1. Curriculum Vitae
LANCY WILLIAM MENEZES
Mobile : +919739575462
Email:lancy.mnzs@gmail.com
OBJECTIVE:
To obtain a coveted position and a challenging career in a progressive and growth oriented
organization, where my skills & capabilities can be effectively leveraged.
Professional Work Experience Overview
Data serve Middle East (RAK Bank) Apr2016-Till date.
Designation: Information Security Analyst (Information Security)
Responsibilities:
Review the daily security logs for critical applications such as Prime, ASM, IPS, FWSM, Online
banking, Intranet etc.
Logs review across all network and security devices through Arc sight, report generation for all
critical devices and validation for any anomalies.
Review and validation of all backend procedures implemented daily across all the critical
applications.
Monitoring of any DDOS attacks through Arbor DDOS, traffic analysis of routers and escalating
to respective teams for proper actions.
Network performance monitoring through Solar winds and determining the root cause of any
network fluctuations and taking necessary action.
Email traffic validation through Proof point for any data leakage, Offensive language, Malware
and spam analysis.
Monitoring of any phishing sites, unauthorized apps through Fraud watch. Coordinating with
Fraud watch and ISP to take down the site or block the URL.
2. Preparing patch management schedule for various applications and operating systems and
liaise with Information Technology departments for effective implementation.
Vulnerability assessment (Nexpose) for various applications, operating systems and
implementing the critical, severity patches accordingly. Coordinating with the vendors or
internal IT teams to get the patches installed and validation for the same. Review of any
exceptions if any.
Schedule third-party Penetration test (Qualys) and co-ordinate with IT users about the results
and validations.
Maintain a schedule for information technology policies and procedures and proactively give
comments to improve the policies and procedures for IT division.
Perform user access review and clean up for domain users, Application access validation and
review of password management through PMP.
Physical validation of password chubs as per the security policies of the bank.
Organizing information security awareness sessions on the intranet and maintaining the
statistics about it for IT division.
Analysis and validation of any malware alerts and coordinate with vendors (MacAfee, Fortinet,
APT, Bluecoat etc.) for active hash update in the attack signature database.
Verify information security compliance by scheduling and conducting surprise checks (E.g.
Restoration of backup tapes, user’s desktop, configuration details of computing devices such as
routers and firewall, password length in the OU etc.)
Assess the information security events and inform the risks that are attached to the incident.
Verifying Information Security approvals mail box, and make sure that approval requests are
responded.
Verify the effectiveness of the information Security activities along with InfoSec team members.
Ensuring IT Security process are implemented and adhered across in RAKBank computing
environment.
Preparing and maintaining Information Security and IT assurance Dash board and publishing it
regularly.
Verification of Antivirus DAT compliance across all the network devices in the environment
daily.
Preparing and constantly updating information security related events that are happening
worldwide for easy reference.
Getting the separation list from the HR department and verify the access are revoked on a
timely basis.
Reviewing the internet usage, Bandwidth utilization, Blocked web access, Information leakage,
Malware accessed Links through Bluecoat proxy.
Reviewing the Application admin roles and privileges assigned to various business applications
and various technology tools that are implemented on the corporate computing environment.
Helping the ISM in scheduling on Audit responses on behalf of IT division.
Documenting lessons learned from the information Security initiatives.
3. Occasional Responsibilities and Accountabilities:
Assisting Information Security Manager in developing and streaming in information security
policies and procedures.
Assisting Information Security Manager in conducting training programs.
Identify all the potential and actual process weakness in the applications, process, procedures
throughout the Bank, determining how these process and procedures can be improved or
mitigated, either by systemcontrols/ manual controls or improved procedures, and
implementing these measures.
Requirement to understand any new technology introduced into the Bank, identify all the
process implications and implement controls to mitigate the risks in a manner which minimize
any effect on manpower requirement or delay in processing customer business.
Balancing the requirement for tight controls against the business imperative of best customer
service and minimization of costs.
Review existing and proposed future procedures/ processes software and decide whether they
incorporate adequate process controls.
Ciber Sites India Private Limited Sep2015-Apr2016.
Designation: Consultant (Information Security)
Responsibilities:
Review of existing firewall rulesets to meet the benchmarks of Audit.
Experience in Century Link Tier1 (Savistation) and Tier3 Cloud Infrastructure.
Administration of Firewalls, Updating Policies, Amending it to meet client requirement.
Administration of Security Devices: IDS, Quays Guard Threat Management Server, Log Logic,
Web Application Firewalls.
Administration of Load Balancers: ACE, F5. Updating policies to meet Client requirements.
Vulnerability Assessment, Planning and co-ordination with Onshore and Offshore teams to
remediate the same.
Updating Policies on Firewall, amending it and taking regular backups of the same.
Analyzing Logs on Firewall
Log Monitoring and Investigation using Forti Analyzer in real time
Ensuring Online and Offline log management procedures
Addressing various alerts logs from Firewall Analyzer and remediating them,
Creating new address subjects and adding it to the groups
Creating and implementing Web-filtering, URL filtering and content filtering
Managing the Application sensors, IPS signature files and DoS.
Creating Anti-virus profiles for protocols (Web, Email and FTP)
4. Provide technical support for Intranet and Internet environment, which involved
troubleshooting, analyzing and resolving client problems
Taking Tape Backup of production and other servers through IBM-TSM (HP or IBM tapes)
Troubleshooting of Wireless related issues
Managing & troubleshooting of LAN’s
Applying group policy in Domain architecture
Administering DHCP and DNS Server
Managing, Maintaining and Administering Symantec Antivirus Server
Project:
Part of External Audit done by Bright line using SOC2 principles (IT & HR Controls) for Ciber Inc for 8
Clients.
Working on 8 different projects supporting Information Security and SOC 2 Audit requirements (EU and
NA).
Unisys India, CSE from Jul 2011 to Sept 2015
Designation: Enterprise Specialist System Analyst
Responsibilities:
Internal Auditing for VPN access (Cisco AnyConnect), helping clients in getting the artifacts
for several SOC2 requirements.
License auditing for ITSM framework for 150+ clients, coordinating with the SDM’s and
client heads under the principles of SOC2.
Administration of Security Devices: IDS, Qualys Guard Threat Management Server, Log
Logic, Web Application Firewalls.
Administration of Production servers, database and coordinate with onshore team, offshore
team and ISP’s using PRTG tool.
Incident Module, Change management, Service request management, Work order
Management.
Acquired extensive knowledge on how the industry works in meeting SLA’s and Client
Expectation
Application Support for the Integrated applications such as Citrix applications, Cisco
systems, BMC(ITSM 7.6 and 8.1), Microsoft, Client Oriented (Pega, Concur, CognosEtc).
Maintenance and customization of the application ITSM (Remedy), Portal administration
and Hiplink schedules.
Application of Group Policies on Active directory for Specified tasks.
Maintenance of foundation data, customizations for different clients in ITSM.
Good knowledge in Change management, Patch management for ITSM framework.
Part of CAB for technical implementation team determining the down time, resources etc.
Good knowledge of loads through ET, Data wizard, SRDs, SLM.
Working on mobility Support (Mobile Iron application on Apple devices, Android.)
5. Handling Escalations call, Pro-act call, Level opportunities to Increase resolution rate.
Oncall Schedule maintenance, troubleshooting for various clients using the tool Hiplink.
ACADEMIC PROFILE:
B.E (Electronics and Communication Engineering) from VTU-Belgaum in Jul 2011.
Class XII from St. Mary’s PU College in 2007.
Class X from Don Bosco School in 2005.
PERSONAL SKILLS:
Comprehensive problem solving abilities.
Ability to deal with people diplomatically.
Willingness to learn.
Easily affable and adaptable in nature and a team facilitator.
Personal Details:
Father’s Name : RICHARD MENEZES
Date of Birth : 08-11-1989
Gender : Male
Passport Number : L3503937
Visa : Resident Visa (Sponsor – RAK bank)
Languages known : English, Kannada, Hindi, Konkani, Tulu.
Birth Place : Shirva, Udupi
DECLARATION
I hereby declare that the information presented above is true to the best of my knowledge and
belief.
Lancy Menezes Place: Bangalore