Prof. Santosh Paga

Design, implement, and maintain robust security architectures which support cloud operations for several Fortune 100 Support all technical aspects of the IDS/IPS ,ASM replacement project design and implementation security, vulnerability, and risk assessments of critical systems, infrastructure, and member firm. Recommending and developing action plans based on these assessments. Threat and Vulnerability Management

Verify network traffic for malwares against latest IOC provided by 3rd party cyber intelligence providing vendors like Crimeware, FS-ISAC and Cyberintel etc. Understanding malwares, exploit kit , APT, Zero days etc behavior and identifying the change in pattern for the payload delivery and callbacks Working on the Source Fire IDS/IPS devices and mitigating the risks by accessing the signature tuning and also adding the new signatur

Analyzing security events received from various security devices and correlated by ArcSight SIEM. Intrusion analysis, incident identification and investigation; incident response. Network traffic analysis on the packet level. Maintaining and improving ArcSight content (rules, filters, reports, etc.) to ensure efficient intrusion detection. Hands-on experience and in-depth security event analysis from the following devices: Sourcefire/Juniper/ISS IDS, Symantec AV/HIDS, WAF, SCOM, etc.

Coordinating with worldwide TPC (Third Party Connection) Suppliers to understand their needs and suggesting multiple technical network & security solutions. Responsible for analyzing, designing & developing commercially viable end-to-end technical solutions for the Ericsson Suppliers. Event monitoring covering high-risk elements for digital systems. Trend Analysis, Daily and weekly report on Security Incidents for all the platforms, Quality Initiative Reports, Weekly Vulnerability Report, etc

Handled multiple services that have a direct impact on the confidentiality, integrity and availability of corporate information systems and data resources. Responsible for the deployment and Management of IDS Devices, Snort / SourceFire Intrusion Detection System (IDS/IPS). Handled Installation, Configuration and Management of HIPS Solutions across multiple servers protecting various applications. Accountable for Tuning Signatures & Policies for reducing false positives.

Supported Cisco ASA & Cyberoam security solutions, and handling support cases that deal with configuration/troubleshooting of firewall/UTM appliances, IPSec/SSL VPNs, Wireless LANs, integrated security services like Intrusion Detection/Prevention System, Content Filters.