Yatin Vasisht

• Working on Endpoint Security Team
• Leading Cyberark EPM agent deployment for application control at Costco
• Deployed CyberArk Agents to 100k endpoints, configured application control including international locations
• Leading migration of Tanium Console from on-prem to cloud environment
• Worked on Cortex XDR for Detection and Respsonse
• Collaborated with cross-functional teams to develop comprehensive cybersecurity policies and procedures.
• Collaborated with SOC and IR to fine tune alerts
• Optimized XDR configurations to provide maximum protection without inhibiting productivity or performance.
• Maintained up-to-date knowledge of industry trends and threat landscape through ongoing research and professional development activities.
• Conducted regular audits of IT infrastructure to ensure adherence to established cybersecurity policies and best practices.

Working as a Senior Security Engineer

• Worked as an Endpoint Security Engineer
• Leading migration of Tanium Console from on-prem to cloud environment
• Managing Tanium and implementing controls using Tanium
• Working with different teams to make sure WAF's/Firewalls and other devices are ready for migration
• Working closely with Incident Response and Detection team to help them tune detections on Crowdstrike
• Collaborating with IR and Detection team for log ingestion in Splunk
• Crowdstrike deployment on Endpoints - on-prem or in-cloud
• Deployed Tanium and Crowdstrike on more than a 1M endpoints
• Working closely with different security teams and creating an intakes to improve logging and security posture
• Working closely with different BU's to gather requirements and work cross-functionally to make sure we deliver the sensors according to requirements
• Using GitHub, Terraform to maintain internal infrastructure
• Managing our SG's/WAF rules etc using our pipelines according to company standards
• Configuring logging for AWS for notifications and alerts on security instances/devices.
• Working on day-to-day KTLO items
• Working on Proofpoint for Email Security

• Working as a Endpoint Engineer at Visa
• Helping with Detection and Response across all OS - MAC, Windows and Linux
• Creating Endpoint Detections using Tanium, Carbon Black, Windows Defender, Windows and MAC Firewall and other endpoint tools
• Suppressing alerts and tuning detections, based on alerts and requirements
• POC for Endpoint EDR solutions - Crowdstrike, Windows Defender
• POC's - Tested different scenario's and chose the best tool for our environment based on multiple factors
• Deployed Phishing tool for MAC and Windows
• Enhancing the Detections on Mac OS, using Tanium and other native solutions
• Creating Detections which feed into Splunk and Qradar for the Incident Response team
• Capturing processes and working on real-time problems to make sure endpoints are secure and users have connectivity
• Work closely with Client Engineering to maintain security standard for the OS's images
• Day-to-day also include, tickets/incidents handling and maintaining health and detections on the tools

• Lead Security Design and Architecture Engineer/Analyst
• Lead Cyber Security Engineer
• Architected Security posture for AWS Security
• Deployed and executed different policies and controls to improve Enterprise Security posture
• Senior Investigator SIRT
• Created templates and policies for IPS/IDS and Network Security products that are followed for any deployment
• Managing Security aspect of 140+ sites - Helped standardize IPS deployment throughout those sites
• SME for Network Security related technologies - SIEM, Palo Alto's, Cisco ASA's, NAC, VPN etc.
• Completed SANS - Advanced Network Forensics: Threat Hunting, Analysis and IR training and won the Forensics challenge
• Implemented Security Features Enterprise-wide - DNS Sinkhole, IPS, Anti-malware/Anti-Spyware, IPS, Application layer security etc.
• Developed process for SIEM Alerts and triaging those alerts
• Architect Security posture for AWS Security
• Deploying NAC solution in our environment - ForeScout
• Carbon Black alerts triaging and blocking
• Working knowledge of TCP/IP, DNS, HTTP, TLS and other networking concepts