Mohammad Tahir_CV
•Download as DOCX, PDF•
0 likes•302 views
Mohammad Tahir Shekh is seeking a challenging position in information security. He has over 5 years of experience as a SOC analyst for National Bank of Kuwait and Paladion Networks. His responsibilities include monitoring security devices for threats using ArcSight, performing log analysis, managing ArcSight tools, and preparing daily, weekly, and monthly security reports. He has technical skills in networking, firewalls, IDS/IPS, vulnerability management, and malware analysis. He holds certifications in CCNA security, CCNA routing and switching, Microsoft IT Professional, and is working toward CEH certification.
Report
Share
Report
Share
Recommended
Security analyst
I have 4+ Years of dedicated experience in the field of Information Security. Currently working in Data Center of CDAC Noida as Security Analyst. Here doing VAPT (Based on OWASP Top 10) of Web Applications,Mobile App and Networks. Source Code Review, Malware Analysis, DDos Prevention, Analysing threats, Monitoring IDS, Internal Auditing based on (ISO27001), and Incident Response (ISOC), TLS 1.2 Implementation, Server hardening, Server integration. In Certification i have done PG DIPLOMA in INFORMATION SECURITY from CDAC that covers the topics of industry Certifications like CCNA, CCNP, CEH and RHCE + B TECH in Computer Science.
IDC Security 2014, Endpoint Security in Depth
This document discusses endpoint security and outlines a security architecture with layered defenses. It summarizes that endpoint security protects workstations, notebooks, and other devices from threats. The security architecture has layers including basic security controls like antivirus and firewalls, application security controls, access controls, and management and compliance functions like patching and identity management. It also establishes an Information Security Community in Kazakhstan to share experiences and ideas between security professionals.
Security VoIP Assessment
SecureState is a management consulting firm specializing in information security that offers VoIP assessment services to test for vulnerabilities in clients' VoIP systems and networks. The assessment includes penetration testing to attempt hijacking phone calls, recording calls, tampering with voicemail, and other attacks. SecureState follows standard methodologies and works closely with clients to establish rules of engagement and scope before performing non-intrusive information gathering, vulnerability analysis, and controlled exploitation tests to identify security issues.
Maturing Endpoint Security: 5 Key Considerations
Endpoints are everywhere, and endpoint security is evolving. Endpoints also remain the most attractive target for hackers as a point of entry for attacks because they’re connected to the weakest link in enterprise data protection: humans.
View the SlideShare to learn:
--Why evolving threats require increased endpoint defense capabilities.
--What organizations can do to protect against known and unknown threats, while reducing manual processes for administrators.
--The primary capabilities of endpoint detection and response (EDR) tools, and how you can find the right fit for your business.
--Where your organization sits on the endpoint security maturity scale.
--Keys to maturing your endpoint security strategy.
A new generation of products and services is helping organizations keep pace with modern threats and advance beyond traditional, prevention-oriented endpoint protection to a more comprehensive — and realistic — focus on detection and incident response.
What Is Next-Generation Endpoint Security and Why Do You Need It?
This session will clarify the definition of next-generation endpoint security and distinguish it from legacy antivirus software. It will also describe how next-generation endpoint security can help organizations improve incident prevention, detection and response.
(Source: RSA USA 2016-San Francisco)
From SIEM to SOC: Crossing the Cybersecurity Chasm
You own a SIEM, but to be secure, you need a Security Operations Center! How do you cross the chasm? Do you hire staff or outsource? And what skills are needed? Mike Ostrowski, a cybersecurity industry veteran, will review common pitfalls experienced through the journey from SIEM to SOC, the pros and cons of an all in-house SOC vs. outsourcing, and the benefits of a hybrid SOC model.
Learning Objectives:
1: You own a SIEM, but to be secure, you need a SOC. How do you cross the chasm?
2: What are the pros and cons of in-house, fully managed and hybrid security?
3: What considerations go into deciding whether to employ a hybrid strategy?
(Source: RSA Conference USA 2018)
Unraveling Detection Methodologies: Indicators vs. Anomalies vs. Behaviors
The document discusses different methodologies for detecting cybersecurity threats: indicators of compromise (IOCs), anomalies, and behaviors. IOCs focus on known malicious artifacts but lack context and are backward-looking. Anomaly detection aims to find new threats but often generates false alerts and requires extensive tuning. Behavioral analysis correlates events across multiple systems to detect adversary techniques, but requires extensive visibility that may be difficult to achieve. The document evaluates these approaches using examples of Russian threat group APT29's activity and common credential theft attacks. It concludes that organizations should pragmatically combine approaches based on their needs and capabilities rather than rely on any single methodology.
From IT to IoT: Bridging the Growing Cybersecurity Divide
With the widespread growth of IOT devices and services, security is a priority. This session will discuss the challenges of implementing security solutions for IoT services for security professionals who are looking at things from an IT viewpoint. Traditional IT security solutions may not be directly applicable to the IoT ecosystem. New IoT specific threats and challenges need to be addressed.
Learning Objectives:
1: Learn about the top IoT threats.
2: Discover how to address threats using new design process not old IT process.
3: Understand the security lifecycle differences between IT and IoT.
(Source: RSA Conference USA 2018)
Recommended
Security analyst
I have 4+ Years of dedicated experience in the field of Information Security. Currently working in Data Center of CDAC Noida as Security Analyst. Here doing VAPT (Based on OWASP Top 10) of Web Applications,Mobile App and Networks. Source Code Review, Malware Analysis, DDos Prevention, Analysing threats, Monitoring IDS, Internal Auditing based on (ISO27001), and Incident Response (ISOC), TLS 1.2 Implementation, Server hardening, Server integration. In Certification i have done PG DIPLOMA in INFORMATION SECURITY from CDAC that covers the topics of industry Certifications like CCNA, CCNP, CEH and RHCE + B TECH in Computer Science.
IDC Security 2014, Endpoint Security in Depth
This document discusses endpoint security and outlines a security architecture with layered defenses. It summarizes that endpoint security protects workstations, notebooks, and other devices from threats. The security architecture has layers including basic security controls like antivirus and firewalls, application security controls, access controls, and management and compliance functions like patching and identity management. It also establishes an Information Security Community in Kazakhstan to share experiences and ideas between security professionals.
Security VoIP Assessment
SecureState is a management consulting firm specializing in information security that offers VoIP assessment services to test for vulnerabilities in clients' VoIP systems and networks. The assessment includes penetration testing to attempt hijacking phone calls, recording calls, tampering with voicemail, and other attacks. SecureState follows standard methodologies and works closely with clients to establish rules of engagement and scope before performing non-intrusive information gathering, vulnerability analysis, and controlled exploitation tests to identify security issues.
Maturing Endpoint Security: 5 Key Considerations
Endpoints are everywhere, and endpoint security is evolving. Endpoints also remain the most attractive target for hackers as a point of entry for attacks because they’re connected to the weakest link in enterprise data protection: humans.
View the SlideShare to learn:
--Why evolving threats require increased endpoint defense capabilities.
--What organizations can do to protect against known and unknown threats, while reducing manual processes for administrators.
--The primary capabilities of endpoint detection and response (EDR) tools, and how you can find the right fit for your business.
--Where your organization sits on the endpoint security maturity scale.
--Keys to maturing your endpoint security strategy.
A new generation of products and services is helping organizations keep pace with modern threats and advance beyond traditional, prevention-oriented endpoint protection to a more comprehensive — and realistic — focus on detection and incident response.
What Is Next-Generation Endpoint Security and Why Do You Need It?
This session will clarify the definition of next-generation endpoint security and distinguish it from legacy antivirus software. It will also describe how next-generation endpoint security can help organizations improve incident prevention, detection and response.
(Source: RSA USA 2016-San Francisco)
From SIEM to SOC: Crossing the Cybersecurity Chasm
You own a SIEM, but to be secure, you need a Security Operations Center! How do you cross the chasm? Do you hire staff or outsource? And what skills are needed? Mike Ostrowski, a cybersecurity industry veteran, will review common pitfalls experienced through the journey from SIEM to SOC, the pros and cons of an all in-house SOC vs. outsourcing, and the benefits of a hybrid SOC model.
Learning Objectives:
1: You own a SIEM, but to be secure, you need a SOC. How do you cross the chasm?
2: What are the pros and cons of in-house, fully managed and hybrid security?
3: What considerations go into deciding whether to employ a hybrid strategy?
(Source: RSA Conference USA 2018)
Unraveling Detection Methodologies: Indicators vs. Anomalies vs. Behaviors
The document discusses different methodologies for detecting cybersecurity threats: indicators of compromise (IOCs), anomalies, and behaviors. IOCs focus on known malicious artifacts but lack context and are backward-looking. Anomaly detection aims to find new threats but often generates false alerts and requires extensive tuning. Behavioral analysis correlates events across multiple systems to detect adversary techniques, but requires extensive visibility that may be difficult to achieve. The document evaluates these approaches using examples of Russian threat group APT29's activity and common credential theft attacks. It concludes that organizations should pragmatically combine approaches based on their needs and capabilities rather than rely on any single methodology.
From IT to IoT: Bridging the Growing Cybersecurity Divide
With the widespread growth of IOT devices and services, security is a priority. This session will discuss the challenges of implementing security solutions for IoT services for security professionals who are looking at things from an IT viewpoint. Traditional IT security solutions may not be directly applicable to the IoT ecosystem. New IoT specific threats and challenges need to be addressed.
Learning Objectives:
1: Learn about the top IoT threats.
2: Discover how to address threats using new design process not old IT process.
3: Understand the security lifecycle differences between IT and IoT.
(Source: RSA Conference USA 2018)
Resume - Varsharani
This curriculum vitae is for Varsharani K, an Information Security Analyst with 2 years of experience in SIEM, vulnerability management, and Symantec. She has worked with tools like IBM Q-Radar, AlienVault SIEM, Qualys Guard, and Symantec Endpoint Protection. Her current role is with Capgemini India where she monitors Q-Radar health, analyzes logs for vulnerabilities, and notifies teams to remediate issues. She also has experience managing vulnerabilities for Warner Brothers through Qualys Guard and providing recommendations based on scan reports.
Prabhu Resume
Prabhu is seeking a challenging career in information security with over 5 years of experience in networking and security. He has certifications in CCNA and ethical hacking and has worked as a senior security analyst and security engineer. His experience includes SIEM administration, intrusion analysis, vulnerability scanning, security device monitoring, and rule creation. He has strong skills in networking protocols, firewalls, antivirus software, and operating systems.
7 Steps to Build a SOC with Limited Resources
Most organizations don't have the resources to staff a 24x7 security operations center (SOC). This results in events that aren't monitored around the clock, major delays in detecting and responding to incidents, and the inability for the team to proactively hunt for threats. It's a dangerous situation.
But there is a solution. By using the Threat Lifecycle Management framework to combine people, process, and technology to automate manual tasks, your team can rapidly detect and respond to threats—without adding resources. Read on to learn 7 steps to building your SOC, even when your resources are limited.
Anatomy of an Attack - Sophos Day Belux 2014
Anatomy of an Attack - Next Generation Endpoint, presentation given by Vincent Vanbiervliet at Sophos Day Belux on November 25th, 2014.
Cyber Tech Israel 2016: Advanced Threat Protection Technical Overview
Symantec Advanced Threat Protection is a solution that uses four main modules - prevention, detection, response, and recovery - to address advanced persistent threats. It provides endpoint, network, and email visibility to identify suspicious files and indicators of compromise. When threats are found, the solution works to block, isolate, and remove the threats from infected systems using techniques like quarantining, blacklisting, and sweeping and collecting evidence from endpoints. It leverages technologies like Cynic file analysis, SONAR behavior monitoring, virtual and physical sandboxes, and the Synapse correlation engine to detect and remediate advanced attacks.
DTS Solution - Building a SOC (Security Operations Center)
This document discusses building a cyber security operations center (CSOC). It covers the need for a CSOC, its core components including security information and event management (SIEM), and integrating components like monitoring, alerting, and reporting. Key aspects that are important for a successful CSOC are people, processes, and technology. The roles and skills required for people in the CSOC and training needs are outlined. Developing standardized processes, procedures and workflows that align with frameworks like ISO are also discussed.
What is Next-Generation Antivirus?
NGAV is the natural (and much needed) evolution of traditional AV that protects computers from the full spectrum of modern cyber attacks, delivering the best endpoint protection with the least amount of work. NGAV speaks to a fundamentally different technical approach in the way malicious activity is detected and blocked.
Tiptoe Through The Network: Practical Vulnerability Assessments in Control Sy...
I will never forget my assignment for a vulnerability assessment against a control systems network. “Hey, can you go somewhere, run “scans” against this system, and oh by the way don’t crash it or a large portion of the USA could lose power”. Needless to say, I turned down that assignment, as they required that a traditional network-based “scan” be run. There has to be a better way to preform assessments in such environments!
Fast forward 10 years later and I’ve worked with much safer techniques for assessing the security of SCADA/Control systems infrastructure. Working for Tenable Network Security has also provided me great insights into several techniques, including:
- Using credentials to login to systems and audit for missing patches and configuration changes
- Tuning vulnerability scans to be less intrusive yet still accurate and providing useful information
- Implementing passive vulnerability scanning to discover hosts on the network and enumerate vulnerabilities, without sending a single packet to the end-user system
Soc analyst course content
The SOC analyst training program is meticulously designed by the subject matter experts at Infosec Train. The training program offers a deep insight into the SOC operations and workflows. It is an excellent opportunity for aspiring and current SOC analysts (L1/L2/L3) to level up their skills to mitigate business risks by effectively handling and responding to security threats.
https://www.infosectrain.com/courses/soc-analyst-expert-training/
Intercept X - Sophos Endpoint
Intercept X is Sophos' next-generation endpoint protection software that focuses on preventing exploits and improving incident response. It uses signatureless exploit prevention techniques to block memory-resident attacks and protect against zero-day exploits. Intercept X also provides automated incident response capabilities like process threat chain visualization and prescriptive remediation guidance. Additionally, it includes anti-ransomware technology called CryptoGuard that monitors file access and rolls back any suspicious file changes or ransomware attacks. Intercept X can be sold as an add-on to existing Sophos endpoint protection or to displace competitive antivirus and anti-malware solutions.
Bulding Soc In Changing Threat Landscapefinal
my presentation at E-Crime abu dhabi conference about Security operation center Building and measure performance
Dragos S4x20: How to Build an OT Security Operations Center
Senior Director of Business Development, Matt Cowell's, S4x20 presentation details how to build an effective OT security operations center and the tools and skills needed.
Improve threat detection with hids and alien vault usm
Host-based intrusion dection systems (HIDS) work by monitoring activity that is occurring internally on a host. HIDS look for unusual or nefarious activity by examining logs created by the operating system, looking for changes made to key system files, tracking installed software, and sometimes examining the network connections a host makes. AlienVault USM integrates HIDS with other key security controls to help you get the most out of HIDS, including:
Analyzing system behavior and configuration status to track user access and activity
Detecting system compromise, modification of critical configuration files (e.g. registry settings, /etc/passwd), common rootkits, and rogue processes
Correlating HIDS data with known IP reputation, vulnerability scans and more
Logging and reporting for PCI compliance
Understanding Cyber Kill Chain and OODA loop
The document discusses using an attacker's tactics and techniques to design effective cybersecurity defenses. It provides examples of mapping security controls and tools to different stages of common attack models like the Lockheed Martin Kill Chain. This allows an organization to see where in the attack cycle they have visibility and can disrupt threats. The document advocates taking a strategic, intelligence-driven approach to cyber defense by understanding adversaries' full operations in order to implement controls earlier in the attack cycle.
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A key business goal of any organization is to maintain the constant availability of data and systems that can be trusted for decision-making purposes. The evolving threat landscape has resulted in increasing focus, right to board level, on cybersecurity. IT operational and security teams should demonstrate a comprehensive, cohesive approach in their response to security incidents and data breaches.
How to discover vulnerabilities in business and mission critical systems
The document discusses how to safely test the security of critical systems. It recommends: 1) Performing full vulnerability assessments (VAs) of environments connecting to critical systems and of test environments; 2) Conducting authenticated scans for vulnerability validation; 3) Conducting soft VAs of critical systems using templates like for SCADA systems; 4) Testing users and operators of critical systems through social engineering; 5) Using threat modeling to find weaknesses in security design; and 7) Automating vulnerability management and prioritization based on business impact analysis. Penetration testing of production critical systems is considered too risky.
Dhishant -Latest Resume
This document is a resume for Dhishant Abrol summarizing his professional experience and qualifications. He has over 6 years of experience in information and network security, currently working as a Security Researcher. Previous roles include managing security operations centers and security architectures for clients. He has various technical certifications and skills in areas like vulnerability assessment, malware analysis, compliance, and security tools.
Alienvault threat alerts in spiceworks
AlienVault Threat Alerts are a simple yet powerful tool that comes built-in with Spiceworks. When a device on your network has been interacting with a known malicious host or suspicious IP, you’ll immediately get an alert in your feed and you’ll get an alert email.
Log Standards & Future Trends by Dr. Anton Chuvakin
This document discusses log standards and future trends in logging. It outlines the current state of log chaos, with no standard formats, schemas, taxonomies, or transport mechanisms. This results in logs being difficult to analyze and make sense of. The document then discusses past attempts at log standards that failed and proposes that a common event expression standard could help bring order to the chaos by establishing common log syntax, taxonomy, transport, and recommendations. This would allow for improved log management, correlation, and security analysis capabilities. It also notes that growing log volumes will continue to pose challenges and will need to be addressed.
What We’ve Learned Building a Cyber Security Operation Center: du Case Study
The cybersecurity landscape is rapidly evolving, with new threats and threat actors emerging, and traditional security operations centers (SOCs) need to be augmented accordingly. This session will detail the journey of du in building and continually enhancing its SOC, physically and philosophically, to best deal with attack detection (offensively and defensively) and response.
(Source: RSA Conference USA 2017)
Presentacion demo mc afee siem
This document provides an overview and demonstration of the McAfee Security Information and Event Management (SIEM) solution. The McAfee SIEM allows organizations to detect, prioritize, and manage security incidents with a single solution by providing real-time visibility into activity across an organization's systems, networks, databases, and applications. The demonstration shows how to configure the SIEM, add devices to be monitored, access reports and graphs, and view training resources to optimize use of the solution.
IT Security Resume 2015
Ramesh Yellapu is a Network Engineer with over 8 years of experience. He has worked at ACS Technologies in Visakhapatnam, India since 2013. His responsibilities include installing, configuring, and upgrading operating systems and software, performing data backups, security monitoring, and recommending improvements to network configurations. He has experience with Cisco routers, switches, and firewalls, as well as configuring VLANs, routing protocols, and providing remote technical support. Ramesh holds a B.E. in Electronics and Communication Engineering and has received training in hardware, networking, and CCNA certification.
More Related Content
What's hot
Resume - Varsharani
This curriculum vitae is for Varsharani K, an Information Security Analyst with 2 years of experience in SIEM, vulnerability management, and Symantec. She has worked with tools like IBM Q-Radar, AlienVault SIEM, Qualys Guard, and Symantec Endpoint Protection. Her current role is with Capgemini India where she monitors Q-Radar health, analyzes logs for vulnerabilities, and notifies teams to remediate issues. She also has experience managing vulnerabilities for Warner Brothers through Qualys Guard and providing recommendations based on scan reports.
Prabhu Resume
Prabhu is seeking a challenging career in information security with over 5 years of experience in networking and security. He has certifications in CCNA and ethical hacking and has worked as a senior security analyst and security engineer. His experience includes SIEM administration, intrusion analysis, vulnerability scanning, security device monitoring, and rule creation. He has strong skills in networking protocols, firewalls, antivirus software, and operating systems.
7 Steps to Build a SOC with Limited Resources
Most organizations don't have the resources to staff a 24x7 security operations center (SOC). This results in events that aren't monitored around the clock, major delays in detecting and responding to incidents, and the inability for the team to proactively hunt for threats. It's a dangerous situation.
But there is a solution. By using the Threat Lifecycle Management framework to combine people, process, and technology to automate manual tasks, your team can rapidly detect and respond to threats—without adding resources. Read on to learn 7 steps to building your SOC, even when your resources are limited.
Anatomy of an Attack - Sophos Day Belux 2014
Anatomy of an Attack - Next Generation Endpoint, presentation given by Vincent Vanbiervliet at Sophos Day Belux on November 25th, 2014.
Cyber Tech Israel 2016: Advanced Threat Protection Technical Overview
Symantec Advanced Threat Protection is a solution that uses four main modules - prevention, detection, response, and recovery - to address advanced persistent threats. It provides endpoint, network, and email visibility to identify suspicious files and indicators of compromise. When threats are found, the solution works to block, isolate, and remove the threats from infected systems using techniques like quarantining, blacklisting, and sweeping and collecting evidence from endpoints. It leverages technologies like Cynic file analysis, SONAR behavior monitoring, virtual and physical sandboxes, and the Synapse correlation engine to detect and remediate advanced attacks.
DTS Solution - Building a SOC (Security Operations Center)
This document discusses building a cyber security operations center (CSOC). It covers the need for a CSOC, its core components including security information and event management (SIEM), and integrating components like monitoring, alerting, and reporting. Key aspects that are important for a successful CSOC are people, processes, and technology. The roles and skills required for people in the CSOC and training needs are outlined. Developing standardized processes, procedures and workflows that align with frameworks like ISO are also discussed.
What is Next-Generation Antivirus?
NGAV is the natural (and much needed) evolution of traditional AV that protects computers from the full spectrum of modern cyber attacks, delivering the best endpoint protection with the least amount of work. NGAV speaks to a fundamentally different technical approach in the way malicious activity is detected and blocked.
Tiptoe Through The Network: Practical Vulnerability Assessments in Control Sy...
I will never forget my assignment for a vulnerability assessment against a control systems network. “Hey, can you go somewhere, run “scans” against this system, and oh by the way don’t crash it or a large portion of the USA could lose power”. Needless to say, I turned down that assignment, as they required that a traditional network-based “scan” be run. There has to be a better way to preform assessments in such environments!
Fast forward 10 years later and I’ve worked with much safer techniques for assessing the security of SCADA/Control systems infrastructure. Working for Tenable Network Security has also provided me great insights into several techniques, including:
- Using credentials to login to systems and audit for missing patches and configuration changes
- Tuning vulnerability scans to be less intrusive yet still accurate and providing useful information
- Implementing passive vulnerability scanning to discover hosts on the network and enumerate vulnerabilities, without sending a single packet to the end-user system
Soc analyst course content
The SOC analyst training program is meticulously designed by the subject matter experts at Infosec Train. The training program offers a deep insight into the SOC operations and workflows. It is an excellent opportunity for aspiring and current SOC analysts (L1/L2/L3) to level up their skills to mitigate business risks by effectively handling and responding to security threats.
https://www.infosectrain.com/courses/soc-analyst-expert-training/
Intercept X - Sophos Endpoint
Intercept X is Sophos' next-generation endpoint protection software that focuses on preventing exploits and improving incident response. It uses signatureless exploit prevention techniques to block memory-resident attacks and protect against zero-day exploits. Intercept X also provides automated incident response capabilities like process threat chain visualization and prescriptive remediation guidance. Additionally, it includes anti-ransomware technology called CryptoGuard that monitors file access and rolls back any suspicious file changes or ransomware attacks. Intercept X can be sold as an add-on to existing Sophos endpoint protection or to displace competitive antivirus and anti-malware solutions.
Bulding Soc In Changing Threat Landscapefinal
my presentation at E-Crime abu dhabi conference about Security operation center Building and measure performance
Dragos S4x20: How to Build an OT Security Operations Center
Senior Director of Business Development, Matt Cowell's, S4x20 presentation details how to build an effective OT security operations center and the tools and skills needed.
Improve threat detection with hids and alien vault usm
Host-based intrusion dection systems (HIDS) work by monitoring activity that is occurring internally on a host. HIDS look for unusual or nefarious activity by examining logs created by the operating system, looking for changes made to key system files, tracking installed software, and sometimes examining the network connections a host makes. AlienVault USM integrates HIDS with other key security controls to help you get the most out of HIDS, including:
Analyzing system behavior and configuration status to track user access and activity
Detecting system compromise, modification of critical configuration files (e.g. registry settings, /etc/passwd), common rootkits, and rogue processes
Correlating HIDS data with known IP reputation, vulnerability scans and more
Logging and reporting for PCI compliance
Understanding Cyber Kill Chain and OODA loop
The document discusses using an attacker's tactics and techniques to design effective cybersecurity defenses. It provides examples of mapping security controls and tools to different stages of common attack models like the Lockheed Martin Kill Chain. This allows an organization to see where in the attack cycle they have visibility and can disrupt threats. The document advocates taking a strategic, intelligence-driven approach to cyber defense by understanding adversaries' full operations in order to implement controls earlier in the attack cycle.
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A key business goal of any organization is to maintain the constant availability of data and systems that can be trusted for decision-making purposes. The evolving threat landscape has resulted in increasing focus, right to board level, on cybersecurity. IT operational and security teams should demonstrate a comprehensive, cohesive approach in their response to security incidents and data breaches.
How to discover vulnerabilities in business and mission critical systems
The document discusses how to safely test the security of critical systems. It recommends: 1) Performing full vulnerability assessments (VAs) of environments connecting to critical systems and of test environments; 2) Conducting authenticated scans for vulnerability validation; 3) Conducting soft VAs of critical systems using templates like for SCADA systems; 4) Testing users and operators of critical systems through social engineering; 5) Using threat modeling to find weaknesses in security design; and 7) Automating vulnerability management and prioritization based on business impact analysis. Penetration testing of production critical systems is considered too risky.
Dhishant -Latest Resume
This document is a resume for Dhishant Abrol summarizing his professional experience and qualifications. He has over 6 years of experience in information and network security, currently working as a Security Researcher. Previous roles include managing security operations centers and security architectures for clients. He has various technical certifications and skills in areas like vulnerability assessment, malware analysis, compliance, and security tools.
Alienvault threat alerts in spiceworks
AlienVault Threat Alerts are a simple yet powerful tool that comes built-in with Spiceworks. When a device on your network has been interacting with a known malicious host or suspicious IP, you’ll immediately get an alert in your feed and you’ll get an alert email.
Log Standards & Future Trends by Dr. Anton Chuvakin
This document discusses log standards and future trends in logging. It outlines the current state of log chaos, with no standard formats, schemas, taxonomies, or transport mechanisms. This results in logs being difficult to analyze and make sense of. The document then discusses past attempts at log standards that failed and proposes that a common event expression standard could help bring order to the chaos by establishing common log syntax, taxonomy, transport, and recommendations. This would allow for improved log management, correlation, and security analysis capabilities. It also notes that growing log volumes will continue to pose challenges and will need to be addressed.
What We’ve Learned Building a Cyber Security Operation Center: du Case Study
The cybersecurity landscape is rapidly evolving, with new threats and threat actors emerging, and traditional security operations centers (SOCs) need to be augmented accordingly. This session will detail the journey of du in building and continually enhancing its SOC, physically and philosophically, to best deal with attack detection (offensively and defensively) and response.
(Source: RSA Conference USA 2017)
What's hot (20)
Cyber Tech Israel 2016: Advanced Threat Protection Technical Overview
Cyber Tech Israel 2016: Advanced Threat Protection Technical Overview
DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)
Tiptoe Through The Network: Practical Vulnerability Assessments in Control Sy...
Tiptoe Through The Network: Practical Vulnerability Assessments in Control Sy...
Dragos S4x20: How to Build an OT Security Operations Center
Dragos S4x20: How to Build an OT Security Operations Center
Improve threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usm
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
How to discover vulnerabilities in business and mission critical systems
How to discover vulnerabilities in business and mission critical systems
Log Standards & Future Trends by Dr. Anton Chuvakin
Log Standards & Future Trends by Dr. Anton Chuvakin
What We’ve Learned Building a Cyber Security Operation Center: du Case Study
What We’ve Learned Building a Cyber Security Operation Center: du Case Study
Viewers also liked
Presentacion demo mc afee siem
This document provides an overview and demonstration of the McAfee Security Information and Event Management (SIEM) solution. The McAfee SIEM allows organizations to detect, prioritize, and manage security incidents with a single solution by providing real-time visibility into activity across an organization's systems, networks, databases, and applications. The demonstration shows how to configure the SIEM, add devices to be monitored, access reports and graphs, and view training resources to optimize use of the solution.
IT Security Resume 2015
Ramesh Yellapu is a Network Engineer with over 8 years of experience. He has worked at ACS Technologies in Visakhapatnam, India since 2013. His responsibilities include installing, configuring, and upgrading operating systems and software, performing data backups, security monitoring, and recommending improvements to network configurations. He has experience with Cisco routers, switches, and firewalls, as well as configuring VLANs, routing protocols, and providing remote technical support. Ramesh holds a B.E. in Electronics and Communication Engineering and has received training in hardware, networking, and CCNA certification.
Hemant_Experience
Hemantkumar K. Bairagi is a Level 2 Security Analyst with over 2 years of experience in security operations centers. He currently works for Vodafone, where his responsibilities include analyzing security events, handling incidents, and escalating issues. He is seeking opportunities to further contribute and improve his skills. He has certifications and technical skills in areas like ethical hacking, SIEM tools, networking, and operating systems security.
Swapnil Goud Tadkal
Swapnil Goud Tadkal is a masters student studying computer forensics with a 3.92 GPA. He has over 2 years of experience working in cybersecurity roles involving log analysis, event monitoring, network security and threat management using various SIEM tools. The document provides details on his education, work experience, skills, and current coursework in computer forensics.
pandi.resume (1)
This document contains the resume of A. Pandiarajan, who is seeking a position in the hospitality industry. It summarizes his work experience as a Restaurant Manager in Bangalore since 2016, previously as a Headwaiter in Abu Dhabi from 2015 to 2016, and as a Captain in Qatar and Chennai between 2011 and 2015. It also lists his educational qualifications and personal details.
VIPIN_GUPTA_SECURITY_ANALYST
Vipin Gupta has over 7 years of experience in information security. He currently works as a Security Analyst Level 2 at Sattrix Information Security, where he implements and manages ArcSight tools to provide security operations center solutions for clients. He has expertise in ArcSight Express, ESM, and Logger. Gupta holds certifications in Certified Ethical Hacking and ISO 27001 Lead Auditor. He obtained an MS in Information Security from IIIT Allahabad and organized their CEH certification training in 2015.
Ashwin Resume
The document provides a summary of Ashwin Vijay's professional experience and qualifications. It outlines his 8 years of experience in information and network security, including system and network administration. It also lists his academic credentials of an MS in Cyber Security from Lancaster University in 2011 and a BTech in Information Technology from Anna University in 2006. His technical expertise includes firewalls, IPS devices, antivirus software, and other network security tools. He is currently a Senior Engineer at Hibu India where he manages their network infrastructure and security.
Ambrish keshari resume
IT Professional Expertise in SailPoint Identity IQ, IdentityNow, Identity Management, Identity Access Management, Identity Access Governance, Role Bases Access Management, Life Cycle Manager, Work Flow, Separaton Of Duties, Application On-boarding, Writing Custom Connector, Workflow, Certification, Rules, Policy, Implementing Business Requirement. worked on Different Silpoint Connectors like AD, Databases, Lotus Notes, SAP GRC, Mainframe (RACF, ACF2, TopSecret)
Clinton Resume
John Paul Clinton is seeking a challenging career where he can use his skills and experience to help an organization grow. He has 2 years of experience working in information security at HCL Technologies, where he gained knowledge of security technologies like SIEM and endpoint security. He has technical skills in areas like Windows, networking basics, and Microsoft Office. At HCL he protected networks from attacks, led upgrades to endpoint security infrastructure for clients, and communicated with overseas clients about updates. He has a Bachelor's degree in Electrical Engineering and his areas of interest include social work, writing, sports, music and politics.
Manoj Kumar_CA
This document contains the resume of Manoj Kumar M, who has over 4 years of experience working with CyberArk security software. He is currently a CyberArk Engineer for Vodafone, where he is responsible for implementing and supporting CyberArk's privileged identity management suite, integrating it with other security tools, and training colleagues. His technical skills include CyberArk certification, CCNA certification, and experience with firewalls, intrusion detection systems, and vulnerability scanning.
Mohini_experience
This document contains the resume of Mohini Ganpat Karpe. It summarizes her experience working as a Level 2 Security Analyst in the Security Operations Center at Vodafone for over 2 years. It also outlines her academic qualifications including a B.E. in Computer Engineering with distinction, and relevant technical certifications and skills like the EC Council Certified Ethical Hacker certification.
Devasis Kumar Mahato - Resume
This document contains a resume for Devasis Kumar Mahato. It summarizes his work experience and qualifications. He has over 4 years of experience in information security and SIEM, currently working as a Team Lead for SOC Services at Paladion Networks in Bangalore, India. In this role, he performs security monitoring, incident response, and ArcSight administration. Previously he has also worked on security projects for several banks, enterprises, and other organizations. He holds technical certifications in CCNA and ArcSight administration.
Rajesh Gurunathan - Network security & Arcsight
- Rajesh Gurunathan is a network security professional with over 5 years of experience seeking a challenging position.
- He has extensive experience providing network and security operations support across various industries.
- He is proficient in networking technologies like Cisco, Juniper, and Checkpoint and security tools like ArcSight and QRadar.
Resume recent-b
This document provides a summary of E. S. V. Krishna Mohan's experience and qualifications. It outlines over 14 years of experience working with multinational companies like TCS, IBM, and Volt in various roles including program management, operations, security, testing, and more. It also lists his education qualifications and certifications in areas such as ITIL, Six Sigma, and Agile methodologies.
Viewers also liked (14)
Similar to Mohammad Tahir_CV
Imran Resume
Imranulla is a Network Security Engineer with over 3 years of experience working with Wipro Infotech. He currently holds the role of Administrator Managed Security Services - L2 and is part of the Security Incident Management Team. His key responsibilities include monitoring security devices for events and incidents using SIEM and IPS/IDS tools, performing incident analysis, and managing security products. He has strong technical skills in tools like Arcsight, Qradar, IBM Proventia, Cisco IPS, and McAfee IPS.
TIANQIANG_Carl_Network_Security
This document provides a summary of Tianqiang Yu's work experience and skills. He has over 8 years of experience in IT, networking, customer service, and technical support. Some of his key experiences include routing and switching, security, F5 load balancing, and Palo Alto firewalls. He is proficient in network administration, routing protocols, security technologies, and has experience supporting corporate clients and managing teams. He has certifications in Cisco CCNP, CCNA, and is working towards Cisco CCIE Security. He is currently working as a Security Operations Engineer for Citizens Bank, where he is responsible for network and security operations support.
Resume
Manean KVS is an information security specialist with 11 years of experience in network security and information security. He has expertise in vulnerability assessment, compliance audits, firewall configuration and management, intrusion detection systems, and forensics. He is proficient in security tools such as Nessus, Metasploit, Snort, and forensic tools. He has worked as a lead information security professional and conducted security audits, vulnerability assessments, penetration testing, and policy implementation for various organizations. He holds certifications like CEH, ITIL, and is a licensed penetration tester and ISMS auditor.
Shashikant Chavan_Resume
Shashikant Ramakant Chavan is an Information Security Analyst with over 4 years of experience in network and information security. He currently works as an Information Security Analyst for Happiest Minds Technologies, where he monitors logs, integrates security devices, and tunes the SIEM tool. Previously, he worked as a Security Engineer and SOC Analyst for Netconnect India and HCL Comnet, where he performed security monitoring, incident response, and log analysis. He holds professional certifications in CCNA, CEH, ITIL, and McAfee security products.
628577
Hayat Azizi has over 17 years of experience in information technology including system administration, security, project management, and technical support. She currently works as a System Administrator for ManTech International supporting the Department of Defense Standard Procurement System. Previously she held positions as a System Analyst for the Drug Enforcement Administration and Network Security Engineer for the Department of Homeland Security through contracts with ASRC Federal and Verizon Business. She has a Bachelor's degree in Information Systems and certifications in ITIL, Security+, and is pursuing additional certifications.
santoskumaarResume - updated
Santoskumaar S is a security professional with over 4 years of experience in vulnerability and risk assessment. He has expertise in using tools like Qualys Guard, Nessus, Kali Linux, and Metasploit to perform security assessments and identify vulnerabilities. Currently he works as a Risk Specialist at Infosys BPO where he is responsible for PCI compliance, vulnerability testing, security implementation, and audits. Previously he worked as a Security Analyst and Transmission Engineer at Tata Communications handling tasks like network security reviews, penetration testing, and optical network maintenance.
David Patterson IT Security Resumes 2016
Senior cyber security engineer with over 30 years of experience in technical management, hardware engineering, system and network engineering. Experience monitoring, analyzing, migrating, designing, consulting, deploying, troubleshooting and project/technical management of large network systems. Skilled in evaluating system vulnerabilities, compiling analysis, reporting threats, and recommending security improvements.
RESUME_Pothirajan M-SIEM
Pothirajan is seeking a challenging position that utilizes his skills in networking, security analysis, and troubleshooting. He has over 5 years of experience in roles such as Network Engineer, Network Administrator, Information Security Analyst, and SOC Analyst. His experience includes working with SIEM technologies, firewalls, endpoints, and networking devices. He has technical skills in networking protocols, security tools, and analytics platforms like RSA Envision. Pothirajan holds a B.E in ECE and security-related certifications like CCNA and Security Analytics Professional. He is looking to contribute his analytical and troubleshooting abilities to positively impact company performance.
John kingsley OT ICS SCADA Cyber security consultant
John kingsley OT ICS SCADA Cyber security consultant
SCADA ICS Security Courses
Lack of SCADA ICS security professionals that lead to big gaps between compliance against the respected guidelines with the real situation at site. Critical needs for proper security professional in SCADA ICS
SCADA ICS Security Assurance
Ensuring the SCADA ICS environment to comply with the security requirements in order to maintain the production operations and sustain the business performance
SCADA ICS (OT) Security Services
SCADA ICS Security Services Summary
SCADA ICS Security Asset Management
SCADA ICS Security Risk Management
SCADA ICS Security Assessment
SCADA ICS Standard, Policy & Procedure Management
SCADA ICS Security Implementation
Cyber Security Services
Vulnerability Assessment
Penetration Testing
ISO 27001 Certified Management System Audit
Abhishek-New (1)
Abhishek Narasimhan is a security analyst with over 5 years of experience in SIEM, security management, and incident response. He is currently working as a senior analyst at Accenture responsible for monitoring SIEM solutions and isolating infected hosts. Previously he worked as a senior security engineer and team lead at HCL Technologies where he implemented and managed SIEM tools like RSA Envision. He has expertise in network security, penetration testing, and forensics.
Hayat resume 1
Hayat Azizi has over 17 years of experience in information technology including system administration, security, project management, and technical support. She currently works as a System Administrator for ManTech International Corporation supporting the Department of Defense Standard Procurement System. Her experience includes managing Active Directory, client maintenance, and functional testing. She has a B.S. in Information Systems and several IT certifications.
Finto InfoSec ExIBM- CISSP ITIL CCSP CCIE JNCIS MCP 8.5 Yrs
Finto InfoSec ExIBM- CISSP ITIL CCSP CCIE JNCIS MCP 8.5 YrsFinto Thomas , CISSP, TOGAF, CCSP, ITIL. JNCIS
Finto Thomas is an Information Technology Security Consultant with over 8.5 years of experience advising large businesses and Fortune 500 companies. He has expertise in network and security architectural design, implementation, and review. Some of his skills include cyber threat intelligence, penetration testing, firewall configuration, and cloud/mobile security. He is certified in CISSP, several Cisco certifications, ITIL, and IBM Qradar. He has worked as a Project Manager at IBM India and held security roles at Wipro and Trimax Data Centre.tarunidhar
Tarunidhar Chitirala seeks a position in corporate security that allows professional growth. He has over 2 years of experience in IT security, analyzing threats and responding to incidents. His skills include network security, penetration testing, Linux, programming, firewall technologies, vulnerability assessment, and log analysis. He is currently a Security Engineer at HCL Technologies, where he implements and manages SIEM and vulnerability management tools. His responsibilities include monitoring logs and security events, deploying and configuring security tools, and investigating and reporting on security incidents.
Biswajeeban
Biswajeeban Padhy is a networking professional with over 5 years of experience in networking and security roles. He has technical certifications including CCNA, CCNA Security, and CCNP. He has expertise in firewalls, VPNs, routing, switching, and more. Currently he works as a senior security engineer for Punjab National Bank, where his responsibilities include monitoring and maintaining security devices, performing traffic analysis, and resolving issues.
Pramod Yadav_Security Operations Center Manager
Pramod Yadav is an experienced IT security professional with 10 years of experience in information security compliance, security operations, risk management, and project management. He has a Bachelor's degree in Science from Mumbai University and several professional certifications. He is currently pursuing the CISSP security certification. Pramod has worked as a SOC Manager at IBM and Security Operations Lead at Wipro, managing security operations centers and security solutions.
Jatinder Singh
The document provides a summary of Jatinder Singh's skills and experience. It lists his contact information and then outlines his 8 years of experience in information technology and network and security administration. It details his expertise in areas like routing protocols, L2 technologies, VLAN configuration, access lists, port security, and VPN tunnels. It also lists his technical skills and certifications in areas like Cisco, Windows, firewalls, antivirus software, and networking.
Resume
This document contains the resume of Nathaniel Marquez, an IT professional and freelancer seeking a dynamic position in information technology. It includes his contact information, educational background (a bachelor's degree in information technology from Columban College), work experience in various IT roles from 2012 to present in the Philippines and United Arab Emirates, skills (including networking, security, programming, and design), qualifications, achievements and references.
Nachaat Mohamed resume
Nachaat Mohamed is a senior penetration tester and information security consultant with over 15 years of experience. He has extensive experience in network security, web application testing, Oracle development, and information security standards. He is seeking a new position where he can apply his technical skills in areas like penetration testing, vulnerability assessment, and Oracle development. He has multiple professional certifications and has worked for companies in Kuwait, Egypt, Lebanon, and Saudi Arabia.
Willard_Grayson_201505
Will Grayson has over 25 years of experience in information assurance, network engineering, systems administration, and security. He currently works as an Information Assurance Engineer for Commander Navy Region Europe Africa Southwest Asia, where he ensures compliance and provides expert advice and solutions for network issues. Prior to this, he held roles such as Director of Network Technical Services, Information Assurance Manager, and Network and Systems Administrator. He has a variety of technical certifications and specialized training.
Resume
Preethi Nagarajan is a Senior Software Engineer at Cisco Systems with over 5 years of experience in manual and automation testing in networking, video cloud technology, and automotive domains. She has extensive experience in functional, performance, sanity, security, UAT, and regression testing. Her skills include Unix, Linux, Openstack Cloud, Selenium, scripting, and working with teams in an Agile environment.
Similar to Mohammad Tahir_CV (20)
John kingsley OT ICS SCADA Cyber security consultant
John kingsley OT ICS SCADA Cyber security consultant
Finto InfoSec ExIBM- CISSP ITIL CCSP CCIE JNCIS MCP 8.5 Yrs
Finto InfoSec ExIBM- CISSP ITIL CCSP CCIE JNCIS MCP 8.5 Yrs
Mohammad Tahir_CV
- 1. CURRICULUM VITAE Mohammad Tahir Shekh Email:- mohd_tahir_shaikh@yahoo.in Phone:- +91-9738813359 Objective Obtaining perpetually challenging position in Information security group to achieve high standards in professional competencies so as to benefit self and the organization. Professional Experience Organization : National Bank OfKuwait (Aug. 2015 to Present) Department : Security Operations Center (SOC) Position : SOC Analyst Essential Duties and Responsibilities o Monitoring and Managing the real time events for the security devices (Firewall, Routers, Servers) using the Arcsight o Responsible for Arcsight System Health Monitoring, and basic Arcsight Trouble Shooting. o Responsible for Arcsight Content Development (Reports, Rules, Filters, Active Channels, Dash Boards etc.) o Incident Analysis and Management in the Security Operations Center o Preparing Daily Reports and Security Advisory for Devices o Preparing Monthly Incident report with complete analysis of customer devices o Analysing the Events and providing details and solutions to the next level o Installing and configuring Arc sight Agent on customer critical servers and monitoring the events. o Troubleshooting ArcSight Related Activities within short span of time Period. o Preparing Security Advisory for the new vulnerabilities released and informing to the customers o Preparing Reports Monthly for the entire customer. Which includes the Top Virus infected machines and Top Attacks and Top Vulnerable Ports etc o Raising and Implementing Change Control, Preparing knowledge base for all the incidents, changes and problems resolved. o Monitor all critical ports of Firewalls for continues security threats and do first level analysis / troubleshooting for known / less critical security incidents. Organization : Paladion Networks Pvt.ltd. (Oct. 2013 to July 2015) Department : Security Operations Center (SOC) Position : Analyst SOC Services Essential Duties and Responsibilities o Providing security services to clients using the SIEM tool ArcSight.
- 2. o End device Log integration with ArcSight. o Monitoring the networks of several of the largest global businesses for potential intrusions and questionable traffic. o Log monitoring and analysis for devices such as Firewalls, IDS, IPS,Windows Servers, Unix Servers,Proxies, etc. o Managing ArcSight Agents, Rules, Filters, Dashboards, Active Channels, Reports and Queries, Active lists. o Experience on Event log monitoring tools and Proficient in participating for investigating security breaches activities over network. o Configured reports in ArcSight ESM as per the Customer requirement for various device classes such as Firewalls, Databases,UNIXand Windows Servers, etc. o Installing and Configuring SmartConnector software on Agent Server. o Troubleshoot and resolve basic issues encountered during daily operation. o Preparing Daily, Weekly and Monthly Incident report along with security advisory with complete analysis of various device assets of client. o Performed security analysis and Vulnerability Assessments with Nessus. o Creating Standard Operating Procedures (SOP) for the team. o Participating in monthly Customer Review Meeting to discuss the various networking equipments performance. Other Technical Skills o Understanding of TCP/IP,DNS and Networking Fundamentals Routing & Switching. o Fundamentals of Footprinting techniques, Scanning, Firewalls, Proxy servers,Firewalls, IPS, IDS, ASA . o Vulnerability management, DLP Management & Malware Analysis. o Knowledge of Malwares- Trojans, Backdoors, Virus, Worms, Rootkits, Botnets, Spywares. o Knowledge in various attack types such as DOS, DDOS,SQL Injection, Cross Site Scripting(XSS), Buffer Overflow. o Routing-Static, RIP,OSPF, EIGRP,BGP, Switching- VTP TRUNKING,Working on multilayer switches, NAT, ACL, Advance WAN technologies(Frame relay), MPLS, Virtual link, Redistribution, HSRP, GLBP, VRRP, Ether Channel, Private VLAN ,Backup & Restore o Monitoring Tools: Arcsight, FireEye, McAfee epo, BalaBit, CSMA, Nessus Vulnerability Scanner. Global Certification Cisco Certified Network Associate (CCNA)(R&S) Cisco ID: CSCO12425726 Cisco Certified Network Associate (CCNA)(Security) Cisco ID: CSCO12509371
- 3. Microsoft Certified IT Professional (Id: D706-8263) Microsoft Certified Technology Specialist(Id: D706-2419 ) Trainings Undertaken o CCNP(R&S). o Near Future Goal : CEH (Certified Ethical Hacker) Academic Qualifications o Bachelor ofTechnology (B.Tech) in Computer Science from JECRC UDML college of Engineering, Jaipur in 2013. Personal Details Father’s Name : Mohammad Salim Shekh Date of Birth : 22nd February 1990 Nationality : Indian Language Proficiency : Hindi, English Marital Status : Single Passport : M9395890 *I hereby confirm that the above information is correct to the best of my knowledge. Mohammad Tahir Shekh