Scribd Logo
Upload

Welcome to Scribd!

  • Asif Resume

    Uploaded by

    yuvaraj
    7 views3 pages

    Original Title

    Asif Resume (1)

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    7 views3 pages

    Asif Resume

    Uploaded by

    yuvaraj

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    ASIF ALI KHAN A

    Mail to: asifalikhan3005@gmail.com


    Phone: +91 9361663160/ 7448544505

    Summary:

    4+ years of Extensive experience in the IT Industry as Software Engineer which includes Security Operation
    Center(SOC L1 – Cyber Security), Data Loss Prevention (DLP – Cyber Security), Application Security(Risk and
    Compliance-Cyber Security) and Identity & Access management (IAM).

    My experience includes following tools like ServiceNow, JIRA, Veracode, Threadfix, Archer, App Dynamics,
    Network Security Monitoring Tool (NSM), SIEM Tool like Splunk and also experience in Security Operation Center
    (SOC L1), Symantec DLP, Application Security(Risk and Compliance), Threat Hunting using SIEM, Identifying
    Phishing mails, creating runbooks and also have sound knowledge on Networking, Cyber kill chain, Vulnerability
    & Threat Management.

    Certifications:
    1. Software Security Assurance
    2. Cyber Security – Foundations
    3. Cyber Security for IT Professionals
    4. Learning ServiceNow

    Project Experience Summary:

    Project # 1 : AIG Insurance


    Company : TATA Consultancy Services Limited
    Period : August 2021 to Till Now
    Role : Software Security Assessor

    Responsibilities:

    • Perform vulnerabilities and threat assessment in the applications which are going for production using
    Veracode and ThreadFix tools.
    • Identify the risk in the applications by using scans performed and generate those report to Application
    team to reduce the risk.
    • Every Applications must undergo SSA review process before deployment and these SSA will be handled
    with priority so as to reduce the Vulnerabilities & Threat in the Applications.
    • Perform Security Architecture Review (SAR) for each SSA as it will show the risks identified in the
    Application and this will be tracked using JIRA tool.
    • Strictly follow the secure software standards and AIG standards to overcome the risks.
    • The Applications data classification will be classified based on the information used and we will encrypt
    these data for Cipher in transit and Cipher at rest.
    • Day to day activities of the Application will be reviewed in the Candor Scorecard.
    • The users in the Applications will be checked whether they are Authenticated and Authorized to use the
    Application.
    • Maintaining the PCI, PII and PHI information without any risks in the Applications as per the Security
    standards.

    Project # 2 : United Services Automobile Association (USAA)


    Company : TATA Consultancy Services Limited
    Period : June 2020 to August 2021
    Role : Data Loss Prevention Security Analyst
    Responsibilities:

    • Monitoring the raw logs as well as alerts triggered in SIEM tools integrated with various devices like IDS,
    Firewalls, Symantec Endpoint protection to make sure all the company assets are free from external
    attacks.
    • Monitoring the endpoint server where the alerts will be triggered in Splunk.
    • Monitoring the alerts triggered by the server which will be delivered in ServiceNow as a ticket or
    incident and also in mailbox.
    • Develop incident response workflow for DLP incidents as raised through the DLP tool.
    • Driving continuous improvement of IT infrastructure controls Assessment process.
    • Define policy/rules for the DLP solution and refine them as strategy matures.
    • Perform threat and vulnerability assessments, to ensure that systems are protected from known
    potential threats and vulnerabilities.
    • Document solutions and help documents as needed for the Analysis team.
    • Working on email Prevent and analyze the classified data and prevent sharing over external networks
    with help of Internet proxy/email protection appliances.
    • Creating runbooks that contain the workflow and escalation Matrix.
    • Identifying the Phishing mails, collecting the proper artifacts, analyzing and notifying them to the users.
    • Conduct analysis for cyber threats, discovery of IT vulnerabilities and response to security incidents
    detected.

    Project # 3 : Westpac Banking Corporations


    Company : TATA Consultancy Services Limited
    Period : August 2019 to June 2020
    Role : Security Operation Center (SOC L1) and Identity & Access Management (IAM)

    Responsibilities:

    • Perform the role of primary incident coordinator for all security events, requiring focused response,
    investigation and remediation (Handling SOC operations)
    • Monitoring the security alerts and logs from various sources such as firewalls, intrusion detection
    systems and antivirus solutions.
    • Always ensure to identify and triage the incoming alerts then classify them based on the severity level,
    urgency and impact on the organization.
    • Analyze the security alerts to identify the potential threats using the SIEM tool like Spunk.
    • Escalate the security incidents to appropriate teams for further investigation and remediation if it
    cannot be resolved by L1.
    • Document all the security incidents and investigations which includes the action taken to resolve those
    security alerts.
    • Monitoring of Servers, Applications & Network and also collecting health information of the Applications
    using App Dynamics.
    • Identifying the Phishing mails, collecting the proper artifacts, analyzing and notifying it to the users.
    • Always ensure while onboarding new roles and requirements for users, we will provide access to the
    users based on their role and group.
    • Record the user details who left the organization so as to delete the roles and groups under which they
    have access so as to reduce the risk.
    • We will give privileged access to some users like Admins, High level users and some business users as it
    is like a special access beyond that of a Standard user.
    • Prepare the UAR document once in a quarter in which users who got new access and also the users who
    left the company or access deletion will be notified, so as to verify if users have the access to
    appropriate role and groups.
    Career Profile:

    Company : TATA Consultancy Services Limited


    Period : 19th August 2019 to Till Date
    Designation : System Engineer
    Role :Cyber Security Engineer

    Education:

    Education: Bachelor of Engineering (Electronics & Communications Engineering - 2019) Knowledge Institute Of
    Technology, Salem, TN, INDIA.

    Personal Details:

    Sex Male
    Nationality Indian
    Marital Status Single
    Location Chennai, Tamil Nadu, India
    Passport Details T6438822, Expiry on 2029

    You might also like