Tinu Mathai

• Closed SSL/TLS vulnerabilities by completing the project on time with high-quality results, resulting in risk closure
• Developed detailed Standard Operating Procedures (SOPs) for SSL vulnerabilities, resulting in a 50% reduction in the time taken to identify and remediate vulnerabilities
• Analyzed large datasets using MS SQL DB and PowerBI, building SQL queries to identify vulnerabilities and improve security.

• Improved Maturity of Vulnerability Management service from 30% to 95%
• False Positive vulnerabilities for all servers and network devices were reduced from 41.6% to 6%
• Automated technical excel reports, thus reducing 5+ hours of human efforts on one report to just 7 minutes
• Mentored and trained junior staff from scratch in vulnerability management, enabling them to work independently and drive business operations with confidence
• Designed High-Level Vulnerability Management Dashboards that provided comprehensive insights into vulnerabilities across diverse technologies and business domains.

Vulnerability Management (VM): (Team Lead)

• Strategically closed 30,000+ vulnerabilities of a prestigious bank within a period of 4 months thus drastically reducing the risk of bank assets getting compromised by an attacker
• Built and Lead a team of 11 people for managing vulnerabilities in multiple enterprise environments
• Deployed VM tools like Qualys and Upgraded Nessus Professional for multiple enterprise environments

Risk Management:

• Worked as an IT Security Expert for areas of security assessment such as Database, Firewall, PAM, WAF and Vulnerability Management
• Led the Risk Management process to identify, review, highlight, discuss and mitigate risks in an enterprise environment

Configuration Management/CIS Compliance/Hardening:

• Reduced the CIS Risk of a bank from 60% to 5% by mitigating failed controls that posed a security vulnerability
• Improved CIS Compliance of a manufacturing infrastructure from 40% to 92%
• Established custom CIS configuration audit files to align with customer’s infrastructure security policy

ISO/IEC 27001:2013 Audit:

• Planned and conducted ISO 27001 Compliance Assessment for the infrastructure
• Performed cybersecurity audits, draft audit report, prepare ISO audit planner Maintained the Statement of Applicability (SOA), ISMS Control mapping to risk register and develop continuous monitoring procedures
• Reviewed and documented policies, procedures, processes and other required documentation in compliance with certification standard

Privilege Access Management Audit:

• Executed Periodic Review on all privileged users within the infrastructure and revoke any/all unauthorized accounts during the user access review
• Produced High Level Privileged Access Management Report of users present in both Active Directory domains and in sudoers group in an enterprise environment
• Created a Service Improvement Plan to enhance the business and its services

Antivirus Audit:

• Executed security review on Antivirus ensuring servers and workstations are updated with latest DAT and Engine versions and validating the identified malwares have been actioned upon by the Antivirus
• Produced High Level Monthly Forecast Antivirus Compliance Report that shows compliance status of Antivirus engine as well as Malware actions taken by the Antivirus

Patch Management Audit:

• Conducted Patch/KB article review of all the applied and non-applied patches on the systems and instructed infrastructure teams to re-apply the failed KB articles
• Ensured the Patch Compliance level is met as per the client
• Produced High Level Patch Management Compliance Report that showed compliance status of both Windows Servers and Workstations.