SRISHTI BHUGRA

SENIOR CONSULTANT – Cyber Security Consultant

B.Tech, M.Tech, PhD, ITIL, Azure Security Engineer

[email protected]
05/01/1991, INDIAN

CYBER SECURITY
Cyber security consultant with 11+ years of experience in developing and implementing robust security strategies, leading incident respo
nse teams, and ensuring regulatory compliance. Proven ability to identify, assess, and mitigate complex cyber threats, resulting in signifi
cant improvements in organizational security posture. Adapt at using security tools and technologies to detect and prevent cyber threats,
with a strong track record of resolving complex security issues and maintaining system integrity."

SKILL SUMMARY

● Azure / AWS Cloud Support ● Vulnerability Analysis ● Cyber Security tools

● Risk Management ● Penetration Testing ● Microsoft Defender for cloud
● Malware Analysis ● ARM template ● Microsoft Purview Portal
● Vendor Coordination ●Powershell Scripting ● Microsoft Defender Portal
● Change Management ● Incident management ● MS Intune Portal
● Operating System Linux/Windows ● Service Now ● M365 exchange admin center
● Netcool ● Microsoft Defender XDR ● Exchange admin center
● Configuration Management ● Microsoft Sentinel ● Email/Cloud/Endpoint Security

PROFESSIONAL EXPERIENCE

HCL TECHNOLOGIES July 2013 – October 2016, Noida

Leading Global Technology & IT CMMI Level 5 Enterprise, operating across 31 countries including 505 points of presence in India &
having global partnerships with several leading Fortune 1000 firm.
Cyber Security Analyst: Monitored organization’s networks for security breaches and investigated violations. Prepared reports
which documented security breaches and extent of damage caused by breaches. Conducted penetration testing and located
vulnerabilities in systems before they could be exploited.

PROVAL TECHNOLOGIES November 2016 – June 2018, Noida

Leading MNC Chicago based and working on different Cyber Security technologies like Defender ad Intune ,also ticketing tool
ConnectWise managing the tickets and operating in environment of more than thousand servers.
Cyber Security Engineer: Assisted in the development of a security information and event management (SIEM) system, contributing
to a 20% improvement in threat detection accuracy. Monitored network activity using intrusion detection systems (IDS), successfully
preventing 85% of potential cyber-attacks. Conducted regular threat assessments, employing advanced analytics to forecast potential
security breaches and mitigate risks
ACCENTURE July 2018 – December 2021, Gurugram
Accenture is a leading global multinational professional services and Fortune Global 500 company providing a broad range of services in
strategy and consulting, interactive, technology and operations, across 40 industries with presence in more than 120+ countries.
Senior Cyber Security Engineer: Working as Shift Lead with hands-on experience on Azure and AWS cloud technologies, Azure D
evOps, CI/CD pipelines, ARM templates. Alongwith analyzed Security incidents that reduced the time to detect and respond to security i
ncidents by 48 hours, conducted security assessments on the company’s systems, boosting productivity, updating security policies and
procedures by ensuring compliance with regulatory standards , boosting compliance scores.

INFOSYS December 2021 – Present, Pune.

Infosys Limited is an multinational information technology company that provides business consulting, information technology and
outsourcing services with major presence in India, United States, China, Australia, Japan, Middle East and Europe.
Senior Cyber Security Consultant: Working on email, endpoint and cloud security in 17*5 environment using tools Microsoft Defen
der portal, Azure portal,Itun portal, Microsoft 365 Exchange admin portal and Purview portal.

Projects/ Clients Worked For: United Bank of Swiss (UBS), Switzerland, SunTrust Bank, Evident

 Performed Threat Analysis in a 24/7 environment, mitigating and managing all threats and risk to the company and gaining 99%
security in data.
 Managed and created rules and policies for 7,000 end-users in the data protection area, DLP, facilitating the efficiency and eas
e of operations.
 Design, implement, and manage robust security solutions for cloud environments, ensuring the protection of organizational ass
ets and data from cyber threats while maintaining compliance with industry standards and regulations.
 Implement Azure Security Solutions adhering to the principles of the Azure Well-Architected Framework.
 Defender for cloud Security Posture Management(CSPM) and Cloud Workload Protection(CWP)
 Manage incidents and alerts on Defender for cloud, managing policies, review and explore the emails and managing the Anti-ph
ishing and Anti-spam policies.
 Conducted root cause analyses and implemented corrective measures to prevent recurrence.
 Managed threat management solutions (e.g., XDR, EDR, NDR) and tools such as TrendMicro Vision One.
 Conducted regular vulnerability assessments, penetration testing, and patch management.
 Collaborated with IT and DevOps teams to remediate identified vulnerabilities.
 Managed VMS/WAS solutions (e.g., Tenable, Qualys).
 Developed and enforced cybersecurity policies, procedures, and best practices.
 Monitoring for suspicious activities and alerts generated b Defender for cloud, investigating potential threats, and taking necess
ary mitigation actions .
 Managing Security incidents by coordinating with relevant teams o contain and remediate security breaches
 Implementing and enforcing security policies across cloud environments to maintain a consistent security posture
 Integrating new cloud resources into Defender for cloud for continuous monitoring and protection
 Microsoft Defender for cloud to monitor nd protect cloud environments, including responsibilities like security posture managem
ent, vulnerability sanning, network security monitoring, threat detection, incident response, and ensuring compliance with securi
ty policies across cloud workloads
 Threat Hunting in Defender and KQL query
 Microsoft Defender XDR for other policy related tasks along with Alert tuning mechanism
 Intune portal for managing and securing devices across various platforms using Microsoft intune, including taks like device enro
lment, policy configuration, application deployment, compliance management, troubleshooting issues, and ensuring adherence t
o organizational security standards by configuring access control and enforcing polices on user devices.
 Enrolling devices (Windows, macOS, iOS, Android) into intune, managing device configurations and settings through profiles an
d implementing device compliance policies.
 Setting up security baseline for devices, managing pp updates and version control on intune portal.
 Assisting users with Intune related queries and troubleshooting
 Generating reports on device compliance, app usage, and security posture
 Exchange Admin Centre involving managing and administering Microsoft Exchange Servers including tasks like installing, confi
guring, maintaining the Exchange server software, monitoring email flow troubleshooting mailbox issues, implementing security
policies, and ensuring optimal performance of the email infrastructure within an organization.
 Creating, managing and deleting user mailboxes, managing mailbox quotas and storage policies, troubleshooting mailbox acce
ss issues.
 Configuring mail flow(transport rules) for spam filtering, virus protection, and content filtering managing email address policies a
nd monitoring message tracking logs to identify delivery issues.
 Implementing Exchange Online Protection(EOP) for advanced threat protection, managing user permissions and access control
, enforcing data loss prevention(DLP) policies and complying with data privacy regulations.
 Diagnosing and resolving email related issues reported by users, working with other IT teams to troubleshoot complex problems
and providing technical support to end users on email related issues.
 Microsoft Purview involves managing and administering the data governance platform, including tasks like data classification, s
ensitivity labelling, compliance management, data discovery, and ensuring adherence to data privacy regulations by overseeing
data access controls and implementing data protection policies across an organization’s various data sources.
 Define data governance policies and standards aligned with industry regulations; create data classification rules and sensitivity l
abels to categorize sensitive data.
 Scan and ingest data from various sources(on-premises ,cloud, SaaS) create and maintain a centralized data catalog for easy d
ata discovery and access and enrich data metadata with relevant information like descriptions, classification and lineage.
 Manage user access data within Purview portal through role based permissions and define data access controls based data se
nsitivity and user roles.
 Ensured compliance with regulations and standards (e.g., ISO 27001, GDPR, HIPAA, NIST).
 Coordinated annual ISO 27001 certification renewals with the Medical Affairs department.
 Provided training and guidance to employees on security policies and practices.
 Promoted a culture of cybersecurity awareness across the organization.
 Stayed updated on emerging cybersecurity trends, threats, and technologies.
 Recommended and implemented innovative security tools and strategies.
 Created detailed documentation of security systems, incident reports, and risk assessments.
 Presented findings and recommendations to stakeholders and leadership.
 Microsoft Defender for cloud to actively monitor, identify and remediate potentials threats across cloud environments, including t
asks like vulnerability scanning, security posture management, incident response and ongoing security monitoring.
 Regulatory reviewing cloud configurations and deployment across different providers(Azure, AWS, GCP) to identify security vul
nerabilities and misconfigurations using Defender for Cloud’s built-in security checks
 Monitoring security alerts generated by Defender for cloud, investigating potential threats, and determining their severity to prior
tize response actions
 Coordinating with security teams to contain and remediate security incidents identified by Defender for Cloud including taking n
ecessary steps to mitigate damage and prevent future occurrences.
 Generating security reports to highlight key risks and trends, providing insights to stakeholders.
 Quarantine of emails, impossible travel activity,malicious threat activity, spam and phishing emails related issues are addresse.
 Phishing and Malware reporting.
 Monitored security operations, ensuring all duties were carried out in accordance with company policies and procedures.
 Investigated security breaches and took corrective action when necessary.
 Assessed potential risks and recommended strategies to reduce these risks.
 Developed and implemented security policies and procedures.
 Developing and implementing SIEM solution, implementing SIEM and other operational tools and processes for a Security
Operations Center(SOC) and knowledge on XSOAR platform.
 Microsoft Sentinel platform which includes collecting security data from various sources across organization, detecting, potential
threats using advances analytics, investigating incidents with AI assistance, and automating responses actions to security
alerts.
 Monitor SIEM and other event sources, accesses, prioritize, escalate and manage security alerts.
 Designed, implemented, and managed security tools, technologies, and frameworks (e.g., firewalls, SIEM, IDS/IPS, SOAR,
PAM).
 Developed and maintained secure architectures for on-premises, cloud, and hybrid environments.
 Collaborated with the Managed SOC team as the primary point of contact for requirements and requests.
 Monitored networks and systems for suspicious activity, promptly responding to security incidents.
EDUCATION & CERTIFICATION

Bachelor of Technology in Computer Science

Maharishi Dayanand University, Rohtak

Master of Technology in Computer Science

Deenbandhu Chhotu Ram University Of Science And Technology, Deemed University NAAC A Grade Accredited, Murthal, Sonipat.

PhD in Computer Science

SRM Institute of Science and Technology top-ranking deemed university part of the SRM Group of Institutions, Sonipat, Delhi-NCR

Microsoft Azure Certified

AWS SysOps Administrator Associate Certified
ITIL Certified
Azure Security Engineer

TECHNICAL SKILLS
Platforms/Operating systems: Windows XP, Windows Vista, Windows 7/8, Unix/Linux.
Cloud Platforms and OtherTools : Tivoli/Netcool, ServiceNow, Connectwise, , Gitlab, AWS, Azure
Security Platforms : Microsoft Defender, Microsoft Intue, Microsoft Exchange Admin Center , Microsoft Purview, Microsoft Sentinel.