Awaneet Chhabra

• Collaborated with cross-functional teams to establish robust network security strategies and policies.
• Spearheaded cloud migration projects, ensuring secure data transfer and storage across all platforms.
• Access Control & Security Governance: Implement role-based access controls (RBAC) and ensure compliance with internal security policies and external regulatory frameworks.
• Collaborate with DevOps and compliance teams to integrate security and governance checks within the CI/CD pipeline, ensuring that all deployments adhered to corporate compliance and regulatory standards.
• Implements and Integrate custom scripts (Python) for enhanced automation workflows, and collaborated with cross-functional teams to ensure seamless integration of automation solutions with network engineering and downstream applications.
• Security Orchestration & Automation (SOAR): Develop and maintain automated incident response playbooks using Palo Alto XSOAR, reducing reliance on manual security processes and increasing response efficiency.
• Risk Assessments & Compliance Audits: Conduct security assessments on key security tools like Splunk, CrowdStrike, and Zscaler to ensure compliance with regulatory frameworks and internal policies.
• Cloud Security: Lead cloud security initiatives on AWS, managing security risks and implementing infrastructure-as-code using Terraform to enforce secure cloud configurations.
• Incident Response: Lead incident investigations using security tools analyzing potential breaches and reporting incidents to senior leadership, ensuring swift incident remediation.
• Vendor Risk Management: Perform assessments of third-party security controls, providing remediation recommendations to mitigate potential vulnerabilities in third-party systems.
• Enhanced system security by implementing advanced encryption techniques and threat analysis tools.
• Participate in firm wide and other department projects / initiatives as a GRC representative / subject matter expert to provide GRC guidance and interpretation of rules, regulations, risks, and best practices. Create and implement policies, procedures, training and communication of the new policies and procedures to support these projects

• Coordinated with other departments effectively, integrating technical requirements into broader organizational goals seamlessly.
• Managed implementation of new technological improvements resulting in increased efficiency.
• Built trusted relationships with stakeholders through clear communication and collaborative problem-solving efforts.
• Delivered comprehensive technical training programs for staff members, enhancing overall team competency level
• Define queries for a wide-range of attacks including account probing and credit card probing for ecommerce sites.
• Continually search, monitor and analyze data with custom rules and automation.
• Create rules on the Web Application Firewall to mitigate the risk and co-relation rules to proactively monitor any anomalies in the infrastructure.
• Analyze potential infrastructure security incidents to determine if the incident qualifies as a legitimate security breach.
• Created custom rules to prevent the threat of attacks, proactively analyzing alerts.
• Perform network incident investigations to determine the cause of the security incident, preserving evidence for potential legal action and working with technical personnel and other teams as needed.
  • Produce security incident reports and briefings distributed to the team lead and manager.
  • Initiate escalation procedures to counteract potential threats and vulnerabilities in a timely manner as needed.
  • Inform and advise management on all incidents and incident prevention, implementing continuous improvement measures on a daily basis to identify, assess and resolve complex issues.
  
  Rapid 7 Nexpose for Application Security
  • Continually identify web application vulnerabilities including OWASP Top 10 and offer resolution advice.
  • Work in collaboration with the development teams to prioritize and remediate vulnerabilities throughout the software development lifecycle and to improve security program.
  • Obtained in-depth knowledge of NVD, CVSS scoring, risk ranking and threats and vulnerabilities while performing web application security assessments.
  • Plan and manage the delivery of both automatic and manual Application Security tests and source code reviews on high-risk web applications.
  • Develop, maintain and communicate current and future state security architecture strategies and models and conduct risk assessments, threat modeling and information security reviews.
  Partner with the internal business units to communicate risk and help resolve open vulnerabilities.

Support efforts to maintain and update information security policies and standards and provide security remediation advice and training to technical personnel.
• Develop and enhance internal security processes, programs and procedures and document secure coding guidelines and run training programs to support the internal development of personnel.
• Collect application vulnerability metrics and introduce automated security checks into the application build process.
• Manage the WAF rule-set to address all application security vulnerabilities as needed.

• Enhanced team productivity by implementing agile project management methodologies and streamlining workflows.
• Developed suggestions for technical process improvements to optimize resources.
• Communicated cross-functionally with technology leaders across analysis, architecture, build, quality assurance, deployment and support teams on project execution.
• Created comprehensive documentation of processes and procedures to ensure consistency throughout the department''s operations.
• Worked closely with customers to evaluate various types of risks such as impact, reputation and regulatory.
• Recruited and trained IT team members.
• Evaluated reputation risk and regulatory risk.
• Evaluated customer impact risk, reputation risk and regulatory risk.

• Performed quality code review and removed technical debt and security vulnerabilities.
• Provided technical leadership to team members during system design.
• Contributed innovative ideas during brainstorming sessions that led to the successful execution of key initiatives.
• Provided current best practices and third-party solution alternatives when necessary for functional design documentation.
• Vulnerability Assessment (VA) - Qualysguard
  • Conducted vulnerability testing on different application servers and messaging servers, reporting the vulnerabilities discovered to the effected teams and supporting the closure.
  • Led the deployment of Qualysguard Scanner in the client’s environment and obtained experience in internal and external testing on network infrastructure including firewalls, routers and databases.
  • Monitored and tracked the identified vulnerabilities and issues, providing recommendations for remediation.
  • Identified the critical, high, medium and low vulnerabilities in the applications based on OWASP Top 10 and SANS 25, prioritized based on the criticality.
  • Completed security assessments of online applications to identify the vulnerabilities in different categories.
  
  Data Leak Prevention Solutions (DLP) - Symantec
  • Managed Symantec Data Lead Prevention solutions, developing customized detection policies and data identifiers and prevention techniques including UBS block, incident escalation/evaluation and email prevent.
  • Created incidents metric data for the executive management team, assigned access roles in DLP, developed schema of incident response management and led the compliance management dashboard creation.
  • Tested policies with data identifier for endpoint ad network monitoring systems and set up scanning data a rest, motion and endpoints.
  • Designed context and content inspections for DLP scans, detection responses for incident management, data sanitation procedures for incident mitigation and data tagging principles.
  • Architected and proposed an exact data matching (EDM) model for DLP regulatory policy enforcement and deployed countermeasures to prevent data loss for rephrased or unstructured data blocks.
  • Created network impact analysis for DLP components scanning, reviewed records management in DLP policy design, implemented and tested taps and online modules for DLP architecture and developed right taxonomy for DLP access management.
  • Analyzed incidents generated by DLP, removing the false positives by policy fine tuning and sharing the results of major policy violations and protected critical data with policy designing based on the defined critical data.
  
  McAfee Threat Intelligence Exchange (TIE)/McAfee Advanced Threat Defense (ATD)/SoliCore (MAC)
  • Led the installation of ATD and TIE/SXL server in addition to creating different VM profiles on ADT, configuring advanced threat defense for malware analysis and deploying DXL Client and TIE Module for VSE.
  • Completed policy configuration for observation and enforcement mode and fine-tuned Enterprise Reputation of new executables and files.
  • Led the integration with different security modules including Web, email and TIE and the creation of Hash on EPO for all known malicious files.
  • Provided incident response support including event discovery, alert notification and investigations.
  • Implemented McAfee Application Control and created Whitelist for Application Control.
  
  McAfee ePolicy Orchestrator (McAfee ePO)
  • Administered McAfee Antivirus Enterprise Policy Orchestrator and designed, implemented, configured, enhanced and maintained Hospira’s anti-virus global policies.
  • Managed virus outbreaks and configuration and management of McAfee antivirus application for desktops.
  • Continuously monitored and reported on encryption compliance of Endpoint Encryption and reported to client administrators for critical observed events.
  • Led in terms of McAfee Anti-virus Management and ePO management, supporting McAfee in migration activities.
  • Centrally managed the endpoint machines by designing the policies and client-related tasks through ePolicy Orchestrator.
• Collaborated with clients to determine project specifications and scope.
• Developed network and system architecture according to business needs.
• Reviewed clients' overall app and infrastructure estate, business priorities and success criteria to design transformation plans.
• Resolved complex technical issues by troubleshooting systems, analyzing root causes, and implementing effective fixes.
• Participated in strategic planning sessions to align technology investments with organizational goals and objectives.
• Reduced software development time for critical projects by streamlining processes and utilizing agile methodologies.
• Evaluated emerging technologies to identify potential areas for growth and innovation within the organization''s technical architecture.
• Conducted thorough code reviews to ensure optimal functionality, stability, and maintainability of software products.
• Mentored junior team members on best practices and technical skills, fostering a culture of continuous learning and improvement.
• Collaborated with cross-functional teams to design and implement effective software solutions, resulting in increased customer satisfaction.

• Analyzed log files for anomalies, identifying potential intrusions or malicious activity before significant damage occurred.
• Maintained up-to-date knowledge of emerging threats by attending professional development events and staying informed on industry trends.
• Coordinated incident response efforts across multiple departments, fostering teamwork in resolving complex issues effectively.
• Educated employees on cybersecurity awareness through training sessions, significantly reducing instances of human error-related breaches.
• Vulnerability Assessment (VA) - Qualysguard
  • Performed comprehensive vulnerability assessments using Qualysguard and Nessus Vulnerability Scanner.
  • Obtained valued experience in both internal and external testing on network infrastructure and vulnerability testing on application servers and messaging servers, reporting vulnerabilities to the impacted teams.
  
  Web Filtering Monitoring & Content Filtering - Bluecoat
  • Managed web security for URL filtering, designed policies per the requirements of the user groups and created a static bypass list according to the requirements.
  
  Security Information & Event Management (SIEM) - QRadar
  • Tuned the Security Incident and Event Manager filters and correlations to improve the monitoring, maintaining standard operating procedures, processes and guidelines.
  • Provided detection, monitor and respond to security events and incidents for the supported customer networks.
  • Developed SIEM correlation rules to detect new threats beyond current detection capabilities and customer parsers utilizing regular expressions for various data sources.
  • Created and maintained use cases for specific threats and custom content and signatures that detected malicious and anomalous activity.
  • Monitored security events, conducting regular reviews of log files (Syslog-ng), ensuring systems were maintained with updates to parsing definitions, generating reports, creating performance charts, processing correlated alerts and resolving security threats.
  
  Intrusion Detection System (IDS/IPS) - Cisco
  • Continuously monitored all alerts generated on IDS, managed inSignature and code updates and handled event monitoring and log maintenance.
  • Developed expertise in monitoring network-based IDS/IPS technologies and conducted analysis on captured user, computer and network security events to determine security vulnerabilities, policy violations and malicious behavior.
  
  Public Key Infrastructure (PKI) - Microsoft
  • Managed Microsoft CA and Geotrust CA for generating certificates per the internal/external requests, tracked certificates expiry and follow-ups for the renewal of certificates and handled all certificate mismatch issues for client servers and applications.
• Performed risk analyses to identify appropriate security countermeasures.
• Developed and maintained detailed documentation on security processes, facilitating knowledge transfer and ensuring consistency in procedures.
• Conducted regular vulnerability assessments to identify weaknesses and implement appropriate countermeasures.
• Reviewed existing security architecture for improvements that aligned with evolving business needs while minimizing risk exposure.
• Developed plans to safeguard computer files against modification, destruction, or disclosure.
• Collaborated with IT teams to develop comprehensive cybersecurity strategies, reducing risks from external attacks.
• Assisted in the successful completion of security audits, resulting in a boost of client trust and confidence.
• Managed access controls for sensitive information systems, safeguarding data integrity and confidentiality.
• Implemented multi-factor authentication measures, strengthening overall network defenses against unauthorized access attempts.
• Conducted security audits to identify vulnerabilities.
• Participated in tabletop exercises simulating cyberattacks, leading to better preparedness for real-world incidents.
• Evaluated third-party vendors'' security posture during contract negotiations, ensuring adherence to organizational requirements and minimizing risk exposure.
• Streamlined incident response procedures for quicker threat mitigation and improved system uptime.
• Conducted detailed risk assessments for new software implementations, ensuring alignment with security standards before deployment.
• Strengthened network security by implementing advanced firewall configurations, reducing vulnerability to cyber-attacks.
• Coordinated with external auditors during security certifications, showcasing organization's commitment to maintaining high security standards.
• Conducted regular system audits to ensure compliance with industry best practices, leading to fortified security posture.
• Led response to security incidents with professionalism and discretion, minimizing impact and restoring operations swiftly.
• Reduced incident response times by establishing streamlined protocol for identifying and mitigating security breaches.
• Played key role in negotiation of contracts with security service providers, ensuring cost-effective solutions without compromising on quality.

• Collaborated with IT teams to ensure seamless integration of security measures into existing infrastructure.
• Conducted internal audits to identify areas of improvement within the organization''s information security program.
• Reduced vulnerabilities by performing thorough penetration testing on a regular basis.
• Conducted security audits to identify vulnerabilities.
• Streamlined threat monitoring processes for quicker identification of potential risks.
• Supported legal teams in investigations involving cybercrime or data breaches, providing crucial technical expertise.
• Increased organizational resilience with the development of comprehensive disaster recovery plans.
• Optimized resource allocation by prioritizing identified risks based on their potential impact on business operations.
• Championed a culture of continuous improvement through regular evaluations of existing security measures against established benchmarks and metrics.
• Mitigated risks associated with remote access by implementing strict access controls for external users.
• Managed relationships with third-party vendors to ensure timely delivery of essential security products and services.
• Strengthened network security by conducting regular risk assessments and implementing appropriate countermeasures.
• Improved incident response times by creating and maintaining detailed incident response procedures.
• Performed risk analyses to identify appropriate security countermeasures.
• Developed plans to safeguard computer files against modification, destruction, or disclosure.
• Data Leak Prevention Solution - Websense
  • Managed the Websense Data Leak Prevention solution, architecting the design, implementation and deployment of the Websense DLP Solution across TCS India and overseas that protected data loss through Web, e-mail and end-point channel.
  • Analyzed incidents generated by DLP, removing the false positives with the help of policy fine tuning and sharing the results of a major TCS policy violation/misuse of client and TCS information with top management.
  • Differentiated OU’s in protecting their critical data with policy design based on the defining critical data.
  
  Web Filtering Monitoring & Content Filtering - Websense
  • Managed all aspects of the Websense Web Security for URL filtering, designing the different Websense policies per the requirements of the different user groups and ensuring integration with other security solutions.
  
  Security Information and Event Management (SIEM)
  • Created customized alerts and reports in RSA Envision per the requirements from the device owners, integrating different devices including RSA OTP server and IDS.
  • Designed, developed and recommended measures that ensure the successful up-time of the company’s security infrastructure and distributed computing environment architectures.
  • Worked in collaboration with key customer personnel on the macro design elements for the SIEM system including data/event source collection protocols and methods, asset risk weighting criteria and asset classification profiles.
  
  Compliance & Patch Management
  • Ensured security compliance against security policy, procedure deployed and implemented in the network using the Symantec Enterprise Security Manager.
  • Continually reviewed business processes for overall effectiveness and to identify risks associated with the internal controls system.
  • Correctly identified processes and structures to organize and manage the organization in an ethical manner.
  
  Vulnerability Assessment (VA)
  • Performed vulnerability assessments using Nessus Vulnerability Scanner, McAfee Foundstone Vulnerability Manager, Nexpose and Tool.
  • Obtained valued experience in both internal and external penetration testing on network infrastructure including firewalls, routers and databases using the Metasploit Penetration tool.
  • Conducted vulnerability testing on a number of TCS Application Servers and Messaging servers, reporting discovered vulnerabilities to the concerned teams and supporting the closure.
  • Prepared and delivered comprehensive reports at the completion of the testing process that detailed identified security issues, providing a rating of severity and recommending best practices for remediation.
  
  Virtual Private Network (VPN)
  • Managed the VPN gateways for the organization, single and multifactor authentication via Smart Card certification and RSA Secure ID and the generation of SSL certification for secure access.