P Surendra Mohan Lead Cyber Security Analyst - Cyber Security COE E-Mail: Mobile: +91 9900013553
P Surendra Mohan Lead Cyber Security Analyst - Cyber Security COE E-Mail: Mobile: +91 9900013553
P Surendra Mohan Lead Cyber Security Analyst - Cyber Security COE E-Mail: Mobile: +91 9900013553
Technologies:
HB Gary ResponderPro, Mandiant, Encase and Splunk
GRR, Burp, Nessus, Fiddler, WAF
Network Packer Analysis, Malware Analysis, Memory Analysis
Symantec DLP, Ironport, SCADA Security, Internet of Things(IOT)
Bluecoat, McAfee Web gateway Proxy
Net Forensics
McAfee, Symantec and Sophos
Symantec Network Access Control (NAC)
LEAN, GB
Achievements :
Received Partner Awards from HGS
Work Experience in Honeywell Information Security Operations (Mar 2011 till date)
Technical Lead with Honeywell Technology Solutions
Responsibilities Include: -
Perform Incident Response, Digital Forensics and Threat Intelligence Management for
Honeywell as part of Global Honeywell Soc team
Review Cyber security Threats on a real-time basis through Splunk SIEM and create
Incident Dashboards
Design, implementation of Defense Intelligence through STIX, TAXII and CyBox Threat
Intelligence Framework and address Advance Persistence Threats.
Project Management and Technical implementation of Symantec Data Loss
Prevention(DLP) Pilot in Honeywell
Performed Quality Assessment for Mobile Devices Threat Detection Appliances
Designed the System to build Automated Memory, Malware & Registry Analysis using
Remnux
Perform Network Logs and Packet Analysis and identify the anamolies
Planned and implemented Integration of Threat Intelligence to detect and alert the
Analysts on the malware detections
Analyze and remediation Web Application vulnerabilities
Knowledge on Latest Tools, Techniques & Procedures and attack trends
Follow Latest Security Threats and Vulnerabilities and capture Indicators of
Compromise
Prepared and shared the Management with the Observed Risks mainly on the Software
Compliance and Browsing history to educate the users and implement Cyber Security
Controls based on the Region
Performed Mobile Device and Application Forensics for Android applications
Identified the malware and Extent of Compromise during Significant and Major
Incidents and remediated the Systems.
Worked on effective communication and collaboration between various teams in US and
Europe and Asia.
Prepared and worked on the Metric stabilization and improvement
Handled Escalations in an effective manner and ensure to resolve the issues end-to-end
Worked on useful Technical articles and enriched documentation in the Knowledge Base
Analyzed and identified vulnerabilities in Honeywell products and shared the Analysis &
Remediation report to the respective Business Project managers.
Integration of Honeywell Labs to the Incident Response process
Developing and Implementation of Security posture and Incident Response of Mobile
devices
Performed Malware, Memory Analysis and Sandbox Analysis
Performed Digital Forensic analysis through Encase and packet analysis through
Wireshark.
Proactively detect Phishing E-mails as part of E-mail Security through Threat
Intelligence
Tracking, handling and appropriately responding to all vulnerabilities on Honeywell
computers, Mobiles and Servers.
Worked in close synchronization with Global SOC team, DLP, Architecture, Application
& Product Security and Policies and Standards Teams.
Analyze existing Information Security policies, identify gaps and recommend
new/revised policies and procedures, approval processes, and monitoring methods
Organize Monthly Soc Meeting and share the updates to the Management
Have good communication skills, focused on building strong customer relationships
Work Experience in GENPACT Information Security Operations (Mar 2010 till Feb 16th 2011)
Information Security Analyst with HD Supply Information Security
Responsibilities Include: -
Project management of Implementation of Sophos SafeGuard Laptop encryption
Anti-virus management, Creating CMR (Change Management Requests), CAB (Change
Advisory Board) for the implementation of Sophos End point protection on Servers and
representing Information Security team
Monitoring Snort IDS Linux and Windows devices using Snorby Technology for HD
Supply DMZ Network
Configuring, Implementing, Managing and upgrading IDS with Snort Architecture
(Snort 2.8,2.7 and 2.6)
Performing Risk assessment and defining Web based URL's and domains as ACL's in
Squid proxy
Performing Risk assessment of Spam mails content and blocking them from Ironport
Reviewing Server related logs and monitoring through Logrythm
Implementing event aggregation rules on Log Manager and configuring threshold and
Suppression events
Forensics and Investigations on Information Security Invidents and violations, co-
ordination with Legal team for further action on the employees and mitigation.
Forensics and Investigations on the Information Security Incidents and Event Alerts with
the coordination of Network, Server teams and other teams to evaluate the traffic
Security Products planning and implementation
Monitoring compliance with the organization's information security policies and
procedures among employees.
Documentation of Security Policies, Standards, Guidelines and Standard Operating
Procedures.
Analyze existing policies, identify gaps and recommend new/revised policies and
procedures, approval processes, and monitoring methods.
Incident response & handling - Investigation and Forensic analysis and reporting
Handle all the client update calls ensuring that the deliverables are met
Risk assessments and Vulnerability assessment
Achievements :
Bronze Award
Work Experience in GENPACT Corporate Information Security (Oct 07 till March 2010)
Responsibilities Include: -
Knowledge in Vulnerability assessments tools - ISS, Nessus and ISS scans automation.
Ensure that 100% compliance in GE GDC and SAS 70 and external audits of customers.
Conducting internal audits to ensure adherence to legal/regulatory and business
requirements.
Monitoring compliance with the organization's information security policies and
procedures among employees.
Documentation of Security Policies, Standards, Guidelines and Standard Operating
Procedures.
Analyze existing policies, identify gaps and recommend new/revised policies and
procedures, approval processes, and monitoring methods.
Responsible for providing endpoint security support to all GENPACT Location clients in
India and Poles like Hungary, Romania, and Mexico. - Sophos and Symantec AV
Knowledge in Host Based Intrusions Detection System (Desktop Proventia, SOPHOS
client firewall)
Administrate NIDS (Snort) boxes and keep them updated with the latest signatures.
End to end support to Netforensics (Nf) and NIDS infrastructure for GENPACT India
and China.
Monitor incidents in the network through NF and report the incidents to respective
teams.
Installation and Configuration of Network Intrusion and Detection Systems (NIDS)
devices for packet sniffing and event logging.
Implementation and monitoring the Webwasher Proxy Server and resolve all the
Technical issues related to Proxy server.
Firewall Change management process for CISCO ASA/PIX and Checkpoint Firewalls
Knowledge in Patch Management through SCCM and Bigfix
Assessment and Knowledge in other tools like Hyena and MBSA.
OS Hardening (Windows, Linux & Solaris Servers)
Knowledge in Incident Management
Knowledge in NAC and E-mail content filtering through Postini
Knowledge in device encryption - Safeboot
Organize Security Council call and send the Presentation and MOM to participants
Handle all the client update calls ensuring that the deliverables are met
Security Products planning and implementation
Incident response & handling
Risk assessments and Vulnerability assessment.
Implementation of LEAN Methodologies
Achievements :-
A Silver Award for Certificate for outstanding and consistent performance completing 4
lean projects in 2 months.
A Bronze award for exceptional performance for Storage devices compliance.
Consistently met and exceeded aggressive commitments and deadlines.
Lean implementation on Compliance projects to improve the standards.
Work Experience in GENPACT Information Security Operations (Oct 2006 till Oct 07)
Senior Engineer with GE Plastics Information Security
Core Responsibilities:
Experience in complete Anti-virus Management and Vulnerability Assessment.
Experience on Technologies which include Sophos , Symantec, Trend Micro, Proventia
Desktop and ISS.
Troubleshooting Sophos, Proventia Desktop and Symantec cases.
Troubleshooting Anti-Virus Alerts, Virus Outbreaks and preparing RCAs.
Worked on ISS Scanner and Management of Scanning and Patching of 15,000
workstations.
Sound understanding of Information Security Technologies, Concepts and practices.
Additional Responsibilities in the Process:
Worked on Symantec Projects.
Managing Business level Support Central community for GE Plastics Security.
Conducted trainings, knowledge sessions and Assessments for new hires.
Creating monthly reports of Anti-virus incidents and Virus count Trend.
Completed two Lean Projects on Support Central and Anti-virus and Vulnerability
Monthly reporting.
Achievements :
Bronze Award
Achievements :
Three Bronze awards and one Certificate of recognition for outstanding and consistent
performance.
Consistently met and exceeded aggressive commitments and deadlines.
Lean projects on Knowledgebase Management and Web Traffic Controller.
Educational Qualification:
Master of Computer Applications (2009)
Bachelor of Computer Applications (2003)
Personal Details:
Name : Surendra Mohan
DOB : 15-07-1983
Hobbies : Cricket, Football