Riya Gandhi
Lawrence,NJ
Summary
Highly motivated individual with 5 and more years of experience in the Information Security/Business Analyst field, with a robust history of enhancing corporate security posture through strategic audits, network security, risk assessment and cloud posture. Looking to utilize my education and professional experience with security products by identifying, investigating, analyzing, and mitigating security threats.
Overview
7
7
years of professional experience
1
1
Certification
Work History
Information Security Analyst
United Parcel Service, UPS
01.2022 - Current
- Support corporate SIEM SaaS Platform and SOAR on-prem environment by working with vendor to identify and resolve any issues. Troubleshoot system issues with vendor support.
- Address Ad-Hoc requests of SOC to facilitate SIEM for the SOC analysts. Address new requests from other UPS teams.
- Patch the on-prem SOAR environment on both application and container server with the latest version after testing the patch in test/DR environment.
- Renew, revoke and configure internal digital certificates on Linux server for on-prem application and Single-sign-on certificates using Azure Entra for SIEM and SOAR app.
- Conduct security audits after every patch to identify vulnerabilities using tools like Qualys and Wiz.
- Manage and Support cloud solution, Azure platform. Created virtual machines, event hubs, set up network security to ingest Azure logging into UPS SIEM application.
- Configured Azure Single-Sign-on for more than 3 application in Solution Security team to meet company's security policy.
- Monitor and analyze cost management for cloud platform. Reduced large number of logs ingestion (noisy logs) and decreased 10% of costing in Q1'24.
- Conduct risk assessment, administer and maintain user access controls, processes and procedures to prevent unauthorized access, modification, or misuse of resources.
Business System Analyst - Information Security
United Parcel Service, UPS
07.2020 - 12.2021
- Collaborated with stakeholders to define project scope, objectives, and deliverables for application projects.
- Leading cross-functional team meetings, conducting timely follow-ups to track deliverables.
- Managed/coordinated Security Risk Assessment (SRA) effort with Enterprise Security team for the Cloud platform SaaS, PaaS and on-prem.
- Reviewed and analyzed Oracle Fusion Cloud application security assessment documents; SOC2, CAIQ. Created fit/gap analysis report to understand security posture for SaaS platform.
- Evaluated vendor proposals with team to select the most suitable solutions for business needs while maximizing cost efficiency.
IT Asset Management Analyst - Hardware
Port Authority of NY and NJ
06.2017 - 06.2020
- Maintained and oversight companies’ assets including inventory, provisioned hardware on a request/project(s).
- Managed and tracked ticking system in ServiceNow, studied critical dependencies on each module by analyzing incident tickets, performed root cause analysis to identify/prevent reoccurring problems/risks.
- Handled vendor calls to help bring resolution to on-going issues. Improved internal knowledge sharing by developing comprehensive documentation outlining standard operating procedures for various tasks.
Education
Master of Science in Information Systems -
New Jersey Institute of Technology
Newark, NJ05.2021
Bachelor of Science in Information Technology; Specialization – Network & Security -
New Jersey Institute of Technology
Newark, NJ08.2017
Skills
- Cloud Security
- Cloud Management
- Vulnerability Assessment
- Single-Sign-On (SSO)
- Application User Auditing
- Cost Analysis
- Patch management
- OS: Linux, Windows 8, 10, 11
- Applications: Security Information and Event Management (SIEM), Security Orchestration, Automation, and Response (SOAR), Azure, AWS (Basic), Qualys, Wiz, OneTrust, ServiceNow,
- Networking: TCP/IP, OSI model, Routing, Internet Communication, ICMP, IoT
- Other: Strong communication skills, ability to collaborate and manage projects, leadership skills, adaptive to change, excellent attention to details, organizational skills, and a quick learner
Certification
- GIAC Security Essential - Network, Endpoint and Cloud Certified - SANS training center, 2023
- Business Analyst Certified - NJIT, 2021
Timeline
Information Security Analyst
United Parcel Service, UPS
01.2022 - Current
Business System Analyst - Information Security
United Parcel Service, UPS
07.2020 - 12.2021
IT Asset Management Analyst - Hardware
Port Authority of NY and NJ
06.2017 - 06.2020
Master of Science in Information Systems -
New Jersey Institute of Technology
Bachelor of Science in Information Technology; Specialization – Network & Security -
New Jersey Institute of Technology
Similar Profiles
Jaydeep VyasJaydeep Vyas
Warehouse associate at United Parcel Service, UPSWarehouse associate at United Parcel Service, UPS
Gregory MitchellGregory Mitchell
Delivery Driver at United Parcel Service, UPSDelivery Driver at United Parcel Service, UPS
LouisAnthony LevarioLouisAnthony Levario
Operations Supervisor at United Parcel Service, UPSOperations Supervisor at United Parcel Service, UPS
Jaime Rodriguez CervantesJaime Rodriguez Cervantes
Building and Systems Engineering Supervisor at United Parcel Service, UPSBuilding and Systems Engineering Supervisor at United Parcel Service, UPS
Brandon PreusserBrandon Preusser
Lineman at Public Service Electric and GasLineman at Public Service Electric and Gas