Embed Size (px)
Citation preview
SANTOSH BHIMRAO YADAVMCSE, CCNA, BS7799LA, CEH, ECSA
Email: santoshby@ gmail . comPhone: +917738755439
Bachelor of Electronics (B.E.) from University of Mumbai - May 1998
INFORMATION SECURITY MANAGER, DATA CENTER MANAGEMENT, SUPPORT ENGINEER
Well versed with Data Center operations, IT Security, Network and System Administration, Integration and Maintenance of LAN and WANs. Risk Management and Operations, Security Policies, Procedures, Incident Management, BCP/ DR drills, System Analysis and IS Audits. Data Security, Cryptography, PKI. Design cost effective Network Security Architecture. Good exposure of technologies used in BFSI domain, Regulatory compliance for BFSI, Asset Management, End user compliance, Patch Management, License management. Network Operations, Help Desk Support Management. Proxy, Having analytical and problem solving abilities.
Professional Qualification and Training
• BS 7799 - Advanced ISMS Lead Auditor Certification• Cisco Certified Network Associate (CCNA 2.0)• Microsoft Certified Systems Engineer (MCSE)• Certified Ethical Hacker (CEH)• EC-Council Certified Security Analyst (ECSA)
Skill set
Operating Systems: Windows NT 4.0, Windows 2000 , Windows 2003,Red Hat Linux, SuSE Linux
Firewalls: Nokia Chekpoint, Stonegate, Fortinet, CISCO, Symantec Raptor,
NIDS: Snort, RealSecure IDS, Tipping Point
Antivirus : McAffee ePO, Symantec NAV, Trend Micro
DLP : RSA
SIEM : Symantec SIEM
VA Tool : Nessus
Web Gateway : Trend Micro, Blue coat
VPN : IPSec, PPTP
Routers : CISCO, D-Link
Switches: CISCO, D-Link. 3 -Com
Protocols: , TCP/IP, SNMP, SMTP, FTP, HTTP, HTTPS & routing protocols viz. RIP
Two Factor Authentication : RSA eToken for administrators
Access Control : SecLore, NAVIS, LANDesk
1
Professional Experience
ICICI Bank Ltd.Manager (M-II) – Information Security Group (Sep 2011 – Sep 2014)
Primarily responsible for SOC Operations, BCP management for ISG related functions, end user security compliance and governance, approving authority to exceptions requested by end users based on Information Security and Technology Risk perspective, Data Leakage prevention and publishing InfoSec dashboard for senior Management, Vendor Risk Assessment.
Projects:
SOC Manager Managed Security Operations Center(SOC) of ICICI Bank. ICICI Bank has its own 24x7 SOC managed by third party with team size
of 10 personnel. Responsible to mange this team and entire SOC operations (Agent count maintenance, maintaining TAT), reviewing of MIS/ reports generated by team, Incident Management with adequate RCA & control implementations, addition of devices for monitoring, Coordination with vendor for creating collectors for devices which were not supported by SIEM tool. Movement of SIEM application from appliance to VM ware successfully with zero down time. Antiphishing management in co-ordination with RSA. Ensure SOC operation will be carried out as per Standard Operating Procedure (SOP) Incident Tickets are generated and assigned to respective stakeholders. Timely closure of tickets with proper Root Cause Analysis. Submit Incident management reports to Senior Management.
DLP Implementation ( Team Member)Was a member of team for implementing RSA DLP solution in Bank.
RISK ManagementImposed restrictions viz, admin access, software installation, USB access, internet access restriction on end user systems to take care
of risk.
IDBI Intech Ltd.Project Manager – Information Security (May 2008 – Sep 2011)
Primarily responsible for rendering Information Security services for IDBI Bank and IDBI Group companies. Managing Security Infrastructure of IDBI & Group companies. Firewall and other network security product mangement. Designing and implementing of IS policies and processes. IT Network & System security viz. Compliance monitoring with Information Security policies and procedures, Creating Information Security awareness within the organization, Co-ordination with Managed Security Services vendors for conducting Audits, VA, PT. Conducting third party audits to identify deviations from IT Security standards and drive implementation of corrective actions. Ensuring Business Continuity Management to fulfil the continuity requirements for increasing business needs and meet the audit compliance.
Projects:
RTGS setupDesigned and Deployed RTGS setup for First Rand Bank India.
CERT-IN empanelment Test Was a member of team, which participated to clear CERT-IN empanelment test. My role was to test SQL injections on test portal provided by CERT-IN.
Network security architecture and setup:Designed and implemented network security (perimeter & DMZ) for IDBI group companies viz. IDBI Federal Insurance Ltd and IDBI Asset Management Company Ltd.
Technologies used:
IDBI Federal Insurance Ltd Checkpoint Firewall solution on Nokia appliances in HA mode, Symantec Mail Gateway, Bluecoat Web Gateway
IDBI Asset Management Company Ltd. Fortinet firewall in HA mode, CISCO ASA firewalls, and Symantec Antivirus solution.
IT Audits (Network & Application Security) Carried out Network & Application Security audits for SIDBI Ltd and Stockholding Corporation Ltd Data Centers (primary & DR
sites) using Nessus.
IT infrastructure and network setup audit (Southern Credit Bank Corporation, Kenya): Review perimeter network security and IT infrastructure setup. Branch setup configuration review (branch user access). Vulnerability
Assessment (VA) of important applications for risks if any using Nessus.
2
Achievement: Received reorganization from MD & CEO of organisation as organisation qualified as CERT-IN empanelment organization For Information Security related programs.
IDBI Bank Ltd.Manager (November 2004 – May 2008)
Primarily responsible for handling Bank’s IT Network & System security viz. Compliance monitoring with Information Security policies and procedures, Co-ordination with Managed Security Services vendors for conducting Audits, Penetration Testing and OS Hardening. Managing the Firewalls. Deployment of Microsoft hot fixes & patches in production environment after successful testing of the same in Test Lab setup.
Data Center migration Project:Was FPR for Information Security perspective, Co-ordinating with system integrator and business units to configure, install security
products viz. Firewall, IDS, Mail & Web Gateway solutions. Carrying out IT infrastructure Audits. Coordination with Managed Security Services (MSS) vendor for ensuring and maintaining information security.
Rolta India Ltd.Assistant Manager (June 2001 - October 2004)
I was responsible for managing the various day-to-day Data Center network operations activities. I interfaced with Rolta’s premium colocation customers for their operational, technical, security issues and maintain SLA. Was responsible for supporting the backbone network serving over 20,000 dial up ISP customers. Other responsibilities included designing and implementation of new technology solutions, hardware or software product evaluations and its possible integration with the current setup, which further helped us in launching value added services. Successfully completed Data Center and ISP services migration from Red Hat Linux to SuSE Linux. Designed and implemented secure network for British Telecom project of CAD/CAM division. Conducting security audit and implementing policy for Collocation services at Rolta Data Center.
Projects :
Data Center and ISP services migration and upgradation from Red Hat Linux to SuSE Linux Role: Project LeaderManaged Team of four (4) members during Data Center & ISP services migration project. RoltaNet Data Center and ISP services are running on Red Hat Linux. These services are migrated and upgraded to SuSE Linux. My role in this project was to plan the migration activities, configuring services on SuSE Linux in Lab setup, testing the services in Lab setup. Co-ordinatinating with ISP Shift Managers for final deployment of the services in the live environment. The services migrated successfully are Radius, DNS, Squid, SMTP servers, Load Balancing servers, Net Filter based firewalls, IPSec/PPTP VPN, NIDS (Snort) and FWTK proxy firewall.
Implementing Linux based IPSec & PPTP VPN tunnel between worldwide officesRole: IndividualRolta has various worldwide offices and are required to connect for data/mail transfer to/from the head office with secure way. All offices having D-Link broadband routers with Firewall and VPN capabilities. Configured D-Link firewall and IPSec VPN remotely, configured Linux based IPSec/PPTP VPN server at Head Office for implementing IPSec/PPTP VPN tunnel in between these offices.
Implementation and Administration of Symantec Raptor FirewallRole: Team Member Symantec Raptor, an application level gateway firewall is deployed between Rolta private network and public network to protect the LAN from internet attacks and to permit the employees to access application services such as HTTP, SMTP, FTP, etc. from the public network. Defined and implemented the policies to allocate the Internet access to employees. The mission critical services such as Corporate Web and Mail servers are kept behind the DMZ zone of firewall.
Setting up distributed Virtual Local Area Network (VLAN)Role: Team Member The objective is to separate few terminals from Rolta’s corporate network and form an isolated secure LAN. The required systems are not located and terminated on one switch but rather distributed on different network and switches existing in three different corporate buildings. On analysing the entire network, it is found that though the network is distributed over three different buildings it is forming a single routed / switched network. Based on this analysis input and without adding any resources in the given network setup a virtual network is established to accommodate the required terminals.
Pacific Internet India Pvt Ltd.Network Operations Engineer (March 2000 - June 2001):
Was responsible for managing the day-to-day network operations activities – including network management, monitoring E1/R2, E1, PRI links and bandwidth and solve the failure problems by co-coordinating with MTNL and VSNL. I was responsible for supporting the backbone network serving over 13,000 dial up ISP customers. Other responsibilities included Pre-Sales and Post-Sales support to ISDN and Dial-up customers, Leased Line configurations and first level troubleshooting of problems. Configuration of Network Monitoring server for monitoring the health of Network, leased lines and bandwidth.
3
Greenrose Computers Services Pvt Ltd.Customer Support Engineer (November 1998 - February 2000):
Was responsible for installation and maintenance of Desktop PCs, Servers, Switches, Hubs and other peripherals. Configuring Windows NT servers for various customers. Providing training to end users on pre-loaded software. Deputed as a Facility Management Engineer at UTI Securities Ltd.with responsibility of handling the network of 150 nodes having mix setup of Windows and Linux platforms.
Personal Details
Address B -304, Ekta Avenue, Plot No. C-94, Sector 12, Kharghar, Navi Mumbai – 410210Date of Birth June 10, 1976Nationality IndianMarital Status MarriedPassport H 7064344, issued on 09/11/2009, valid up to 08/11/2019References Will be provided upon request
4
