DHIVYA FELIX

https://www.linkedin.com/in/dhivya-felix-828aa2184/ +919840300613 dhivyakf@gmail.com

SUMMARY
Education
BCA – University Of
Madras • A dynamic Cyber Security Professional with 10 years of experience Provides strategic
vision for operational security while guiding daily Operations/Delivery in SOC.
Msc – Cyber Forensics • Having dedicated 10 years of experience in SOC environment with 6+ years of
And Information Management skills including People Management, Resource Optimization, MSSP
Security
customer handling for large global customers for various SOC Operations & Delivery
Core Strengths:
assignments.
• Security Governance to align the security with Business Objectives, enable business
Security Governance
opportunities & support society with
• SOC Delivery Responsibilities: Charing regular Client meeting with Sr Management,
Security Operations
Trend Analysis, Security Posture & KPI analysis.
Management
• Handled Multiple SOC Operations, Transition & Transformation projects including
different sectors like Insurance, banking, Government, Ecommerce & Energy.
Cyber Defense Concept
• Facilitate the development of internal resource skill sets by motivation, internal KT
sessions, arrange external trainings & certifications.
Zero day Malware
• In Depth expertise in SIEM Implementation, Security Incident Response, Monitoring,
analysis
Use Case development, SOC Operations Manual preparation, Playbook design, RFP,
Threat Hunting Cloud Migration, SOAR, Malware Analysis , Forensics & Threat hunting.
• Automation of RFP model and SIEM upgrade process.
• Excellent automation and scripting skills
Security Risk
Assessment
Certifications
Security Monitoring
✓ CISM: Certified Information Security Manager
Cloud Security ✓ GIAC – Cyber Threat Intelligence
Technology ✓ ITIL Foundation
✓ IBM Certified Associate - Security QRadar V7.0 MR4
Automating models

Security tool solution

Technical Competency

Process Improvement
Operational Excellence Process & Standard
Vulnerability
SIEM: Multivendor NIST
Assessments
SOAR MITRE
Malware Analysis Management Responsibly
System Integration
Vulnerability Assessment People & Vendor Management
Planning
Threat Intelligence Management Playbook, SOP
Security Auditing Risk & Governance Report
Resource Management
Cloud Security Chair Meeting
& Optimization
QROC End-Point Security
IBM Cloud Defender
Azure Deep security
Cloud App Security Fireeye HX / HXTool
Cloud Migration

Kimberly-Clark has determined the classification of this information to be "Public"

 Experience
Threat Intelligence Management – Kimberly Clark Since SEP – 2020
• Managing Threat intelligence team. Ensure real time intelligence (OSIT) and hunt for internal threats.
• Responsible for internal threat identification, threat assessment.
• Responsible for threat advisory and security awareness program for the organization.
• Accountable for the vulnerability identification, assessment and remediation for the organization
infrastructure both OT and SAP
• Developed and managing the operational metrics and SOP’s for the threat team and owned applications
/tools.
• Developed multiple use cases for every successful pen test.
• Researched and developed Unique identifiers for the open source RED team tools.
• Responsible for cyber security assessment and Security auditing.
• Security Governance: Manage & drive the overall organization IT assessment and initiate meetings with
stakeholder, vendor for necessary actions.
• Developed cyber security operational framework for organization.
• Responsible for preparing operational deck for the CISO and business.
• Responsible for budgeting and procurement of new solution / outsourcing services.
• Managing contracts and renewal process for all the security application and tools.
• Automation : Developed multiple automation scripts to integrate log source of different application with
splunk and with RSA archer for auto incident creation.

Security Consultant (Security Service Manager) – IBM Pvt LTD SEP 2017 – SEP 2020

• Managing Global SOC operations for 150+ customers. Ensure incident identification, assessment,
quantification, reporting, communication & mitigation.
• Responsible for service management of the team to include overall use of resources and initiation of
corrective action where required for the SOC team
• Responsible for the SOC team’s success in security incident monitoring, identification, assessment,
quantification, reporting, communication, and mitigation efforts as by clients
• Security Governance: Manage & drive the overall organization IT assessment and initiate meetings with
stakeholder, vendor for necessary actions.
• Developed SOC Operations processes to strengthen the current Security Posture, review policies and
highlight challenges as needed with key stakeholders.
• Work with the incident response team to contain and investigate security events, and prevent future
information security incidents with detailed root cause analysis
• Developed Threat management capability model for MSS and dedicated SOC
• Developed framework to help make decisions on career progression of security practitioners
• Developed a Model to automate solutioning of the RFPs to ensure ease of staff allocation and cost
estimation based on various operational metrics
• Managing SIEM platform including SIEM upgrades, migrations, Log source integration, Application
installation/configuration but not limited to
• Working on Threat Hunting offering including service description document & Proposal insert
• Automation: Developed web application for IOC validation in multiple opensources.

Kimberly-Clark has determined the classification of this information to be "Public" Page2|3

 Cyber Defense Specialist – FORD Pvt Ltd May 2016 – SEP 2017
• Performed Malware analysis and threat intelligence activity.
• Implementation, Integration and administration of SIEM solutions like Qradar SIEM etc.
• Demonstrable consultative skills and ability to analyze complex issues for impact and alternative
solutions, making logical decisions based on overall project objectives.
• Work as escalation point and Assign tickets to admins in the team based on the Severity.
• Establish process to perform proactive health checks of various customers and ensure team follows the
same
• Coordinate with other regions for a correct information/ticket pass down
• Conduct Team meetings and obtain feedback to build team in a constructive manner
• Verify log continuity and creating Log management reports to perform log storage tuning
• Manage application performance capacity and availability of SIEM solution
• Monitor SIEM vendor’s alerts (patches and upgrades) and Install application patches as needed
• Health monitoring of the security appliances
• Implementing Disaster recovery solutions to ensure there is no data loss
• Configuration of Event retention and backup policies based on client requirement.
• Quality assessment of SIEM environment
• Develops as well as delivers the information security programs for the Organization
• Ensure coverage and control vacations.
• Automation - Developed multiple scripts for various report automation

Systems Engineer - INFOSYS Technologies. July 2012 – May 2016

• Performed SOC operations and Vulnerability Assessment.
• Completely involved in migration from RSA envision to Qradar.
• Preparation of low-level design document by capturing all components of implementation.
• Gathering details of log sources from existing architecture & Capturing the log source parameter in
terms of version/authentication etc.
• Fine tuning existing rules and creating new rules as per requirement.
• False positive elimination by working on rule set.
• Complete requirement gathering. (Ex – Rules, Reports, Dashboards, configuration, Application,
external storage etc).
• Maintain communication with multiple Internal teams/Vendors & follows up for remediation.
• Conducting team meeting for process improvement, gap remediation etc.
• Define and writing the SOP for all the security parameter as per industry best practice.
• First point of escalation for all technical and process issues.
• Training of new team members
• Automation - Developed standalone application to automation Nessus scanning process. Converted
manual scanning process for 20K servers to automated process

Declaration: I hereby declare that above particulars of information and facts stated are true, correct and complete
to the best of my knowledge and belief.

Dhivya Felix

Kimberly-Clark has determined the classification of this information to be "Public" Page3|3