Cyber Security professional with 6+ years of experience, skilled in Incident Response, Threat Hunting, Endpoint Security, and Red Teaming. Along with-it 16+ years of rich systems administration experience.
- Incident response by tirage, investigate, contain, remediate, and recover from cyber security incidents.
- Threat hunting with leveraging EDR, XDR, Proxy, SIEM, SOAR and other open source and commercial tools
- Expert on EDRs like Crowd Strike Falcon, Sentinel One, Trend Micro Deep Security, and Windows Defender Advanced Threat Protection.
- Working knowledge of Red Teaming as Attack Simulation, Adversarial Tactics, Detection Evasion
- Create Threat hunting queries for proactive defence and detection
- Static Malware analysis and reverse engineering with tools and sandbox.
- Holistic understanding of the cyber threat landscape, vulnerabilities, and mitigation strategies, aligned with industry best practices.
- Automation, scripting (Python & PowerShell), and leverage tools and technologies to improve efficiency.
- Knowledge of and their adversary tactics, techniques, and procedures for proactive threat hunting and threat analysis to mitigate threats.
- Knowledge of Cloud Security, Cloud infrastructure of AWS and Azure platform.
- Port scanning, packet crafting, and traffic analysis with tools like Nmap, Hping, Netcat, Tcpdump, and Wireshark.
- Knowledge of Kali Linux and tools meterpreter, payloads, exploits, reverse shells, encoders, and scanners.
- Identify anomalies, malware, exploit attempts, payloads, access violations, and availability issues.
- Understanding of Mitre ATT&CK and D3FEND frameworks, risk, impact, mitigation, threat or CVSS scoring system.
- Knowledge Firewalls, UTMs, WAF, Routers, Switches, Network infrastructure and Cloud infrastructure.
Incident response to triage, investigate, contain, remediate, and recover from of cyber security incidents reported from EDR, SIEM, SOAR, XDR and other tools and platforms. Threat hunting leveraging EDR, SIEM, SOAR, XDR, and other tools. Sandboxing of software. Static Malware analysis.
Security monitoring and Incident response to cyber security incidents to triage the incident and mitigate it. Create proactive cyber defence with threat hunting and threat analysis to identify and patch vulnerabilities in the infrastructure, prevent data and security breaches.
Create security controls for secure configuration of Operating Systems, Databases, Applications, Services, Network Services, and Network devices based on CIS & DISA or vendor-described secure configuration guidelines for Qualys Guard Policy compliance module.
Security monitoring of Servers, Networks, and Services to mitigate any security incident. Monitoring, reporting, hardening, security audit, vulnerability assessment, and penetration testing of systems Linux, Windows systems, and Network infrastructure.
- Certified Cyber Threat Intelligence Analyst (CTIA), certification from EC-Council (ECC7950346821)
- Certified Ethical Hacker version 9 (CEH), certification from EC-Council (ECC74143996924)
- Security Threat Intelligence, training, and certification from Skillsoft
- CompTIA Certified Penetration Tester (PenTest+), training and certification from LinkedIn Learning
- CompTIA Cybersecurity Analyst (CySA+), training and certification from LinkedIn Learning
- Learning Cyber Incident Response and Digital Forensics - training and certification from LinkedIn Learning
- Azure Sentinel Training Course - Cloud Native SIEM in Cloud training and certification from Udemy
- Hands-on in installation, configuration, troubleshooting, maintenance, and hardening of Linux-based server systems
- Administration of Windows environment services like Active Directory Domain, Group Policies, DNS Management, DHCP Scope, Web Services, and Remote Desktop
- Administering Azure & AWS cloud infrastructure and services.
- Working knowledge of Docker and container management technologies
- Network packet analysis with packet analysis tools like Wireshark, Tshark, and TCPDump.
- Understanding of Bash scripts, PowerShell scripts, and Python scripts.
- Knowledge of protocols like TCP, UDP, DNS, DHCP, FTP, SNMP, SMTP, SSH, SSL, RDP, and HTTP working and features.
- Installation and configuration of services SSH, LDAP, DNS, DHCP, NFS, Samba, HTTP, Proxy, FTP server.
- Knowledge of IPsec, NAT, PAT, VPN, IPS/IDS, Proxy, Load Balancers, VLAN,
- Basic scripting knowledge in Linus bash, shell scripting, and PowerShell command line and modules
- Understanding of Switches/Firewalls/UTM/Routers configuration and settings
- Microsoft Azure Fundamentals Certification AZ-900, from LinkedIn Learning
- Microsoft Azure Administrator Associate AZ-104, from LinkedIn Learning
- Microsoft Azure Security Engineer Associate AZ-500, from LinkedIn Learning
- AWS Certified Solutions Architect - Associate 2019, from Udemy
- Completed Red Hat Enterprise Linux 7 RHCE, RHCSA training.
- Advanced Diploma in Computer Hardware & Networking from Jetking School of Electronic Technology
DOB: 3rd December 1979
Gender: Male
Marital Status: Married
Nationality: Indian
Contact number: +91-9892086544
Mail Id: [email protected]
Website: https://vinodmore.info
LinkedIn: https://www.linkedin.com/in/vinodm41
Twitter: https://twitter.com/vinodm41
Github: https://github.com/vinodm41