1. MANEAN KVS
Contact: +91 9841503795; manean@rediffmail.com
INFORMATION SECURITY SPECIALIST
 11 years of experience in network security& Information Security.
 Expertise on Vulnerability assessment and Remediation fix, Compliance audit scan on NIST standards
 Specialist on Open-source Firewalls, Ip-tables, IP-cop, Juniper and Fort iGATE Firewalls
 Good Knowledge and Adaptability on Open-source SIEM tools like Octopussy, Security onion, OSSIM.
 OWASP Web app scanning tools
 PCIDSS Audit implementation for certification
TECHNICAL SKILLS
 Security Products/Applications: FortiGate, Squid T-Proxy, Routers, IP tables, DNS, NIS, NFS, Sniffer
Pro, Ldap.
 Vulnerability Assessment: Nessus, Found stone, ISS Site Protector, ISS InternetScanner, ISS System
Scanner, and Metasploit, N-Stalker, Web-Inspect, SSL Digger, Kismet
 Exploiting Tools: NMAP,NCRACK, Nessus,NXPOSE,openVAS,License Crackers, DDoS tools, John the
Ripper, hping, Dsniff,goldfinger etc.,
 Linux Skills: SAMBA, SQUID, Apache, NAT, DNS, SSH, Linux as Router, Experience on Firewall
configuration, Kernel Configuration, and Kernel Compilation, Concurrent Version Systems, Class
Based Queue Bandwidth Management, LDAP, Send-mail, DNS, Postfix, qmail configuration, High
Availability Clustering etc.
 Intrusion Detection Systems: Snort ,SIEM, Opensource-Security Onion, & Alienvault Pilot Setup.
 Forensics : File Scrubber, Foundstone Forensics Tool kit, Stellar phoenix
 Admin Tools :Nagios, linuxconf, vmstat, iostat, top, traceroute, ping, sar, ntop, webmin
 Database Auditing : Scanning Database Servers (ORACLE & MS-SQL) scanning patch updates,auditing
user privileges for tables and databases
 Data Leak Prevention : Pawaa, Websense
 Security Audit Recommendation & Implementation without any Business on Information
Security Standarads
 PCIDSS audit implementation for organization
PROFESSIONAL EXPERIENCE
Plintron Technologies Private Limited since June 16 2014
Lead Information Security
 Data Centre Audit
 Vulnerability Assessment & Penetration Testing
 Source Code Audit
 DLP Solution
 VLAN Audit
 Patch Policy Implementation Guideline
 Proof of Concept on latest technologies
 Audit Framework on PCIDSS Scan & Audit
 Policy Audit on ISMS policies

2.  Setting up isms quiz and security awareness for organization employees
 Pcidss audit implementation 3.1 for organization
 CPISI certified version 3.1 from sisa
November 2009 to 2014
Temenos India Pvt Ltd.
Senior Specialist –IT Domain – Banking and Finance
 Risk Assessment and Vulnerability Assessment and Penetration Testing for Temenos Global offices
Regions like UK, US, Geneva, Bucharest, Belgium, Lausanne, Germany, Paris and India
 Remediation Fix on VA scan and Penetration Testing.
 OS Hardening on Unix and Windows
 Updating and Monitoring Security Patches and Hot Fix for Window Servers
 Active directory audit
 BCP—coordinator RTO & RPO Analysis audit for criticaldevices and servers
 Handling ISMS Audit-policy and procedure updates
 Oracle Database Auditing reviewing security Patches periodically
 WLAN Security scanning
2014-2015(Jan-June10-2014)
Unified Threat Management analysis on Alinevault Ossim Recommendation
Alienvault Threat logs analysis
MBAM –disk encryption compliance & auditing
Zscaler cloud webproxy testing
Regular VA Scan for every quarter & Remediation fix and followup
Policies on BYOD Implementation Recommendation
Cloud-Services Auditing implementation & Recommendation –Intermeidiate level
Centralized Symantec Antivirus Management Recommendation
2013 – 2014
 Risk Assessment – VAPT for Servers & network devices
 Webapplication/Servers Security Scan on OWASP TOP Ten Standarads
 Implementing SSL cert authentication for critical servers internally and externally
 Periodic Vulnerability assessment Scan and Remediation Fix
 Patch Management and Simulation,Implementation
 OS Hardening Guidelines
 Policy and standards for all OS flavors & network devices
 NIST Standard Compliance Scan using Nessus for all OS flavors
2012 – 2013

3.  Risk Assessment – VAPT for Servers & network devices
 Implementing SSL cert authentication for critical servers internally and externally
 Active Directory Audit
 Periodic Vulnerability assessment Scan and Remediation Fix
 Patch Management and Implementation
 OS Hardening Guidelines
 Policy and standards for all OS flavors & network devices
 NIST Standard Compliance Scan using Nessus for all OS flavors
2011 – 2012
 Vulnerability assessment and Penetration Testing on Temenos Global office
 SSL certificate Audit and scan
 Security onion tool implementation
 Application Hardening Guidelines
Apr 2010 – Oct 2010
 SSL Cert Server Implementation
 OSSIM Alien-vault pilot server implementation
 E&Y external audit coordination on Global Penetration Audit
Gen Pact. Feb 2009 – Jul 2009
SOC Technical consultant
 Vulnerability Assessment (VA) and VA Server Implementation
 System Audit
 Maintaining SNORT IDS Servers with Net Forensic logs correlation
 Logs and Packet Analyzing
 Worked for Client (Ge-Fleet)
 Vulnerability Assessment for Client LAN Desktops
 Sophos Antivirus Administration
 Snort Server Implementation on Different Network Architecture
Feb 2009 – Aug 2009
 Network Security monitoring for SOC Client - Snort IDS monitoring & analyzing critical alerts with
Netforenscis
 Vulnerability assessment and remediation fix
 Updating latest Snort rules & signatures
Cybernet Slash Support – CSSCorp Sep 2007 to Nov 2008
Senior system administrator (IT security)
 Vulnerability Assessment (VA) and Remediation fix& System Audit

4.  Handling Juniper Net screen Firewall ISG 1000, SSG 550M, NS204, NS50.
 Configuring Firewall Interfaces & Zones by Trust, Untrust & DMZ Zone.
 Establishing and Managing firewall Policies and rules.
 Establishing & Configuring Site-Site VPN connectivity.
 Configuring VPN connectivity with Policy based and Route based VPN.
 Configuring Firewall Routing entries based on source & destination route.
 Implementing and Monitoring Servers (NTOP, CACATI & SYSLOG -NG)
 Policy Restrictions in Firewalls and Servers
 Maintaining SNORT IDS Servers.
 Web sense Enterprise (Content Filtering with ADS login Setup)
 Installation and Maintenance of Octopussy-Server (SIM/SIEM Tool)
 Net screen Firewall Administration
Sep 2007 to Nov 2008
 SIEM implementation - Octopussy
 Vulnerability assessment & Remediation fix
 ISMS 27001 Audit implementation
 Juniper Firewall administration
Sify Ltd. SinceJan 2005 to Jul 2007
System Engineer
 Vulnerability Assessment (VA)
 Kernel Customization in Red-hat Linux.
 Ip-tables configuration.
 Proxy Server Implementation.
 OS Hardening for Windows, Linux, Solaris.
 Implementing and Monitoring IDSlogs and review – SNORT
[Front end Tool: BASE, ACID, and Honey net Security Console]
 Access control auditing for Data Center
 Responding to security incidents

5.  Conducting Internal Vulnerability assessment periodically
 Periodic Risk assessment E.g. Hack Incidents or Phishing Attacks
 Auditing of Firewall Conduits Generating reports.
Jan 2005 – Jul 2007
 Linux Firewall Server Implementation.
 NIDS Implementation
 Squid-T proxy Implementation on all Sify lan
 OS Hardening
 Vulnerability Assessment and IDSLogs monitoring for Sify Safe Crypt
 ISMS SOC Audit
 Web Application Security Scan
Offshore Security InfrastructureManagement Services:
Vulnerability & Patch Management
 Evaluating current risks and threats to the environment for gapremediation&assistance in making
the information processing facilities more secure
 Vulnerability assessment of critical servers and other network devices using ISS Internet Scanner,
Foundstone and Nessus.
 System compliance profiling by ISS System Scanner
 Categorizing assets and developing deployment plans for security patch installations.
 Recommendations for hardening the network devices.
CERTIFICATIONS
 Certified Ethical Hacker (CEH)
 Information Technology Infrastructure Library (ITIL -Foundation)
 EC-Council Security Analyst/Licensed Pen Tester(ESA/LPT)
 Trained in ISMS-27001-LA Auditor(BSI)
 CPISI audit certified from (SISA)

6. EDUCATION
 Master of Computer Applications – Bharathidasan University, Trichy. (2004)
 Bachelor of Arts(Corp Sec.ship)– University of Madras,Chennai(2000)
Declaration
I affirm that all the above particulars are true to the best of my knowledge and Belief
Date – Yours sincerely,
Place – CHENNAI [MANEAN.KVS]