| Contact Information | |
| Name: | deepak mishra |
| Email: | deep_mishra33 (at) yahoo.co (dot) in [email concealed] |
| Location: | Hyderabad, Andhra Pradesh, India |
| Resume | |
| Position/Title: | Manager, Information Security |
| Resume: |
Mobile:9912740100 Deep_mishra33 (at) yahoo.co (dot) in [email concealed] DEEPAK MISHRA MCP, CCSA, CCNA, CEH, Diploma Web Security Administration, CISSP training from ISC2, IRCA certified ISO 27001 Lead Auditor, TUV certified ISMS implementer. Summary Around Six years of diversified professional work and experience in Information Security, Attack and Penetration, ISMS implementation, Information security auditing, Forensic Investigations, along with implementation experience in e-security products and networking products in multi-platform environments. Core Strengths  IT Security policies, procedures, guidelines according to ISO 27001, 27002 standards.  Enterprise wide Risk Assessment Methodologies & frameworks according to ISO 27005 standards.  Disaster Recovery Planning and Business Continuity Management  Attack and Penetration testing  IDS/IPS Signature Development  Vulnerability Research and Verification  Forensic investigation handling  Project Management  Designing/Implementing Secure System/Network Architecture  Incident Response Management  Application Patching, OS level Vulnerability Patching Network Device Patching Rating as per the skill levels: Technical skills: Operating System Windows NT/2000/2003, Linux and Solaris 8.0 (Partial) Sniffers Cain and Abel,ethereal,tcpdump, Firewalls CheckpointR55, Microsoft ISA 2000 & 2004, Symantec SGS 1.0/2.0/3.0 and Netscreen. Intrusion Detection System ISS (Internet Security Scanner) Real Secure, ipolicy magic firewall,HP open view,Fortinet,Tumbleweed. Routers Cisco, Nortel Networks Penetration/Vulnerability tools NETCAT,Coreimpact,Metasploit,Tomhawk,GFI network security Scanner, MBSA, Retina, Nessus, Nmap etc. Anti Viruses Trend Micro, Symantec. Mail Servers Microsoft Exchange 2000 & 2003 Database Server SQL 2000 management Enterprise Management System Cisco Works Firewall Management Software Solsoft Forensic Tool Encase Risk management tools EBIOS, Mehari, Sprint, Sara. Professional Experience Avaya Location Hyderabad Duration Nov 2007 – Current Designation Security Audit Expert Roles & Responsibilities • To Plan-Deploy-Review of Risk & Compliance Management activities. • Monitoring and reporting technical compliance to the Avaya and its business partners with the ISMS policies. • Conducting internal IT Security audits to ensure compliance with ISO 27001 pertaining to Avaya information security. • Performing vulnerability assessments and penetration testing and taking the required counter actions and measurements to ensure the security of the IT infrastructure / systems. • Perform technical risk assessments and validate similar findings where third party is engaged to perform risk assessments according to the ISO 27005 standards. • Engaged in documentation and maintenance of ISMS policies & procedures. • Developing robust processes to support ISMS policies. • Developing and sustaining the information security awareness program within Avaya. Symantec Corporation Location Pune Duration Jan 2007 – Sep 2007 Designation IT Infrastructure Security Specialist (Global Security Engineering) Roles & Responsibilities • Provides management with risk assessments and security briefings to advise them of critical issues that may affect customer, or corporate security objectives. • Performed automated Penetration testing against the target for assessing the security posture of the company. • Perform architectural review, Security policy, firewall rule base analysis, application testing and general benchmarking using the Manual penetration testing. • Project Management • Consulting/Designing/Implementing and Maintaining Network Infrastructure • Approval and Implementation of Firewall Changes and Incidents Projects. • Designed and implemented secure setup for Monitoring (Telstra Telecom - Australia) Feb 2007 to March 2007. • Designed and implemented External zone concept for restricted labs (Pune – India) June 2007 to August 2007. • Handling web related vulnerabilities & Web traffic inspection through Tumbleweed. • Designed and implemented secure for Network design and between vulnerable testing labs and production segments (Pune – India).May 2007 to July 2007. • Handling Firewall Change Requests • Security Device patch testing and deployment • Periodic installation planning and deployment • Regular Vulnerability Assessment Scanning and reporting. • Providing second-level response & investigation to security monitoring team • Investigate abnormal events, qualify potential security breaches, raise security incident alerts and perform technical & management escalation • Implement second level mitigation action in response to confirmed security incidents and answer to Network Security Experts escalations for verification and possible further mitigation actions • Handling responses to live DoS, ADoS, and other malicious code events. • Postmortem analysis of those events and planning for prevention of future events. IPOLICY NETWORKS: Location Noida Duration July 2006 – Dec 2006 Designation Researcher and Developer Roles & Responsibilities • Responsibilities include finding vulnerabilities/exploits using various TCP/IP packet debugging tools, searching through security sites and developing algorithms/signatures to detect them. • Performing the Gap analysis to measure how complete are a systems security measures. • Performing the Fault tree and attack tree analysis as a deductive, top down method for evaluating systems events. • Understanding the vulnerabilities of various systems, how attackers are exploiting those and develop intrusion detection and prevention signatures. • Familiarity with Networking protocols such as TCP/IP & Network Security - Protocol Analyzers, IDS, Intrusion Analysis, & Intrusion prevention firewall. • Part of the Security Research group (SRG), which has the core responsibilities of research & development in the intrusion prevention firewall. • Developed various signatures for the firewall at the protocol level, application level & constructing the signatures in the deliverable format. • Responsible for developing Advisories for the latest threat available in the National Vulnerability database. The advisories include the threats related to SQL Injection, cross-site scripting, Buffer overflow etc. • Worked on tools like: Metasploit, Core impact, Tomahawk, Intruder pro, NGREP, Karalon. • Specialization in executing the false positive & false negative testing for various signatures in relational with corporate traffic. • Constructing the signatures in the Perl format & performing the end-to-end testing for the same. • Crafting the packet through Karalon tool and sending them in the Intrusion prevention firewall for various testing need to be done for the signatures. • Performing Vulnerability assessment for the various products of ipolicy networks and in-house products. Periodically performing Penetration testing for the in-house products and preparing detailed reports for the same. HCL Location Noida Duration Jan 2005-June 2006 Designation Network & Security Analyst Roles & Responsibilities • Was the part of first BS 15000 certified offshore management centre(OMC) • Responsible for maintaining the Network Security. • Part of the Disaster recovery team • Providing - Network Security -Support on 24*7 bases To A Fortune 100 Company in USA • Job involves the identification, monitoring and troubleshooting various security threats & performing the internal and external vulnerability scanning as per the SLA, effectively using the IDS for both detection of threats early and safe guarding against them. Building and Maintaining Firewalls in various architectures • Network Management Using Software Applications, i.e. HPOVO. • Performing 1st level Trouble shooting of global WAN Devices (outside US), and LAN of hub sites in US. • Initial Problem/Root Cause Analysis & Resolution • Customer Interaction & Problem Management through Remedy Trouble ticketing System in a SLA based environment. • Checkpoint/Cisco VPN client troubleshooting for home users/clients of AMD. managing policies, creating rules, perform ant spoofing on firewall ( checkpoint NG FP 3) • Firewall Monitoring and Management: Monitor critical parameters, maintain rule base, change configuration, analyze Logs, and notify exceptions, co-ordinate with vendors to resolve the issue in Firewall & reports periodically. • Perimeter Firewall Policy change management and implementation • Taking back ups of configuration on routine basis. • Handling port opening request for particular applications as per customer requirement • Network Management Using Software Applications, i.e. HPOVO. • Performing 1st level Trouble shooting of global WAN Devices (outside US), and LAN of hub sites in US. • Initial Problem/Root Cause Analysis & Resolution • Customer Interaction & Problem Management through Remedy Trouble ticketing System in a SLA based environment. • Checkpoint/Cisco VPN client troubleshooting for home users/clients of AMD. Managing policies, creating rules, perform ant spoofing on firewall (checkpoint NG FP 3) • IDS/IPS (ISS ) Installation and Management of IPS infrastructure. Management – Policy changes / signature updating. Monitoring – IDS/IPS sensor status. Response to emergencies. Investigate an incident • SIM Management (Net Forensics) Installation and Management of Net Forensics Infrastructure. Analysing possible threats detected by SIM. Indus engineering Co: Location Mumbai Duration January 2003-December 2004 Designation Network & Security Analyst Roles & Responsibilities • Maintaining and monitoring existing systems and network setup • Managed firm’s Internet presence. Education Qualification • B.Tech in Electronic Engineering from Mumbai University. Personal Details Date Of Birth 26 Jan 1981 Age 27 yrs Sex Male Marital Status Single Contact Details Present Address 104,Indradri towers,Allwyn colony,Miyapur Hyderabad Permanent Address A/19, Hemangi Soc,Pandurangwadi,Dombivli(E),Maharashtra Email deep_mishra33 (at) yahoo.co (dot) in [email concealed] Mobile 9912740100 Professional Achievements  A++ Award for best performance at Symantec Corporation. |
