1. MANEAN KVS
Contact: +91 9841503795; manean@rediffmail.com
INFORMATION SECURITY SPECIALIST
11 years of experience in network security& Information Security.
Expertise on Vulnerability assessment and Remediation fix, Compliance audit scan on NIST standards
Specialist on Open-source Firewalls, Ip-tables, IP-cop, Juniper and Fort iGATE Firewalls
Good Knowledge and Adaptability on Open-source SIEM tools like Octopussy, Security onion, OSSIM.
OWASP Web app scanning tools
PCIDSS Audit implementation for certification
TECHNICAL SKILLS
Security Products/Applications: FortiGate, Squid T-Proxy, Routers, IP tables, DNS, NIS, NFS, Sniffer
Pro, Ldap.
Vulnerability Assessment: Nessus, Found stone, ISS Site Protector, ISS InternetScanner, ISS System
Scanner, and Metasploit, N-Stalker, Web-Inspect, SSL Digger, Kismet
Exploiting Tools: NMAP,NCRACK, Nessus,NXPOSE,openVAS,License Crackers, DDoS tools, John the
Ripper, hping, Dsniff,goldfinger etc.,
Linux Skills: SAMBA, SQUID, Apache, NAT, DNS, SSH, Linux as Router, Experience on Firewall
configuration, Kernel Configuration, and Kernel Compilation, Concurrent Version Systems, Class
Based Queue Bandwidth Management, LDAP, Send-mail, DNS, Postfix, qmail configuration, High
Availability Clustering etc.
Intrusion Detection Systems: Snort ,SIEM, Opensource-Security Onion, & Alienvault Pilot Setup.
Forensics : File Scrubber, Foundstone Forensics Tool kit, Stellar phoenix
Admin Tools :Nagios, linuxconf, vmstat, iostat, top, traceroute, ping, sar, ntop, webmin
Database Auditing : Scanning Database Servers (ORACLE & MS-SQL) scanning patch updates,auditing
user privileges for tables and databases
Data Leak Prevention : Pawaa, Websense
Security Audit Recommendation & Implementation without any Business on Information
Security Standarads
PCIDSS audit implementation for organization
PROFESSIONAL EXPERIENCE
Plintron Technologies Private Limited since June 16 2014
Lead Information Security
Data Centre Audit
Vulnerability Assessment & Penetration Testing
Source Code Audit
DLP Solution
VLAN Audit
Patch Policy Implementation Guideline
Proof of Concept on latest technologies
Audit Framework on PCIDSS Scan & Audit
Policy Audit on ISMS policies
2. Setting up isms quiz and security awareness for organization employees
Pcidss audit implementation 3.1 for organization
CPISI certified version 3.1 from sisa
November 2009 to 2014
Temenos India Pvt Ltd.
Senior Specialist –IT Domain – Banking and Finance
Risk Assessment and Vulnerability Assessment and Penetration Testing for Temenos Global offices
Regions like UK, US, Geneva, Bucharest, Belgium, Lausanne, Germany, Paris and India
Remediation Fix on VA scan and Penetration Testing.
OS Hardening on Unix and Windows
Updating and Monitoring Security Patches and Hot Fix for Window Servers
Active directory audit
BCP—coordinator RTO & RPO Analysis audit for criticaldevices and servers
Handling ISMS Audit-policy and procedure updates
Oracle Database Auditing reviewing security Patches periodically
WLAN Security scanning
2014-2015(Jan-June10-2014)
Unified Threat Management analysis on Alinevault Ossim Recommendation
Alienvault Threat logs analysis
MBAM –disk encryption compliance & auditing
Zscaler cloud webproxy testing
Regular VA Scan for every quarter & Remediation fix and followup
Policies on BYOD Implementation Recommendation
Cloud-Services Auditing implementation & Recommendation –Intermeidiate level
Centralized Symantec Antivirus Management Recommendation
2013 – 2014
Risk Assessment – VAPT for Servers & network devices
Webapplication/Servers Security Scan on OWASP TOP Ten Standarads
Implementing SSL cert authentication for critical servers internally and externally
Periodic Vulnerability assessment Scan and Remediation Fix
Patch Management and Simulation,Implementation
OS Hardening Guidelines
Policy and standards for all OS flavors & network devices
NIST Standard Compliance Scan using Nessus for all OS flavors
2012 – 2013
3. Risk Assessment – VAPT for Servers & network devices
Implementing SSL cert authentication for critical servers internally and externally
Active Directory Audit
Periodic Vulnerability assessment Scan and Remediation Fix
Patch Management and Implementation
OS Hardening Guidelines
Policy and standards for all OS flavors & network devices
NIST Standard Compliance Scan using Nessus for all OS flavors
2011 – 2012
Vulnerability assessment and Penetration Testing on Temenos Global office
SSL certificate Audit and scan
Security onion tool implementation
Application Hardening Guidelines
Apr 2010 – Oct 2010
SSL Cert Server Implementation
OSSIM Alien-vault pilot server implementation
E&Y external audit coordination on Global Penetration Audit
Gen Pact. Feb 2009 – Jul 2009
SOC Technical consultant
Vulnerability Assessment (VA) and VA Server Implementation
System Audit
Maintaining SNORT IDS Servers with Net Forensic logs correlation
Logs and Packet Analyzing
Worked for Client (Ge-Fleet)
Vulnerability Assessment for Client LAN Desktops
Sophos Antivirus Administration
Snort Server Implementation on Different Network Architecture
Feb 2009 – Aug 2009
Network Security monitoring for SOC Client - Snort IDS monitoring & analyzing critical alerts with
Netforenscis
Vulnerability assessment and remediation fix
Updating latest Snort rules & signatures
Cybernet Slash Support – CSSCorp Sep 2007 to Nov 2008
Senior system administrator (IT security)
Vulnerability Assessment (VA) and Remediation fix& System Audit
4. Handling Juniper Net screen Firewall ISG 1000, SSG 550M, NS204, NS50.
Configuring Firewall Interfaces & Zones by Trust, Untrust & DMZ Zone.
Establishing and Managing firewall Policies and rules.
Establishing & Configuring Site-Site VPN connectivity.
Configuring VPN connectivity with Policy based and Route based VPN.
Configuring Firewall Routing entries based on source & destination route.
Implementing and Monitoring Servers (NTOP, CACATI & SYSLOG -NG)
Policy Restrictions in Firewalls and Servers
Maintaining SNORT IDS Servers.
Web sense Enterprise (Content Filtering with ADS login Setup)
Installation and Maintenance of Octopussy-Server (SIM/SIEM Tool)
Net screen Firewall Administration
Sep 2007 to Nov 2008
SIEM implementation - Octopussy
Vulnerability assessment & Remediation fix
ISMS 27001 Audit implementation
Juniper Firewall administration
Sify Ltd. SinceJan 2005 to Jul 2007
System Engineer
Vulnerability Assessment (VA)
Kernel Customization in Red-hat Linux.
Ip-tables configuration.
Proxy Server Implementation.
OS Hardening for Windows, Linux, Solaris.
Implementing and Monitoring IDSlogs and review – SNORT
[Front end Tool: BASE, ACID, and Honey net Security Console]
Access control auditing for Data Center
Responding to security incidents
5. Conducting Internal Vulnerability assessment periodically
Periodic Risk assessment E.g. Hack Incidents or Phishing Attacks
Auditing of Firewall Conduits Generating reports.
Jan 2005 – Jul 2007
Linux Firewall Server Implementation.
NIDS Implementation
Squid-T proxy Implementation on all Sify lan
OS Hardening
Vulnerability Assessment and IDSLogs monitoring for Sify Safe Crypt
ISMS SOC Audit
Web Application Security Scan
Offshore Security InfrastructureManagement Services:
Vulnerability & Patch Management
Evaluating current risks and threats to the environment for gapremediation&assistance in making
the information processing facilities more secure
Vulnerability assessment of critical servers and other network devices using ISS Internet Scanner,
Foundstone and Nessus.
System compliance profiling by ISS System Scanner
Categorizing assets and developing deployment plans for security patch installations.
Recommendations for hardening the network devices.
CERTIFICATIONS
Certified Ethical Hacker (CEH)
Information Technology Infrastructure Library (ITIL -Foundation)
EC-Council Security Analyst/Licensed Pen Tester(ESA/LPT)
Trained in ISMS-27001-LA Auditor(BSI)
CPISI audit certified from (SISA)
6. EDUCATION
Master of Computer Applications – Bharathidasan University, Trichy. (2004)
Bachelor of Arts(Corp Sec.ship)– University of Madras,Chennai(2000)
Declaration
I affirm that all the above particulars are true to the best of my knowledge and Belief
Date – Yours sincerely,
Place – CHENNAI [MANEAN.KVS]