The document is a resume for Ambesh Sharma seeking a role in endpoint security. It outlines his career objective of working in endpoint security, over 4 years of experience implementing Symantec Endpoint Protection in large firms, and technical skills including Windows, SQL Server, and Symantec Endpoint Protection Manager. It also provides details of his work experience implementing security solutions at companies like HDFC Bank, education qualifications and areas of interest.
TECHNICAL BRIEF: Using Symantec Endpoint Protection 12.1 to Protect Against A...Symantec
Advanced persistent threats (APTs) pose serious challenges for organizations of all sizes. Challenges related to advanced persistent threats include cyber attacks that are designed to do anything from steal sensitive data for financial gain, corporate espionage, etc., to sabotage of critical infrastructure. These attacks are specifically targeted and are often carried out using sophisticated malware. The effectiveness of traditional file-based antivirus scanning technology is not by itself sufficient protection because a given malware associated with an APT will have extremely low prevalence, that is, will not be widely seen on the Internet. Traditional antivirus signature-based scanning is reactive in that a signature can only be written to detect a threat that has already been seen.
Symantec Endpoint Protection 12.1 (SEP 12.1) includes protection technologies that go beyond traditional antivirus scanning to provide effective protection of endpoints against the sophisticated malware used by APTs. This paper provides guidelines on how to ensure that SEP protection technologies are enabled and functioning in order to provide best protection for endpoints.
The challenge of Advanced Persistent Threats
Advanced persistent threats often use malware that is difficult to detect using traditional antivirus scanning and are designed specifically to run for long periods of time without being noticed. These threats are targeted and as such do not have wide distribution on the Internet. They are generally intended for specific targets and designed to evade detection in order to steal data. The type of data that is targeted for attacks varies by attacker and target, (financial gain, usernames/passwords, intellectual property, etc.)
Even though the motives and targets used by APTs can vary greatly, they often operate in stages that are common across attacks. They are: Incursion, Discovery, Capture, and Exfiltration and are briefly described in the illustration below:
Symantec Endpoint Protection (SEP 12.1) offers advanced protection by using multiple technologies to combat many targeted attack methods that are prevalent in the current threat landscape. While this document details the configurations and best practices in the use of SEP 12.1 against modern threat vectors, these details are only part of an overall security strategy. Many organizations have some sort of endpoint security solution installed and deployed. Breaches and intrusions can occur when these technology-based safeguards are not supported by sound, realistic, and effective security processes and procedures.
Tackle Unknown Threats with Symantec Endpoint Protection 14 Machine LearningSymantec
What is machine learning and how can it be used to detect unknown threats?
What makes Symantec’s approach to machine learning different?
Defense in depth: Symantec Endpoint Protection 14
TECHNICAL BRIEF: Using Symantec Endpoint Protection 12.1 to Protect Against A...Symantec
Advanced persistent threats (APTs) pose serious challenges for organizations of all sizes. Challenges related to advanced persistent threats include cyber attacks that are designed to do anything from steal sensitive data for financial gain, corporate espionage, etc., to sabotage of critical infrastructure. These attacks are specifically targeted and are often carried out using sophisticated malware. The effectiveness of traditional file-based antivirus scanning technology is not by itself sufficient protection because a given malware associated with an APT will have extremely low prevalence, that is, will not be widely seen on the Internet. Traditional antivirus signature-based scanning is reactive in that a signature can only be written to detect a threat that has already been seen.
Symantec Endpoint Protection 12.1 (SEP 12.1) includes protection technologies that go beyond traditional antivirus scanning to provide effective protection of endpoints against the sophisticated malware used by APTs. This paper provides guidelines on how to ensure that SEP protection technologies are enabled and functioning in order to provide best protection for endpoints.
The challenge of Advanced Persistent Threats
Advanced persistent threats often use malware that is difficult to detect using traditional antivirus scanning and are designed specifically to run for long periods of time without being noticed. These threats are targeted and as such do not have wide distribution on the Internet. They are generally intended for specific targets and designed to evade detection in order to steal data. The type of data that is targeted for attacks varies by attacker and target, (financial gain, usernames/passwords, intellectual property, etc.)
Even though the motives and targets used by APTs can vary greatly, they often operate in stages that are common across attacks. They are: Incursion, Discovery, Capture, and Exfiltration and are briefly described in the illustration below:
Symantec Endpoint Protection (SEP 12.1) offers advanced protection by using multiple technologies to combat many targeted attack methods that are prevalent in the current threat landscape. While this document details the configurations and best practices in the use of SEP 12.1 against modern threat vectors, these details are only part of an overall security strategy. Many organizations have some sort of endpoint security solution installed and deployed. Breaches and intrusions can occur when these technology-based safeguards are not supported by sound, realistic, and effective security processes and procedures.
Tackle Unknown Threats with Symantec Endpoint Protection 14 Machine LearningSymantec
What is machine learning and how can it be used to detect unknown threats?
What makes Symantec’s approach to machine learning different?
Defense in depth: Symantec Endpoint Protection 14
A Symantec Advisory Guide Migrating to Symantec™ Validation and ID Protection...Symantec
Who should read this paper:
IT, security managers, and executives who use legacy on-premise two factor authentication solutions and are considering a switch to another provider’s solution for two-factor authentication should read this document. This solution brief offers advice about gauging the security of a new solution, understanding the ease of deployment and management, choosing the right strategy for migration, and measuring the total cost effectiveness of a new solution.
SYMANTEC ENDPOINT PROTECTION Administration IntroductionDsunte Wilson
Symantec Endpoint Protection is a client-server solution that protects laptops, desktops, Windows and Mac computers, and servers in your network against malware.
Symantec Endpoint Protection combines virus protection with advanced threat protection to proactively secure your computers against known and unknown threats.
Technology Overview - Symantec Endpoint Protection (SEP)Iftikhar Ali Iqbal
The presentation provides the following:
- Symantec Corporate Overview
- Solution Portfolio of Symantec
- Symantec Endpoint Protection - Introduction
- Symantec Endpoint Protection - Features
- Symantec Endpoint Protection - Architecture & Design
- Symantec Endpoint Protection - System Requirements
- Symantec Endpoint Protection - Licensing & Packaging
This provides a brief overview of Symantec Endpoint Protection (SEP). Please note all the information is based prior to February 2016 and the full integration of Blue Coat Systems's set of solutions.
Peruse the slides to see Aventis Systems give a quick overview of Symantec Endpoint Protection 14, and learn why it’s so important to protect your endpoints.
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...Kaspersky
A key business goal of any organization is to maintain the constant availability of data and systems that can be trusted for decision-making purposes. The evolving threat landscape has resulted in increasing focus, right to board level, on cybersecurity. IT operational and security teams should demonstrate a comprehensive, cohesive approach in their response to security incidents and data breaches.
Building a World-Class Proactive Integrated Security and Network Ops CenterPriyanka Aash
The SNOC (Security & Network Operations Center) is a cost-effective, world-class, proactive integrated function that leverages and optimizes your current NOC members while hiring a minimal number of additional security professionals. Learn how to use the SNOC framework to transform your existing NOC into a single effective team that is responsible for both network and security functions.
(Source: RSA USA 2016-San Francisco)
There have been many recent publications that focused on malware evasion techniques – specifically techniques that malware employs to avoid detection and tools that can be used to defeat this evasion. But what happens when malware doesn’t need to evade detection because it first disables the very tools you’re using to detect malware and evade detection? It sounds complicated but the threat is very real and extremely easy to accomplish.
Avoid Meltdown from the Spectre - How to measure impact and track remediationQualys
The recently disclosed Meltdown and Spectre vulnerabilities negatively impact the security of virtually every computer in the world today. These vulnerabilities allow an attacker to gain control of a computer’s processor and steal data located on that computer. Organizations that store data in the cloud are particularly susceptible.
During this webcast, Jimmy Graham, Director of Product Management for Qualys Threat Protection and Asset Inventory, showcased solutions that can help you determine the impact of Spectre and Meltdown across your global IT environments.
Understand how:
• To quickly and easily visualize Spectre and Meltdown vulnerabilities within your environment
• To track remediation progress as you patch against Spectre and Meltdown
• The Qualys Asset Inventory and Threat Protection apps will help you automate detection and track remediation progress
Watch the on-demand webcast: https://goo.gl/6FQ6uJ
Kaspersky endpoint security business presentationData Unit
A presentation of the kaspersky portofolio for business. The antivirus package of kaspersky Endpoints, can secure your mobiles, desktops, servers and more.
Businesses are rapidly expanding beyond their traditional data center boundaries into the cloud, with hybrid cloud architectures becoming the new norm. As business-critical workloads and data get increasingly run on diverse platforms across multiple data centers, private and public clouds, it is imperative for IT business continuity solutions to keep pace with the transformation and to continue meeting business Service Level Agreements (SLAs).
Veritas Resiliency Platform makes it simple for organizations to innovate without compromising on critical business SLAs. Organizations can confidently adopt hybrid cloud architectures and predictably meet critical SLAs in spite of growing IT complexity. With a unified approach to IT Service Continuity, Resiliency Platform enables IT operations to deliver predictable service levels to the business while ensuring location independence, platform choice, and operational simplicity.
The CIS Top 5 provide the building blocks of a solid security foundation and provide the essential cybersecurity hygiene all companies should have in place. Follow their recommendations and you’ll be able to prevent 85% of modern cyberattacks. But sometimes that’s easier said than done. Let Ivanti IT security expert Chris Goettl guide you through the CIS framework and share best practices for boosting your security defenses.
Kaspersky Lab is the world’s largest privately held vendor of endpoint protection solutions. The company is ranked among the world’s top four vendors of security solutions for endpoint users*. Throughout its 15-year history Kaspersky Lab has remained an innovator in IT security and provides effective digital security solutions for consumers, SMBs and enterprises. The company currently operates in almost 200 countries and territories across the globe, providing protection for over 300 million users worldwide. Learn more at www.kaspersky.com.
Interpretación realizada por Eugenio García del panorama social de Chile para el 2015 para la Mesa Redonda de Icare, "Marketing 2015: Señales", realizada el jueves 04 de diciembre de 2014
A Symantec Advisory Guide Migrating to Symantec™ Validation and ID Protection...Symantec
Who should read this paper:
IT, security managers, and executives who use legacy on-premise two factor authentication solutions and are considering a switch to another provider’s solution for two-factor authentication should read this document. This solution brief offers advice about gauging the security of a new solution, understanding the ease of deployment and management, choosing the right strategy for migration, and measuring the total cost effectiveness of a new solution.
SYMANTEC ENDPOINT PROTECTION Administration IntroductionDsunte Wilson
Symantec Endpoint Protection is a client-server solution that protects laptops, desktops, Windows and Mac computers, and servers in your network against malware.
Symantec Endpoint Protection combines virus protection with advanced threat protection to proactively secure your computers against known and unknown threats.
Technology Overview - Symantec Endpoint Protection (SEP)Iftikhar Ali Iqbal
The presentation provides the following:
- Symantec Corporate Overview
- Solution Portfolio of Symantec
- Symantec Endpoint Protection - Introduction
- Symantec Endpoint Protection - Features
- Symantec Endpoint Protection - Architecture & Design
- Symantec Endpoint Protection - System Requirements
- Symantec Endpoint Protection - Licensing & Packaging
This provides a brief overview of Symantec Endpoint Protection (SEP). Please note all the information is based prior to February 2016 and the full integration of Blue Coat Systems's set of solutions.
Peruse the slides to see Aventis Systems give a quick overview of Symantec Endpoint Protection 14, and learn why it’s so important to protect your endpoints.
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...Kaspersky
A key business goal of any organization is to maintain the constant availability of data and systems that can be trusted for decision-making purposes. The evolving threat landscape has resulted in increasing focus, right to board level, on cybersecurity. IT operational and security teams should demonstrate a comprehensive, cohesive approach in their response to security incidents and data breaches.
Building a World-Class Proactive Integrated Security and Network Ops CenterPriyanka Aash
The SNOC (Security & Network Operations Center) is a cost-effective, world-class, proactive integrated function that leverages and optimizes your current NOC members while hiring a minimal number of additional security professionals. Learn how to use the SNOC framework to transform your existing NOC into a single effective team that is responsible for both network and security functions.
(Source: RSA USA 2016-San Francisco)
There have been many recent publications that focused on malware evasion techniques – specifically techniques that malware employs to avoid detection and tools that can be used to defeat this evasion. But what happens when malware doesn’t need to evade detection because it first disables the very tools you’re using to detect malware and evade detection? It sounds complicated but the threat is very real and extremely easy to accomplish.
Avoid Meltdown from the Spectre - How to measure impact and track remediationQualys
The recently disclosed Meltdown and Spectre vulnerabilities negatively impact the security of virtually every computer in the world today. These vulnerabilities allow an attacker to gain control of a computer’s processor and steal data located on that computer. Organizations that store data in the cloud are particularly susceptible.
During this webcast, Jimmy Graham, Director of Product Management for Qualys Threat Protection and Asset Inventory, showcased solutions that can help you determine the impact of Spectre and Meltdown across your global IT environments.
Understand how:
• To quickly and easily visualize Spectre and Meltdown vulnerabilities within your environment
• To track remediation progress as you patch against Spectre and Meltdown
• The Qualys Asset Inventory and Threat Protection apps will help you automate detection and track remediation progress
Watch the on-demand webcast: https://goo.gl/6FQ6uJ
Kaspersky endpoint security business presentationData Unit
A presentation of the kaspersky portofolio for business. The antivirus package of kaspersky Endpoints, can secure your mobiles, desktops, servers and more.
Businesses are rapidly expanding beyond their traditional data center boundaries into the cloud, with hybrid cloud architectures becoming the new norm. As business-critical workloads and data get increasingly run on diverse platforms across multiple data centers, private and public clouds, it is imperative for IT business continuity solutions to keep pace with the transformation and to continue meeting business Service Level Agreements (SLAs).
Veritas Resiliency Platform makes it simple for organizations to innovate without compromising on critical business SLAs. Organizations can confidently adopt hybrid cloud architectures and predictably meet critical SLAs in spite of growing IT complexity. With a unified approach to IT Service Continuity, Resiliency Platform enables IT operations to deliver predictable service levels to the business while ensuring location independence, platform choice, and operational simplicity.
The CIS Top 5 provide the building blocks of a solid security foundation and provide the essential cybersecurity hygiene all companies should have in place. Follow their recommendations and you’ll be able to prevent 85% of modern cyberattacks. But sometimes that’s easier said than done. Let Ivanti IT security expert Chris Goettl guide you through the CIS framework and share best practices for boosting your security defenses.
Kaspersky Lab is the world’s largest privately held vendor of endpoint protection solutions. The company is ranked among the world’s top four vendors of security solutions for endpoint users*. Throughout its 15-year history Kaspersky Lab has remained an innovator in IT security and provides effective digital security solutions for consumers, SMBs and enterprises. The company currently operates in almost 200 countries and territories across the globe, providing protection for over 300 million users worldwide. Learn more at www.kaspersky.com.
Interpretación realizada por Eugenio García del panorama social de Chile para el 2015 para la Mesa Redonda de Icare, "Marketing 2015: Señales", realizada el jueves 04 de diciembre de 2014
Shift Left Security: Development Does Not Want to Own It.Aggregage
Shifting security left to the earliest part of development is currently in the spotlight in the developer world. What teams are now discovering is, this approach results in misdirected ownership for developers and a frustrated security team. In the current climate, we cannot afford to let security implementations falter. It's time to manage your team's energies to maximize DevOps efficiency, all the while maintaining top security standards. Join Shlomo Bielak, and learn how to keep your DevSecOps team focused and connected without creating silos.
Enter Securaa, our specialty lies in offering a flexible, data-driven solution designed to equip Security Operations Center (SOC) teams with the necessary tools for seamless threat monitoring and incident response.
Securaa serves as your trusted partner for efficient security management, eliminating the need for intricate scripting or operations. Website: https://securaa.io/
Location: USA
1. Ambesh Sharma
Ambesh Sharma
CAREER OBJECTIVES
ENDPOINT SECURITY
(Security Specialist)
Ram Patiz Sharma Chawl,
Room no-2, Jawahar Nagar,
Khar Road (E)
MUMBAI-400051
Ph No: 9920633644/9322744452
ambeshsharma1@yahoo.com
ambeshsharma1@gmail.com
Play a responsible role in an organization that enhances my skills and capabilities, challenges to perform
exceptionally, preferably in a progressive and competitive work culture in a technology driven company
PROFESSIONAL STRENGTH
4+ years of experience in Symantec Endpoint Security in large scale firm (HDFC bank,
Saurashtra cement, Rolta India Ltd, Western Outdoor Interactive, Adani Group & Moserbaer Pvt Ltd ).
To be able to help organizations identify and manage their risk effectively and proactively.
Good command over verbal, Communication skills, Presentation skills and Strong Analytical skills
Self-motivated Consultant with several years of experience working with complex Enterprise Software
solutions in IT organizations and maintaining all Endpoint Protection (Clients and Servers)
TECHNICAL SKILLS
Operating systems : Microsoft Windows NT/XP/Win 7,Server 2003/2008/ VMware
Database Knowledge : Basic knowledge of SQL server 2003, 2005 & 2008
MS Office : MS Word, Excel, PowerPoint, Access
INFORMATION SECURITY SKILLSET
SECURITY TOOLS KNOWN : Symantec Endpoint Protection Manager, Symantec Altiris server, Symantec
DLP and Sophos enterprise security console.
2. TECHNICAL CERTIFICTION
Completed MCSE 073-284 (implementing & Managing MS Exchange Server 2003)
Completed MCSE 073-294 (Planning., Implementing., and Maintaining . a MS Windows Server 2003
Active
Directory Structure.
WORK EXPERIENCE
IMMUNITY NETWORKS TECHNOLOGIES LTD
ENDPOINT SECURITY SPECIALIST (MARCH 2012 to till date)
o ACHIEVEMENTS :
Successfully Certified Symantec Sales Expert for Symantec Endpoint Protection 12.1
Successfully Certified Symantec technical specialist for Symantec Endpoint Protection 12.1
Successfully Certified Symantec DLP 12.5
Also specially appreciated by Technical Head of Immunity Networks during the product presentation at
client side for delivering the excellent presentation
RESPONSIBILITIES:
As part of the Implementation Team, I have to lead large/complex SEP consulting services engagements,
including strategy, solution design and assisting to implement the SEP infrastructure as per client
requirement.
To re-design the AV infrastructure, migrating from Symantec Antivirus 10 to SEP MR5,RU7 and Trend
Micro to SEP 12.1.4 Initial implementation in production environment ensuring stability with core
business applications,
Perform detailed problem analysis and scenarios; make or implement recommendations to mitigate
change risk and business impact.
I am also responsible for ensuring the disaster recovery of SEPM, fail over, load balancing issues.
Gather requirements, troubleshoot, debug, document, and deliver across a broad range of products and
platforms quickly and accurately.
Defines and creates SEP client security policy and Multi-site replication and Management
Work closely with Symantec Technical Support to identify and resolve issues and to mitigate customer
impact during the engagement.
Providing solution’s on Symantec connect also.
Symantec Altiris server installation and configuration.
Deployment of software through Altiris management server.
Symantec PGP agent installation.
Symantec DLP server installation and DLP agent deployment from GPO.
Installation of Sophos enterprise console (Antivirus) and configuration.
Deployment of DLP agent through GPO.
Basic knowledge of AD server.
Installation of VMware server’s and system.
SKILLS:
3. Understanding of modern computer network threats and attacks.
Proficient on the architecture, design and deployment of the Symantec Endpoint Protection solution.
Threat management.
Risk Assessment.
Requirement Analysis.
Implementation, Maintenance.
Application support.
Troubleshooting and Documentation.
Having hands on experience of Symantec Endpoint Protection including daily administration, tuning,
reporting, configuration management and incident response.
Proficient on the architecture, design and deployment of the Symantec Altiris Managment solution.
Installation of Symantec DLP server and Deployment of DLP agent through GPO.
Translate business requirements into technical detection policies and design appropriate mechanisms to
ensure robust detection capability.
Maintain relationships with clients by providing support, information, and guidance as well as research
and recommend new solutions and services.
WIPRO INFOTECH
SECURITY ADMIN & DESKTOP ENGG (25TH May 2009 to 3RD MARCH 2012)
Achievement: Received appreciation from senior management for performing above expectation and also taken
of satisfaction from client (HDFC Bank) for providing excellent service.
Job Profile :
Managing and monitoring Symantec antivirus architecture throughout HDFC Bank having more than 2100
antivirus servers and 63000 antivirus clients.
Managing and monitoring Symantec Endpoint 11 (RU5 & RU6 MP3 & RU7) console. Technically sound in
applying endpoint architecture in organizations with experience of handling SEP 11 and SEP 12.1
technologies in HDFC Bank having RU6 MP3 SEP management consoles covering 63000 endpoint clients
and servers.
Working on basic trouble shooting on viruses in organization and efficiently handling virus attacks at
critical times. Setup and maintenance of Symantec Sybase agents through SEPM console.
Installation, Administration, Configuration and resolution of Symantec Endpoint Protection Manager and
Clients.
Coordinating with different Helpdesk as well central team for New Group creation on console where he
need to collect the data of Local Antivirus server, no. of clients, Subnet Range & configuring the same on
SEPM.
Preparing Monthly AV Report, BSC Data & PM Space.
Troubleshooting AV related issues of critical Data center & Branch servers.
EDUCATIONAL QUALIFICATION
Degree Remark
T.Y.B.A Passed
HSC Passed
SSC Passed
4. PROJECTS
(1) HDFC Bank ltd.
Project Name: HDFC Bank Ltd IT Security Implementation
Duration : Initiated since Dec 2010 to Feb 2011.
Team Size : 5 Engineer’s.
Environment: Symantec Endpoint Protection Manager 11RU7.
(2) Adani Group Ltd.
Project Name: ADANI Group IT Security Implementation
Duration : Initiated since July 2012 to March 2013.
Team Size : 7 Engineer’s.
Environment: Symantec Endpoint Protection Manager 12.1, Altris NS server, Symantec DLP.
(3) Abhijeet Group.
Project Name: Abhijeet Group IT Security Implementation.
Duration : Initiated since May 2013 to September 2013.
Team Size : 3 Engineer’s.
Environment : Symantec Endpoint Protection Manager 12.1 installation and roll out, Altiris NS server installation.
(4) Moserbaer Pvt Ltd.
Project Name: Moserbaer Pvt Ltd IT Security Implementation.
Duration : Initiated since 5 Dce 2013 to 25 Dec 2013.
Team Size : 4 Engineer’s.
Environment : Symantec Endpoint Protection Manager 12.4 installation and roll out, Altiris NS server installation.
Description : As part of the Implementation Team, I have to lead large SEP consulting services engagements,
including strategy, solution design and assisting to implement the SEP infrastructure as per client requirement. To re -
design the AV infrastructure, migrating from Trend Micro or any Antivirus to SEP latest version Initial implementation
in production environment ensuring stability with core business applications.
AREA OF INTEREST
Information Security Management
Endpoint Security Consultant
DLP Management
5. PERSONAL PARTICULARS
Father’s Name : Kashinath Sharma
Gender : Male
Date of Birth : 3rd Oct 1989
Languages Known : English, Marathi &Hindi
Marital Status : unmarried
Hobbies : Reading, surfing internet for gaining latest information & technologies.
Permanent Address : Ram Patiz Sharma Chawl, Room no-2, Jawahar Nagar, Khar Road (E) MUMBAI-400051
DECLARATION
References : Will Be Furnished Upon Request
I hereby declare that the above information is true of my knowledge
AMBESH SHARMA
Place: MUMBAI
Date: