Summary
Overview
Work History
Education
Skills
Certification
LANGUAGES
Timeline
Generic

Santhosh Mankidiyil Thankachan

Singapore

Summary

IT/Cyber security professional with 10 years’ experience in various domains of security. Graduated with BSc Honors in Software engineering & Computing Oxford Brookes University, UK. Seeking a challenging position as an IT/Cyber security specialist with a company that promotes learning and growth and needs a highly motivated and skilled employee.

Overview

12
12
years of professional experience
1
1
Certification

Work History

Lead Engineer (Manager)

Cyber Security Office // Synapxe
11.2020 - Current
  • Project Management (09-11-2020 – 31-12-2022)
  • Management of EDR solution’s deployment across public healthcare systems as part of advanced security operation center project
  • Meet the stake holder expectation by assuring diligent service provided
  • Regular review of vendor’s work progress to ensure that SLA expectations are met
  • Active involvement in issue resolution pertaining to deployment
  • Security risk assessment
  • Review security tests, audits and reviews conducted, to assess gaps identified and measures proposed to address the gaps.
  • Propose countermeasures where necessary.
  • Oversee the implementation of such measures.
  • Perform on-going risk assessments of security gaps surfaced in IT projects/systems.
  • Security Operations (Cloud) management (01-01-2023 to Current)
  • Provide inputs to improve security monitoring rules and alerts.
  • Document processes related to security monitoring.
  • Participate in change advisory boards for security related changes, including reviewing on-going requests for security configuration changes. Propose improvements required.
  • Audit projects (Trusted advisor and Security hub for AWS)
  • Monitoring and maintenance of various Web application firewalls (Imperva and AWS)
  • Operational maintenance of Symantec Endpoint Protection manager (Anti malware & intrusion prevention)
  • Operational maintenance of next generation firewalls (Palo Alto and FortiGate)
  • Vulnerability management (Tenable)
  • Standards and Procedures
  • Review or prepare SOPs to support security operations management.
  • Software Assessment
  • Assessment and review of new softwares and latest versions of existing ones
  • Decision making based on license type, functionalities, business justification and vulnerability check

Strategic Security Advisor

Proficio
03.2020 - 10.2020
  • First point of contact for clients, key business and IT stakeholders
  • Create and integrate new process for new services such as integrating the EDR services into SOC operations
  • Review technical security posture for existing and newly acquired businesses or services
  • Technical liaison between Proficio and its customers
  • Help customers achieve their business goals and outcomes by providing timely, proactive recommendations that will benefits customers’ on-going usage of Proficio’s Services
  • Develop relationships with key business and IT stakeholders and become an expert on a customer’s implementation by understanding their top business goals and priorities
  • Provide problem resolutions, advice, proposals, technical presentations, and other customer communications
  • Utilizing technical expertise, recommend SIEM use cases, tuning, reports and operational procedure to ensure that clients are getting the most value possible from their services
  • Handle advisories, ensuring they are handled properly and correctly
  • Identify, prioritize and ensure resolution of client issues/concerns; coordinate with appropriate internal departments to provide response and/or solutions

Cyber Security Engineer

DBS (NTT DATA Contract)
03.2019 - 03.2020
  • As a cyber security engineer in SOC:
  • Performing health check of DLP servers
  • Amendment (change management) of existing DLP rules upon request by CISO
  • Logs extraction from SIEM (QRadar)
  • Password retrieval from Cyber Ark (Privileged Account Security)
  • Developed use cases for Exabeam (User and entity behavior analytics-UEBA) to detect insider threat
  • Co-ordination with vendors during various phases of correlation rules creation for use cases
  • Preparation of monthly compliance and usage reports for stakeholders

Security Engineer (Log Management)-Level2

Dimension Data
01.2018 - 03.2019
  • Information and Event Management using ArcSight SIEM (ArcSight logger appliances and ArcSight connector appliances (Management centers).
  • -Formulated and configured logger and connector appliances during the build phase.
  • -Hardened the appliances as per the guidelines of security audit firm to meet client’s expectation
  • -Maintain SIEM operations and document current environment.
  • -Manage, upgrade and maintain operational data flow and ArcSight platforms
  • -Develop custom content (reports, querying, dashboards, etc.)
  • -Provide guidelines for equipment checks and supported processing of security requests.
  • -Operate and maintain availability, system upgrades and deployment of new hardware and software components.
  • -Capacity planning of ArcSight logger appliances
  • -Perform changes to ArcSight environment by adhering to change management process.
  • Managed vendor resources efficiently to ensure the completion of various phases of ArcSight solution development on time.
  • Cross train the Level 1 team (24 X 7) on ArcSight usage with the objective to lead to advanced tuning, security event monitoring and detection.
  • Ensure that all requests, process events and resolution incidents result in zero missed SLA conditions
  • Act as the point of contact for all the incidents related to ArcSight infrastructure.
  • Perform the extraction of SIEM (Security information and event management) logs based on service requests (internal and external)

Cyber Security Specialist (Service Operations Manager – Compliance Monitoring (PAR/DLP))

Credit Suisse (ODA Contract)
11.2016 - 11.2017
  • PAR (privileged activity review)-Own and co-ordination execution of processes to ensure review of in-scope system logs, relating to privileged activity and subjected to review by the Compliance Monitoring team.
  • DLP (Data leakage prevention) - Own and co-ordination execution of processes to ensure in scope DLP violations are subjected to review by the Compliance Monitoring team.
  • Ensure that issues/risks identified during operation activities are managed, and where appropriate escalated to service operations lead to ensure appropriate governance and remedial actions
  • Identify skill enhancement and training requirements within the team to ensure good capabilities within PAR/DLP
  • Assisting Cyber security project team to deliver incremental improvements across PAR/ DLP
  • Supporting Cyber security operations team during major security incidents and providing subject matter expertise
  • Overall administration of reviews (via RSA archer) related to risk and compliance data of PAR and DLP
  • Overall administration of DLP reviews (via Symantec data loss prevention)
  • Performing report generation and data search in Splunk (SIEM tool) on ad hoc basis
  • Manage stakeholder’s expectations related to different platforms (Unix, Windows, Database, CyberArk, Business Applications, Network)
  • Adherence to regulatory rules of various authorities (MAS, HKMA & FINMA)

Security Analyst

NEC Asia Pacific Pte Ltd
01.2016 - 11.2016
  • Information and event management using MacAfee SIEM (MacAfee ESM (9.6.0))
  • - Logs Reviewing of various devices
  • - Correlation rules Management
  • - Device configuration in ESM console
  • Management of Web Orion Defacement Monitor
  • -Website Defacement Monitoring of URLs
  • -Escalations via phone and email regarding the downtime and changes of websites to clients
  • Preparing Monthly Security incidents report for client submission
  • Reviewing Security advisories and updating clients
  • Supporting 24
  • 7 SOC (Security operation center) operations
  • Performing security escalations via phone and email to clients within SLA
  • Handling of incident ticket using iTop
  • -Provides escalation assistance to the team, acts as an escalation point and owns escalated incidents

Security Analyst

Accenture Pte Ltd
07.2014 - 12.2015
  • Information and Event Management using ArcSight SIEM (ArcSight express, ArcSight logger and ArcSight connector.
  • -Generating reports from ArcSight express and logger
  • -ArcSight correlation rule's management
  • -Real time monitoring of high priority events
  • -Flex connector creation
  • -Remote Management of ArcSight appliances using iLO
  • Privileged account security management using CyberArk
  • -Enrolling of Unix accounts and Windows accounts to cyber ark
  • -Preparation of privileged accounts usage and activity reports
  • -Policy management
  • -Conducting cyber ark's DR replication exercise
  • -Password Vault web access URL management
  • -Storing sensitive information to safes
  • Identity Management (IAM) using Oracle Identity federation, Oracle access manager, Oracle Internet directory and Oracle identity manager.
  • RSA Console management in terms of live monitoring of authentication events, RSA token status and report generation.
  • Unix devices management (accounts management, sudo file editing)
  • Handling of incident tickets using BMC Remedy
  • Enforcing the usage of iron key (Encrypted flash drives), cable lock and digital signature to prevent data loss (DLP)

Network Analyst

Citi Bank (Comtel Pte Ltd contract)
12.2012 - 07.2014
  • Perform event and fault management of the firm’s network infrastructure for the Americas, Europe, Africa, and Asia Pacific regions through the Smarts NMS (Network Management System).
  • Provide rapid response to alerts in order to execute proactive NMS based support model.
  • Perform highly effective event and fault management of the firm’s network infrastructure for the Americas, EMEA, and Asia Pacific regions through the Smarts NMS (Network Management System).
  • Mitigate potential or current business impact by taking immediate action.
  • Introspectively review operating procedures, daily support practices, major incident support, etc. and provide feedback.
  • Troubleshooting skills in Routers, Switches & WAN accelerator (Cisco, Juniper &Riverbed)
  • Possess basic knowledge of enterprise TCP/IP communications; knowledge of standard Ethernet media types: Fast Ethernet, Gigabit and Ten Gigabit.; knowledge of Cisco routers and switches, WANs, (T1, T3, MPLS); knowledge of the following routing protocols: EIGRP, BGP, OSPF, RIP.

Education

BSc Honors - Software engineering & Computing

Oxford Brookes University
United Kingdom
01.2011

Diploma - Mobile wireless computing

Temasek Polytechnic
Singapore
01.2007

GCE ‘A’ level -

MKM HSS
India
01.2004

Skills

  • ELK (Elasticsearch, Logstash, Kibana) SIEM
  • UEBA (User and entity behavior Analytics) - Exabeam
  • PAM (Privileged Access Management) – Cyber Ark
  • IAM (Identity Access management) – OAM, OIF, OID & OIM
  • Web defacement Monitoring – Web Orion
  • GRC (Governance, Risk & Compliance) – RSA Archer
  • DLP (Data Leakage prevention) – Symantec
  • SERVICE NOW – IT Service Management
  • BMC Remedy Change Management
  • Cloud-Delivered Endpoint Protection Platform – CrowdStrike
  • Trend Micro Apex Central
  • EDR (Endpoint detection and response)
  • WAF – Imperva
  • Vulnerability Scanning – Tenable
  • Anti malware & intrusion prevention – Symantec Endpoint Protection Manager
  • AWS
  • Firewall (Palo Alto and FortiGate)
  • Technical support
  • Project management
  • Hardware and software installation
  • Stakeholder communication
  • Service requests
  • Scalability planning
  • Service scheduling
  • Inventory coordination
  • Incident response
  • Maintenance scheduling
  • Web security
  • Critical thinking
  • Data analysis
  • Process improvement
  • Team collaboration
  • Time management
  • Cloud computing

Certification

  • 2025 CISSP - Provisionally passed the examination
  • 2018 Tenable Certified Pre-Sales Engineer
  • 2018 ArcSight Logger 6.5 Administration and Operations (Course completion)
  • 2018 ITIL Foundation Certificate
  • 2014 CyberArk Privileged Account Security Version 8 Partner Course
  • 2013 Cisco Certified Network Associate (CCNA)
  • 2012 Certified Ethical Hacker (CEH) Certification

LANGUAGES

English, Hindi, Tamil & Malayalam

Timeline

Lead Engineer (Manager)

Cyber Security Office // Synapxe
11.2020 - Current

Strategic Security Advisor

Proficio
03.2020 - 10.2020

Cyber Security Engineer

DBS (NTT DATA Contract)
03.2019 - 03.2020

Security Engineer (Log Management)-Level2

Dimension Data
01.2018 - 03.2019

Cyber Security Specialist (Service Operations Manager – Compliance Monitoring (PAR/DLP))

Credit Suisse (ODA Contract)
11.2016 - 11.2017

Security Analyst

NEC Asia Pacific Pte Ltd
01.2016 - 11.2016

Security Analyst

Accenture Pte Ltd
07.2014 - 12.2015

Network Analyst

Citi Bank (Comtel Pte Ltd contract)
12.2012 - 07.2014

BSc Honors - Software engineering & Computing

Oxford Brookes University

Diploma - Mobile wireless computing

Temasek Polytechnic

GCE ‘A’ level -

MKM HSS
Santhosh Mankidiyil Thankachan