RAJASEKAR RAJAN

Client: Enterprise Singapore | 2022 – Present

Security Operations, Vulnerability Management & ABLR

• Spearhead the vulnerability management program, orchestrating bi-weekly Nessus vulnerability scans across the Multiple environments of ESG.
• Process and analyse vulnerability reports, identifying critical vulnerabilities and ensuring timely remediation in alignment with IM8 compliance requirements.
• Validate and oversee monthly patch management for UAT and Production environments, ensuring systems are protected against known threats.
• Ensure adherence to logging baseline requirements
• Maintain log collection documentation
• Track remediation of logging issues
• Provide status updates to stakeholders

Incident Response & Security Monitoring

• Audit CyberArk privileged access management for users, enhancing enterprise-level security through robust PAM practices.
• Lead SIEM, GCSOC and CloudWatch to monitoring logs, responding to alerts, and coordinating L1 incident response for security incidents, including phishing attacks using the JAGA platform.
• Execute bi-annual CSA health checks on internet-facing applications using the CSA, ensuring ongoing security posture and compliance.

Access Control & Compliance Management

• Conduct in-depth monthly reviews of access rights, ensuring compliance for:
• Domain and System Administrator accounts
• Privileged users in CyberArk
• Database and IAM user permissions
• Network device access via CPPM
• Review reports monthly, tracking staff movements, and privileged access activities to ensure security best practices are followed.

Security Testing & Risk Mitigation

• Oversee the WebPT/InfraPT security testing for Applications, ensuring the identification and resolution of vulnerabilities early in the timeline.
• Lead quarterly Source Code Review (SCR) and Software Composition Analysis (SCA), reducing security risks in the development phase.
• Coordinate Risk Assessments and document security findings for internal and external audit purposes.

Project Management & Implementation

• Assist in the deployment and integration of critical security solutions, including:
• GCSOC 2.0
• Trend Micro XDR endpoint protection
• Google SecOps integration
• GASSP
• Maintain a comprehensive system asset inventory, tracking hardware, software, databases, and middleware components to ensure asset security.

Reporting, Documentation & Communication

• Generate monthly security metrics and KPI reports, providing detailed insights into security performance for leadership.
• Document and update Security Operation Procedures (SOPs), ensuring consistency in security practices across teams.
• Prepare security advisory communications to stakeholders, highlighting security risks, incidents, and mitigation strategies.

Experienced in the GRC (Governance, Risk and Compliance) of

• Ensuring compliance to ISO 27001:2013 auditing standards
• Security awareness within teams and customer
• Implementation of network and security controls
• Perform technical security assessments
• Ability to effectively work with the engineering teams to provide technical risk assessment of technologies in networks, wintel etc
• Ability to perform vulnerability assessments using security tools
• Documentation preparation

Experienced in the Security Operations of

❖ Follow-up with different teams to remediate/patch the findings.

❖ Weekly scanning of all devices and presenting the Vulnerability management system to client

❖ Send emails to educate the team on IT security about latest attacks.

❖ Engaging Penetration Test vendors to identify vulnerabilities and fix.

❖ Analyse the user, activity logs on monthly basis and provide the final feedback to client.

❖ Review the hardening reports implemented for all IT devices.

• Security Gap Analysis against vulnerabilities and threats in the system.
• Analyse the user, activity logs on monthly basis and provide the final feedback to client.
• Assessing the risks based on the security findings and implementing controls against the same.
• Worked on Incidents and Change tickets related to Security operations Review and Manage IT security governance process for compliance with security policies, procedures, standards,principles, and vulnerability management process.
• Review the hardening reports implemented for all IT devices.

RESPONSIBILITIES:

❖ To Perform Tester calibration, Handler Preventive Maintenance and Conversion

❖ Debug and trouble-shoot the device fail during production. Identify the root cause for the device fail.

❖ Repair other types machine Problem during production. Monitor the machine closely

❖ To repair the faulty / mask test board. If can’t repair in-house, coordinate with Engineers for the repair.

Implementation:

Firewall:

❖ Configuring Cisco ASA 5505 Firewall based on High level design

❖ Upgraded the IOS version from 8.5 to 9.1

❖ Configured static routes, Acl's, Nat's based on customer request

❖ Supporting 24/7 customer support for any troubleshooting

Monitoring the device health status in solarwinds