MANNAN FAROOQUI M ABDUL

• Responsibilities include providing high quality risk assessments with a focus on early identification of security requirements/controls for quality assurance in support of regulatory requirements (e.g., PCI-DSS, NIST, ISO-27001, HIPAA, CCPA) utilizing available Governance Risk Compliance (GRC) technology tools
• Influence the integration of security best practices and design earlier in the solution development lifecycle
• Identification of potential security vulnerabilities based on the results of DNR checks, design review observations, code scans, IAM scans, penetration testing results, cloud maturity assessments and the corresponding security consulting on risk mitigation options
• Proactively engage with business partners to aid in the identification of information security and privacy risks, vulnerability mitigation, and understanding solutions of business partners
• Collaboration with business partners to complete highest priority risk assessments and to influence mitigations rather than risk acceptance
• Utilize DAST (Burpe Suite) and SAST tools (Snyk) for conducting scans, identifying vulnerabilities, and engaging in communication and dialogue with business partners regarding potential remediation
• Conduct security audits to identify vulnerabilities
• A significant part of my role involves supporting the entire vulnerability lifecycle, from discovery to assessment, reporting, remediation, and validation and analyze them to determine their severity, likelihood of exploitation, and potential impact on the organization to remediate them
• Collaborate with governance teams in formulation of enterprise security policies and technical standards related to vulnerability management, securing assets and data in alignment with industry standards and frameworks
• Facilitate and track remediation and corrective action plans, using ServiceNow, Jira and Archer, for identified vulnerabilities during assessments and audits
• Monitor and evaluate effectiveness of enterprise cybersecurity safeguards, using Nessus Tenable, to ensure they provide intended level of protection
• Partner with vulnerability management teams to maintain an enterprise vulnerability management platform and scanning architecture
• This involves configuring the platform to scan for specific vulnerabilities based on organizational priorities, managing scanning schedules, analyzing scan results, and generating reports for senior leadership
• It also involves ensuring that the platform is continuously updated with the latest threat intelligence feeds to stay ahead of emerging threats
• Work closely with information security engineers to develop cybersecurity architecture components that address evolving threats
• Stay vigilant in recognizing and sharing information on both existing and new security risks
• Evaluate compliance/gaps/remediation assessments against Payment Card Industry Data Security Standard (PCI DSS)
• Closely work with the incident response team to identify the root cause of security incidents, contain any damage, remediate any vulnerabilities that were exploited, and prevent similar incidents from occurring in the future
• It also involves providing regular updates to senior leadership on the status of incident response efforts.

• Supported Cloudera Distribution of Hadoop Eco system and managed Hadoop clusters in Production, dev and DR environments.
• Integrated Windows Active Directory with Hadoop Application.
• Integrated LDAP authentication and Azu MFA Authentication for Hadoop Clusters using MS Azure.
• Disabled deprecated protocols, weaker Cipher suites and hashing algorithms on our application services.
• Integrated Hardware security module (HSM) with Hadoop Keytrustee service for our clusters for managing keys and controlling Encrypt and decrypt operations on EZ zones.
• Managed the TLS certificates for our application and ensuring all the deprecated traffic/protocols are disabled from platform to ensure security and stability of our consumers.
• Worked with in-house cyber security and defense control team to create alerting and monitoring for our non-hum admin accounts and its operations.
• Implemented Kerberos Authentication for all services within Hadoop cluster.
• Responsible for actively monitoring Audits to measure denied accesses, deletions, update to crucial files and fold
• Was responsible for creating and managing user, groups and entitlement roles to manage access within our area maintain least privilege access model.

• Was Responsible for installation of OS Patches, hardware, software and firmware upgrades
• Installation of SSL certificates on Linux servers
• Maintained network and data security, maintained security compliance policies on OS for SOX andinternal audits
• Responsible for storage, Disk management, Logical Volume management
• Responsible for managing User accounts, system security, change management and performance tuning
• Set up and maintained NFS, NIS and TCP/IP network, configured the systems for TCP/IP networking withthe existing LAN, setting up SSH and SCP features between SUN systems and RedHat/Unix Hosts
• Integrated Linux Environment with Active directory and SSO
• Configuration and administration of LDAP and NIS in Linux and also implemented SAMBA for sharingresources between Windows and Linux.

Involved in installation and configuration patching and maintenance of windows 2008/2003 on HPservers

• Involved in up gradation of Active Directory 2003 to 2008 and troubleshooting AD problems
• Involved in building and installing servers and managed them remotely for software upgrades and patches
• Tested Anti-virus updates, OS patches in test environment before deployment
• Provided support to application teams on IIS configuration, ensure availability and capacity of key services such as file, print, DHCP and DNS.