This blog is all about Cyber Security and IT

Davinder Pal Singh

Hey , I am a Security Analyst !

With a passion and talent for aligning security architecture, plans, controls, processes, policies and procedures with security standards and operational goals.


CERTIFICATIONS

CEH v10  by EC Council
 CompTIA Security+  by Cybrary
 Metasploit by Cybrary
Digital Marketing by Google
Web Designing by Webx Technology
Vulnerability Management Specialist by Qualys
Web Application Scanning Specialist by Qualys
HTML|CSS|JAVASCRIPT|PHP|SQL by Solo Learn
Python Certified by Google
BBHv1 Certified by HackerERA(Offensive Approch to Hunt Bugs)
BBHv2 Certified by HackerERA
DLP Specialist By Zscaler
ZCSA Certified by Zscaler

EXPERIENCE

Zscaler, Mohali, INDIA | 8/2019 to Present

Software Engineer II (Cloud Application Security Researcher)

  • Here I work as a Cloud Security Researcher for Cloud application like Discovery of various cloud apps and getting their validation done so that we check whether iit fits in enterprise environment or not.

  • Working as automation expert for developing various scripts to identifying security flaws as per business requirements

  • Working as a backend coder for one of the future tools that will secure cloud transactions.

  • ➢ Develop Security Policies for blocking various attacks.

    ➢ Discover new threats for cloud customers

    and prevent its user from accessing

    malicious content. URLs

    ➢ Developing CASB that is the Future of Cloud Security.



Orange Business Services, Gurgaon, INDIA | 7/2017 to 2/2019
SOC Engineer
Ø   Handling Cyber SOC projects with all Activities on SIEM’s (Arcsight, QRadar, IPS/IDS, Arbor & Qualys)
Ø     Working on Proactive & Reactive security incidents corresponding to use cases.
Ø  Standard rule creation & fine tuning of use cases by mitigating false positives.
Ø  Participating in regular weekly meeting for fine tuning the uses cases.
Ø  Preparing reports and dashboards and discussing them with L3 team and affiliates.
Ø  Making rules in QRadar to analyze security logs from different security devices for Threat management
Ø  Analyze and respond to hardware and software weaknesses and vulnerabilities using Qualys
Ø  Make recommendations of countermeasures and install approved Patches and tools.


Fidelity National Information Services, Mohali, INDIA | 2/2019 to 8/2019
Information Security Engineer
Ø  Analyze incident and provide further recommendations 
Ø  Design, implement and report on security system and end-user activity audits; monitor server, application, and network traffic for unusual or suspicious activity via SIEM solution; interpret activity and make recommendations for resolution. 
Ø  Preparing technical analysis reports and dashboards of the weekly security incidents and their possible threats.
Ø  Downloading/importing & applying IPS rule updates
Ø  Internal network & customer network Vulnerability Assessment
Ø  Daily/Weekly/monthly reports with different countermeasures as per the customer requirement
Ø  Making rules in SIEM to analyze security logs from different security devices for Threat management






Automation Projects

➢ In SOC(OBS), Developed a tool that automatically fetch information of the alert, Fetch destination IP, and filter out the relevant information automatically that is required for the investigation

➢ Malicious URL detector based upon MISP feeds. For this developed a script that will fetch 38 feeds from the world that are updated everyday. After that matching with uncategorised data to identify malicious domains and that mapping that with VT API for FP detection. Also build a a beautiful UI for to track everything.

➢ Developed various python scripts for getting CASB Information. (Patent Registered)

➢ Developed a tool for a URL categorisation team to handle their complete workflow (python, HTML, CSS, php)

➢ Developed a CASB portal for internally managing of CASB data and for handling CASB Team workflow and to generate Shadow IT report. (Django)

➢ Developed a ticketing tool for CASB Abnormalizes management. It is totally developed using PHP

 Developed SmartCat tool in PyQT5 for smart Categorisation and speed up work to 100%





TECHNOLOGY SKILLS

Operating Systems/Platforms
Ø  Redhat Linux 6.X.X,Centos 6.X.X, Ubuntu 18.04 LTS , Windows 10/8/7/XP

Programming/scripting languages
Ø  C, C++, PHP, PYTHON

SIEM Tools/Security Tools
Ø  QRadar, ArcSight, RSA_SA
Ø  Arbor DDoS
Ø  McAfee EPO
Ø  Juniper NSM
Ø  SourceFire, FireEye
Ø  Metasploit, Nmap, SQLi
Ø  Top 10 owasp understanding
Ø  Wireshark

Vulnerability Assessment Tools

Cloud Technology
Ø  Amazon Web Services (Associate)



EDUCATION QUALIFICATION
Ø Post-Graduation in MCA
§  Chitkara University (2016-2018)
§  9.6 CPGA
Ø Graduation in BCA
§  Sikkim Manipal University  (2013-2016)
§  70 Percent
Ø XIIth  from CBSE ( Non- Medical )
§  71 Percent
Ø Xth from CBSE
§  8.0 CGPA


INDUSTRIAL TRAININING’S
Ø  6 months Web Development training from Webx Technology Chandigarh
Ø  SSCP training from FIS
    Ø  CISA training from FIS

ACHIEVEMNETS / PASSION
·         Top Scorer during MCA
·         Hosting Events during Industrial Programs
·         YouTube (singhbusinessguide) and Blogger at cyberknowledgebase.com and singhbusinessguide.com


LANGUAGE
Ø  English
Ø  Hindi
Ø  Punjabi

3 comments: