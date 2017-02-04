CV - RAHUL HARESH LOHAR 1 RAHUL HARESH LOHAR 312 Whitefoot lane, Greater London, Bromley BR1 5 SG, United Kingdom Mob: +44...
  1. 1. CV - RAHUL HARESH LOHAR 1 RAHUL HARESH LOHAR 312 Whitefoot lane, Greater London, Bromley BR1 5 SG, United Kingdom Mob: +44 7778783365/ +91 9930406510 Email: rahulin2005@gmail.com CYBERSECURITY PROFESSIONAL Proactive and results-oriented professional with a positive demeanor and strong work ethic Overview Performance focused and visionary IT Security Administrator credited with 7.5 years of experience and presently working with Capgemini as Senior Consultant, with a proven track record of delivering value to organizations by effective Strategy Planning, leading new initiatives/ projects during the career span. I hold Persuasive communicator skills with exceptional relationship management skills with the ability to relate to people at any level of business and management, highly ethical, trustworthy and discreet. Hold good Knowledge of Installing and administering Information Security and Network security products. A Technical Professional with providing expertise and skills in Infrastructure Setup, Systems Analysis, Project monitoring with complete end to end management. Well Proficient in Information Security domain, formulation of policies, procedures, guidelines and implementation of the same. I am an effective communicator with exceptional relationship management skills and ability to solve complex problems in a simple and accurate manner with good time management skill. Technology and Tools Overview RSA Security Analytics SkyHigh QualysGuard VM and PC Trendmicro TippingPoint IPS/IDS McAfee ESM IBM ISAM CyberArk PIM and PSM HP Arcsight Nessus VA F5 ASM Cisco ASA Firewall and VPN Skybox RSA Archer Cisco IPS/IDS HP Arcsight Thales HSM St. Bernard Iprism Proxy server Cisco Secure ACS Sophos Endpoint Protection RSA Secure ID appliance Clear swift Email Gateway Tripwire FIM Symantec Endpoint Protection Solarwinds Trigeo SIEM Tool Prolexic DDoS SaaS WSUS nCircle VA Security Incident Management Log Analysis and Event Monitoring Remedy ITSM TCP/IP Protocol OSI Model DNS Server Windows and Linux OS PGP Encryption SSL Certificate Authority Professional Experience Current Employer: Capgemini UK (Secondment) Apr 2016 - Till Technical Lead – Cyber Security Capgemini is headquartered in Paris, France and operates in more than 40 countries. With around 120,000 people in North and South America, Europe and the Asia Pacific regions, Capgemini is above all a people company. In India, Capgemini is close to 35,000 people strong and services over 400 clients globally and in the Indian market. At present I am working as Technical lead in Cyber Security domain and deployed at Client location which is one of the big financial sector in UK. My responsibilities include leading the technical projects with respect to security solutions implementation/extension to 3 rd party data centers, leading offshore SOC team as SOC Lead, providing RFQ for new projects, etc. Apart from that, prepare detailed level design document for security project, prepare process and procedure documents, define guidelines and awareness within SOC team and handing over projects to them for RUN support.
  2. 2. CV - RAHUL HARESH LOHAR 2 Current Employer: Capgemini India Feb 2012 - Till Senior Consultant – Cyber Security At present I am working as senior consultant in Cyber Security domain for various clients. My responsibilities include SIEM tool implementations and administration, eGRC tool administrations, Security Incident management, Vulnerability Assessment, Log Review, daily operational SOC activities. Daily activities include keeping client's network safe by performing Vulnerability Assessment for servers and network devices and coordinating with different technology towers to remediate those vulnerabilities. Handling Incident investigation and preparing Investigation Report Form to each incident as well as take proactive steps if required. Preparing workflows and work instructions for SOC related process and procedures. I am also working as a SME role for security stream and representing SIEM, eGRC, IDS/IPS, Vulnerability Assessment, Security Process and Procedures area. I have been involved in Datacenter migration project for security solutions wherein we have migrated SIEM, IDS/IPS, VA and other security solutions. Projects Handled RSA Security Analytics Implementation as a Security architect  I have performed the role of Security/SIEM architect to build RSA Analytics SIEM solution for one of the global client (multi-site configuration). I have been in United Kingdom for implementation task of RSA Analytics  I am acting as a SIEM administrator to perform end to end changes/troubleshooting in RSA Analytics  Create the different use cases based on business requirement and take care f fine tuning existing use cases  Implemented process and procedures along with SOPs for GSOC team  Leading the operations team for security incident investigation and handle major incidents RSA Archer  I have performed the role of Security consultant to plan and implement RSA Archer solution for one of the global client (multi-site configuration)  Integrated RSA Archer with RSA Analytics for automatic incident management using SecOps  Implemented Threat management module in Archer to keep track of vulnerability open/closure status with Qualys feeds  Implemented Enterprise management module in Archer  I am acting as RSA Archer analyst to perform end to end troubleshooting w.r.t. RSA Archer solution  Implemented process and procedures along with SOPs for eGRC team SIEM solutions - HP Arcsight/ Mcafee ESM/ RSA Security Analytics  Fine tuning infrastructure by removing unwanted traffic  Identifying threats/attacks by real time monitoring/dashboard  Creating custom filters/correlation rules  Raising incident and performing RCA for specific incidents  Coordinating with respective technology towers for remediation  Creating dashboards for different scenarios Vulnerability Assessment – QualysGuard, Nessus  Performing vulnerability assessment of network devices, servers as per defined scope  Creating scan policies as per the requirement  Performing manual assessment on the VA reports generated from tool  Provide dashboards and consolidated reports to management with trend analysis
  3. 3. CV - RAHUL HARESH LOHAR 3 Security Incident Investigation and management  Monitor the security of critical systems (e.g., e-mail servers, database servers, web servers, etc) and changes to highly sensitive computer security controls to ensure appropriate system administrative actions, investigate and report on noted irregularities.  Analyzing Zero Day alerts and initiating necessary action to be secured against new vulnerabilities.  Analyzing DDOS attack alerts and co-coordinating with respective team to find out affected services and taking necessary action to mitigate the issue.  Monitoring network malicious traffic through NIDS alert and doing in-depth analysis to get the systems free from malware.  Doing proxy log analysis to find our system or user activity details.  Monitoring and providing support for Phishing, SPAM or mail with malicious link or attachment..  Recommendations for Arcsight/McAfee/RSA Analytics rule optimization to attenuated false positive incident reporting.  Working with Global Security Incident Management team to provide 24 * 7 supports for quick remediation for all internal as well as external Information Security Incidents on immediate basis as per Severity of the incident.  Provides SIEM weekly report to management about the team performance.  Involved in internal and external audit as and when it happens. Previous Employer: Altisource Business Solutions Pvt. Ltd. Oct 2010 - Feb 2012 Information Security Analyst Altisource™ provides services to some of the most respected organizations in their industries, including one of the nation’s largest sub-prime servicers, government agencies and many lenders, servicers, investors, mortgage bankers, credit unions, financial services companies and hedge funds across the country. Driven by new challenges and working in Security Operations Centre (SOC) Team, I have handled the following tasks:  Monitoring suspicious traffic and attacks captured by SIEM Tool (Trigeo Network security tool) and investigating (packet analysis) along with incident reporting.  Analyzing Cisco IPS/IDS alerts and take action accordingly.  Creating and managing PGP scripts for secure file transfer through FTP.  Handling SMTP MIME Email gateway and troubleshooting the email related issues.  Troubleshooting Proxy and DNS related issues.  Performing Vulnerability Assessment Scan on servers and analyzing the report generated by Nessus.  Creating SSL Certificates for internal servers using CA.  Handling Cisco VPN's (client to site) calls related to VPN connectivity.  Handling Cisco ACS server and RSA server along with user management.  Analyzing daily proxy reports for controls over the website links and policy violations.  Analyzing daily SIEM Tool reports for traffic analysis for suppressing unwanted traffic.  Administering and configuring Antivirus for organization.  Managing policies and guidelines related to Information Securities.  Handling calls and mailbox for Security Operations cases.  Log Analysis of different applications like IIS, FTP, SFTP and SMTP. Projects Handled Trigeo Solarwinds SIEM Solution  Implementation of SIEM solution in medium scale infrastructure  Raising incidents and doing RCA for actual incidents  Fine tuning SIRM by removing unwanted traffic  Handling daily issues pertain to SIEM tool  Creating new filters and correlation rules as per requirement  Coordinating with technology teams to resolve issues till remediation
  4. 4. CV - RAHUL HARESH LOHAR 4 Cisco ACS server  Configuration and maintenance of existing Cisco ACS server.  Creating different Access control restrictions using access lists for respective groups.  Manage existing ACS agents and adding/removing agents as per the specific request.  Scheduling backup of all configuration for disaster recovery scenario  Setup new replica server for failover mode  Troubleshooting issues related to ACS server RSA Secure ID appliance  Configuration and maintenance of existing RSA Secure ID appliance  Upgrade of all appliance to the latest service pack with latest patch(Hotfix)  Changing RSA authentication PIN from 4 digit numeric to 6 digit alphanumeric for better security  Configuring SNMP for better monitoring purpose  Scheduling backup of all configuration and database for disaster recovery scenario  Setup new replica for failover mode  Troubleshooting issues related to RSA server Symantec Endpoint Protection Antivirus  Implementation and configuration of Symantec Endpoint Protection Manager  Creation of different groups as per the requirement (location wise)  Creation and maintenance of Group Update Provider which provides updates to clients at different locations  Creation of different policies such as live update policy, application and device control policy, location awareness policy, centralized exception policy.  Scheduling weekly scan of all desktops for better security from Virus/malwares/infections  Daily activity for checking latest update definition on client systems  Scheduling monthly scan of all servers for better security from Virus/malwares/infections  Generating a monthly dashboard for reviewing the top source of threats/infections and action accordingly  Raising a call with support if some threats are not getting detected by AV and following up with them till they release specific signature to detect that threat  Scheduling backup of all configuration and database for disaster recovery scenario Windows Server Update Services (WSUS)  Implementation and configuration of WSUS servers for desktop level patching for Microsoft products  Implementation and Maintenance of Product and Classification policies as per the organization requirement  Troubleshooting issues related to patching and providing resolution to overcome the problem Reliance BPO Pvt. LTD. Oct 2009 - Aug 2010 Technical Support Executive Reliance Globalcom is a division of Reliance Communications is a leading provider of managed network and application delivery services for multinational enterprises, carriers and consumers. Reliance Globalcom's data business unites the former business into single, full-managed solutions, delivering the network reach, resiliency and service portfolio critical for business today. 1] Flag telecom Ltd. 2] Vanco Corporation Ltd. 3] Yipes Ltd. Reliance BPO Private Limited is another division of Reliance Communications, which is our company who provides IT Escalations Services. Also manages Reliance Globalcom IT Application and Network Issues as Reliance Globalcom IT Helpdesk Project of Integrated Technical Support in Operations Department.
  5. 5. CV - RAHUL HARESH LOHAR 5 Job Profile  Incident investigation and perform primary analysis with the help of available information. If required co-ordinate with different teams to resolve the incident.  Perform Root Cause Analysis wherever required.  Application Support and Escalations.  Remote Desktop Support.  Server Monitoring like SeeBeyond (IBM RGCOM Gateway Bridge), Ozone Server.  Servers Backup Monitoring using VERITAS and Symantec Backup Software.  Incident Management Console in BMC Remedy 7.0.  Remedy 6.3 Escalations with the issues like Routers, IBM & RGCOM Sites and Network Devices, new Sites and Carriers creation in Oracle and Remedy, Change Request in Oracle and Remedy.  Fast and Crammer Server access, Clarity and Clarify new Starter Creation, Clarity AMS and Clarity C10 Installation and Support for Escalations.  Operational Support System (OSS) Issues in Smarts, VitalSuite, Voyence Global and Voyence Loyyds Applications.  Microsoft Active Directory Services and Mail Exchange Server 2003 and 2007 Support and Domain Migration Issue over two Mail Exchange Servers.  Network Support and Escalations. Professional Certifications & Training  Preparing CISSP  Certified Ethical Hacker V.7.1 - ECC962203  Completed CCNA Certification Course (CCNA-640-802E) from Nirmal Datacomm Pvt. Ltd, Byculla, Mumbai, Mahahrashtra, India (CISCO Authorised Training Centre) Cisco ID:-CSCO11691699 Valid till Feb 2013(Expired).  PC Assembling and Troubleshooting Course from Shell Technologies Thane (Oct 2005 - Dec 2005) Educational Details B.E. Computer Engineering (Pune University) July 2006 - June 2009 K. K. Wagh College of Engineering, Nasik, Maharashtra, India First Class with 64.27% Diploma in Computer Engineering (MSBTE) July 2003 - June 2006 Government Polytechnic Thane, Maharashtra, India First Class with 72.24% Secondary School Certification June 2002 - Mar 2003 Gyanodaya Vidya Mandir, Thane (West), Maharashtra, India Distinction with 77.20% Project Details Final Year Project in B.E. Computer Engineering  Remote Server Monitoring using ASP.NET with VB.NET and SQL Server 2005 as database. Final Year Project in Diploma in Computer Engineering  Text Synthesizer (Devnagari Keyboard) using VB 6.0 and wave files as database.
  6. 6. CV - RAHUL HARESH LOHAR 6 Personal Details Date of Birth : 13 th January, 1988 Nationality : Indian Gender : Male Passport No : J2870696 (valid till 17-08-2020) Marital Status : Single Language Skills : English, Hindi & Marathi

