHANT ABROL
Email: dhishant@outlook.com
Contact No.:+91-9811787372
Objective:
To achieve the high standards of being the best among all, through hard work, positive
attitude and dedication and to be placed in an organization which sets high standards
for itself and gives me an opportunity to achieve my goal.
Summary:
I have 6+ Years of dedicated experience in the field of Information/Network Security.
Currently working in Cyber Intelligence Center of a US based client as Security
Researcher. Here leading a team of CSIRT (Cyber Security Incident response Team) to
handle major incidents and escalations. Also managing Vulnerability
Assessment/Penetration Testing (Based on OWASP Top 10) of Web Applications and
Network. Performing Malware Analysis, DDoS Prevention, analyzing various threats.
Managing Compliance and performing Risk Assessment & threat intelligence of client
network for the latest security threats. Performing Internal Auditing based on
(ISO27001, PCI-DSS/HIPPA) and delivering security awareness trainings.
Academic Qualifications:
B.TECH (Electronics Communication) from VIVEKANAND (V.I.T.S) ENGINEERING
COLLEGE, JINDAL NAGAR, GHAZIABAD in 2010 Secured 65.20%
12th from C.B.S.E Board, in 2006. DAV PUBLIC SCHOOL, DELHI Secured 72.40%
10th from C.B.S.E Board in 2004, PLATO PUBIC SCHOOL, DELHI Secured 75.20%
Certifications:
Cisco Certified Network Associate (CCNA)
ITIL V3 Foundation
Certified Ethical Hacker V9
Cambridge Certified Security Associate
ISO 27001 Lead Auditor
Qualys Guard Vulnerability Management Specialist
McAfee ePO 4.6
McAfee FoundStone 6.0
Airtight Certified Wireless Security Administrator(ACWSA)
Websense Web Security Gateway & Data Loss Prevention 7.7.3
2. Tools, Technologies and Skills: -
IDS/IPS: SNORT, IBM Proventia, Cisco Sourcefire.
Web Security - Websense, Cisco IronPort, Barracuda, Bluecoat Content Filter.
Auditing: ISO27001, PCI-DSS, HIPPA
Microsoft technologies: AD, ADFS, LDAP, Windows PKI, SharePoint. WSUS,
Antivirus – MacAfee ePO, SEPM, Trend Micro, FEP, SCEP.
Data Loss prevention – Websense, Symantec & MacAfee.
SIEM: HP-ArcSight, IBM-Q-radar, RSA Envision.
Compliance-Symantec ESM& Control Compliance Suit.
Vulnerability Assessment/PT: Nessus, Qualysguard, Nexpose, McAfee FondStone &
Metasploit
Process Skills: Information Security Management System, BCP/DR Planning.
DDoS attack: UDP/ICMP Flood, SYN Flood, HTTP Get Flood, TCP Connection Attack,
TCP Flag-based Attacks
Monitoring: BMC Remedy, Site Scope.
Honeypots: - Database Honeypots (Elastic honey), Web honeypots (Glastopf, Shadow
Daemon, Google Hack Honeypot), Service Honeypots (Kippo, troje), Deployment
(Dionaea, honeypotpi).
Cryptography: Encryption Algorithms, Digital Signature, Deploying PKI.
Malware Analysis: Process Explorer, Process Monitor, Net witness.
VPN: IPSEC, PPTP, L2TP, Open VPN
Virtualization: VMWARE & VMWARE ESXI
Cyber Forensic tools: Encase, PTK Forensics, FTK, X-Way Forensics, Backlight.
Network Tools: Snort, hping, tcpdump, Ethereal (packet analyzer), Wireshark, NMAP.
Protocols: - TCP/IP, UDP, HTTP, HTTPS, GRE, SMTP, DNS, BGP, OSPF, IGRP, EIGRP, SSL,
DHCP, FTP.
Experience Details:
HCL Technologies || 22-06-2015 to Present ||Security Researcher
Enterprise security architectures and security components that implement these
architectures including SIEM, DLP, IAM and leading security products.
Q radar administration for configuration and developing correlation rules for
different devices.
Enterprise network architectures, topologies and components that implement these
networks including TCP/IP, firewalls, proxies, and routers.
Client/server architectures and, server and end point component and technologies
including Linux and Microsoft servers, computers, and mobile devices.
Conduct open-source and classified research on emerging/trending threats and
vulnerabilities.
Deploying, managing MacAfee ePO, and McAfee HDLP for the entire world.
Setup different types of honeypots to collect malware samples.
Create finished, all-source intelligence assessments for inclusion in various Agency
and IC intelligence products.
Performs analysis related to the detection, characterization, monitoring and
warning of suspected unauthorized network activity and relationships that may
pose a threat.
Initiates projects and plans leveraging broad research and analysis that affect cyber
network defense.
Using different types of malware analysis/reversing tools (IDA Pro, Ollydbg) to find
out the root cause and analyzing the malware samples.
3. Provides rapid response to ad hoc requests from decision makers (e.g., special
intelligence analyses or personal briefings).
Developing analytical tools and methodologies to fill present gaps and address
future gaps.
Reviews reported tips and leads for threat information and sit uational awareness,
including determining location, activity, and severity and reporting trends.
Compares and contrasts new data with information already in intelligenc e
databases; seeks corroborative data; assesses individual pieces of information in
the context of broader assessments or operations; and disseminates significant
intelligence as appropriate.
Creating releasable products and weekly threat brief reports for Senior Leadership.
Analyzing a variety of network and host-based security appliance logs (Firewalls,
NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and
escalation paths for each incident.
Accenture Services Private Limited Gurgaon ||31-05-2013 to 15-06-2015||
Client: Travel, Construction & Hospitality Client
Managing Network /Information Security for multiple clients.
Daily Operations and incident management related to proxies – ISA & Iron Port
Daily Operation and incident management related to Symantec DLP
VA using Qualys Guard Scanner
Daily Operations and incident management related to Web Filtering – Barracuda,
Websense & Bluecoat.
Preventing any intrusion in Network via Cisco IPS and Source fire IPS.
Ensuring compliance of machines reporting to Forefront Endpoint Protection and
McAfee Virus Scan Enterprise.
Managing & Implementation of Microsoft UAG, as a reverse Proxy solution for
Publishing of Applications & VPN for the remote users.
Deployment of Network Access Protection (NAP) servers for client network.
Handing Security & Compliance for a US Based Hospitality Client.
Corporate SOC OF TCS Gurgaon ||25-4-2011 to 30-05-2013||
Client: TCS (Tata Consultancy Services Pvt. Ltd.)
Implemented and managing setup for Websense Web and DLP solution in TCS.
Managing SIM - logs from different security devices in common formats and
analyzing the logs.
Implementation of Event Source and VAM updates.
Responsible for maintaining machine compliance using Symantec ESM in entire TCS
environment.
Eliminating false positives and tuning security infrastructure for clarity in tracking
incidents.
Managed Airtight Wireless IPS for protection against Wireless Attacks.
Virus Remediation - Tackling different variants of Virus through centrally managed
SEPM, McAfee ePO, Malware Bytes & Microsoft Safety Scanner.
VA analysis for the TCS Servers through Nessus & Qualys Guard Scan.
Tackling SQL injection & XSS attempts.
Ticket creation & resolved within SLA in BMC remedy suite.
Incident handling, incident response and escalation management in a 24x7
environment.
Preparing SOPs, presentations and various Work Instruction documents for the
project.
Keeping track of any attack exploit in TCS network
4. Roles and Responsibilities:
1) Incident management, Problem Management & Change management related to
Web Proxies, ESM, Antivirus, DLP, VA, IPS.
2) Managing complete Security & Compliance for the client network.
3) Monitoring & Analyzing Real-Time & Co-related events, generated on SIEM.
4) Creation & Modification of Co-relation rules on SIEM.
5) Handling & deep investigating the incidents following Incident Response cycle.
6) Ensuring the signatures for all the devices (IBM IPS, Websense, SEPM, and FEP)
are patched on timely basis.
7) Remediating remotely the Trojan, Virus or Rootkit infected machine.
8) Vulnerability Analysis for endpoints via Nessus Scan & McAfee Found Stone.
9) Vulnerability Analysis for the websites via Qualys Scan.
10) Managing various machines on McAfee ePO & SEPM.
11) Analyzing Credit Card Number Disclosure events via Symantec& Websense DLP.
12) Regularly updating Knowledgebase.
13) Updating the policies, procedures & guideline documents as per the requirements.
14) Checking health of production devices & updating the latest patch available for all
the devices installed at client’s network.
15) Managing the daily, weekly & monthly reports sent to higher management.
Dell International as Security Engineer from ||30-11-2010 to 22-04-2011||
IBM DAKSH as a Security Analyst from ||23-06-2010 to 23-11-2010 ||
Assets:
1) Developed analytical problem solving skills
2) Positive attitude & Self-Motivated
3) Technical & Good Presentation Skills
Personal information:
Gender : Male
Father’s Name : Late Shri ASHOK RATTAN ABROL
Date of Birth : 20 Sep 1988
Languages Known : English, Hindi, and Punjabi
Permanent Address : Z-15 A NAVEEN SHAHDARA DELHI 110032
Nationality : Indian
Marital Status : Married
Declaration:
I hereby dec lare that the above - mentioned information is c orrec t up to my
knowledge and I bear the responsibility for the c orrec tness of the above-
mentioned partic ulars.