Nevan Elangovan

• Validated SOC samples to ensure comprehensive coverage within the company
• Built evaluations based on requests and OpCo assessments, conducting baselining with pre-PROD execution and integration testing
• Contributed to the migration initiative from on-premises to SaaS for MSV, showcasing adaptability and strategic involvement
• Led investigations for event review, initiating remediation processes to enhance incident response
• Developed multipurpose scripts, simplifying reporting processes and increasing efficiency
• Troubleshot major platform issues, focusing on seamless integration and significant data acquisition in Splunk
• Generated tickets and collaborated with control teams for efficient incident remediation
• Addressed queries from control teams as the Subject Matter Expert (SME) of MSV, providing valuable insights and solutions
• Amplified assessment reports for senior leadership with technically informed insights from exhaustive testing procedures
• Drove initiatives to enhance team efficiency, introducing innovative ideas and customized automation strategies
• Pioneered the development and implementation of cutting-edge automation scripts, ensuring precision in assessments
• Troubleshot MSV platform issues, swiftly identifying and mitigating issues to maintain optimal performance
• Investigated and analyzed actors within the MSV platform, fortifying threat intelligence and response capabilities
• Integrated automation seamlessly into diverse assessment processes, increasing efficiency and reducing errors
• Implemented refined methodologies for assessing security controls, consistently elevating the quality of assessment reports
• Actively contributed to fostering a culture of continuous improvement, shaping the strategic direction of the security program
• Collaborated seamlessly with GSIRT, OpCo, and cross-functional teams, ensuring alignment with overarching security initiatives
• Took lead in automation for streamlined and efficient assessment procedures.

• Managed and configured security controls (Palo Alto, McAfee, HX Carbon Black) at Sony
• Conducted comprehensive testing on network and endpoint devices before production deployment
• Performed functional, baselining, and effectiveness testing to identify and address vulnerabilities
• Orchestrated Proof of Concepts (POCs) to seamlessly integrate new security products, staying ahead of emerging threats
• Collaborated effectively with the Security Operations Center (SOC), actively investigating and testing samples to enhance threat coverage
• Pioneered the use of Python scripts for proactive automation, significantly boosting task efficiency and reducing errors
• Shared valuable insights derived from automation with managerial and principal stakeholders
• Troubleshot the Mandiant Security Validation (MSV) platform, promptly identifying and addressing issues to maintain optimal performance
• Investigated and analyzed actors within the MSV platform, elevating threat intelligence and response capabilities
• Crafted and maintained detailed technical documentation, outlining security controls, testing procedures, and automation scripts
• Shared findings from testing, POCs, and incident response activities, fostering knowledge sharing within the security team
• Stayed informed about the latest security threats, vulnerabilities, and industry best practices, driving continuous improvement initiatives
• Proposed and implemented enhancements to security processes, tools, and technologies, contributing to Sony's robust defense against cyber threats
• Collaborated effectively with cross-functional teams, including IT, development, and operations, to ensure a holistic and proactive security posture.

End Client - United Airlines

• Conducted real-time analysis of user, computer, and security events, identifying security vulnerabilities, policy violations, and malicious behavior.
• Monitored and analyzed infrastructure security using Splunk and Netbrain, ensuring a proactive approach to threat detection and mitigation.
• Implemented and managed security devices and cloud applications (AWS, Azure) hands-on, overseeing network, database, and application monitoring.
• Served as the central contact point for user support and problem management, handling various managed security applications such as Firewall, IDS, Encryption, SOAR, SIEM, EIQ, and Web filtering.
• Utilized a custom sandbox for isolating and unpacking malware, monitored registry changes, and employed tools like Metasploit and Nikto to identify malware communication channels.
• Collaborated closely with the Senior Manager of Information Security, contributing to the enhancement of security strategy and direction for the Digital Experience (DE) team.
• Played a key role in the implementation of DE information security initiatives, ensuring alignment with organizational goals.

End Client – Progressive Insurance

• Collaborated on the enhancement of guidelines, processes, and procedures to improve incident response times, focusing on incidents in both cloud (AWS) and on-premises environments, as well as overall SOC functions.
• Spearheaded efforts to enhance security efficiency by automating work processes, collaborating seamlessly with team members and IT staff to achieve common objectives.
• Conducted security incident investigations, identifying the root cause and preserving evidence for potential follow-up actions, utilizing SIEM tools such as Splunk and LogRhythm.
• Worked closely with the Vulnerability Management team, orchestrating a security scan in the new headquarters using tools like Qualys Guard and Nessus.
• Performed comprehensive security assessments utilizing a wide variety of penetration tools, including open-source and commercial tools like Kali-Linux distro tools, Wireshark, Nikto, Maltego, Metasploit, and Burp Suite.
• Duties encompassed incident response, intrusion analysis and methodologies, as well as network surveillance and monitoring.

• Worked on day-to-day operations of computer network support that includes maintenance of Active Directory (For reg changes), hardware/software and LAN systems in the campus
• Resolved Tier II Support tickets for issues related to on-premises and AWS environment for faculties and students
• Perform Quality Assurance, Testing activities, defect reporting, and related project administration tasks
• Securing network by developing network access, monitoring, control, evaluation, and maintaining documentation of the network.
• Monitored systems in operation and quickly troubleshot errors.
• Translated complex technical issues into digestible language for non-technical users.
• Assisted with updating technical support best practices for use by team.

• Worked on day-to-day operation with Symantec End point protection security application
• Resolved Tier III Support tickets for issues related to the product and connectivity issues
• Excellent understanding and experience of architecting, engineering and automating Windows Security solutions for a Global environment of 100,000+ Endpoints
• Assisted red team in pen-testing & vulnerability management for compliancy assessment
• Coordinate and perform security audits and vulnerability assessments to assess internal security procedures and compliance requirements
• Experience with endpoint security solutions for application whitelisting; application blocking, HIPS; antivirus, DLP
• Responsible for the security compliance of IBM supported servers and network devices across the Infrastructure