Professional Documents
Culture Documents
HA CV - Lead Cyber Security Consultant - Himanshu Agaria Splunk
HA CV - Lead Cyber Security Consultant - Himanshu Agaria Splunk
Techie.himanshu@hotmail.com
+91-9958025259/9582988073
CAREER OBJECTIVE
To Attain Dynamic and Challenging Profile in a professionally managed organization where I get the Opportunity to learn, grow
& contribute towards Team Goal and enhance my professional capabilities.
Technical Proficiencies:
Certifications Cloud U, ITIL V3 Foundation, Microsoft Azure Fundamentals, CompTIA CySA
Platforms Windows7/8/10/11, Mac OS, iOS, Android
Hardware Dell /HP desktops and notebooks, iPads, iMac, Android Tablets, Printers, Scanners, Digital Projectors, Routers and Modems.
Applications Microsoft Office, SQL Server 2008,2012, SCCM, DNS Server, Microsoft Azure, Microsoft Sentinel, Microsoft Defender, Azure AD Connect,
Dir Sync, RSA Admin Console, License Servers, LogMeIn, TeamViewer, Norton/ Symantec Ghost, Norton Internet Security, Citrix, Cisco
VPN, Microsoft Exchange Server, AD, Numara Footprints, Service Now, SIEM, Splunk, Net IQ Identity Manager, Good Work, Power BI,
Avaya, IBM Tririga, Remote Support, Mobile Pass and MP1 token Knowledge of Network and wireless devices etc.
Professional Experience
Lead Cyber Security Consultant in Lenze Mechatronics Pvt Ltd Feb/2022- Till date
Responsibilities
Configuration and Management of SSO (AD, AD Azure, Okta, GSuite etc.)
Serve as internal liaison for RBAC/IAM issues with representatives from application solution owners and Information
Security
Managing of Splunk Enterprise Architecture in coordination with Global Team
Making Information security and compliance policy for the organization
Microsoft Endpoint Security and Azure Information Protection
Coordinate analysis of discovered user accounts for risk, ownership, and access appropriateness
Manage and engage change network and conduct change impact assessment
Utilize Microsoft Azure Sentinel and Defender ATP for investigation and Threat Hunting
Implementing and Maintaining Security Automations with the help of AI and ML
Define roles and resource groups for standardization as per client security standards
Performing Deep-Dive incident Analysis with advanced tools and techniques
Plan and monitor to determine which activities are necessary to identify relevant stakeholders
Analyse and document business requirements and interfacing with system/platform owners
Vulnerability Assessment through OpenVAS tool
Knowledge of ISO27001
Analyse data pull (Service accounts, PowerShell commands, Shares, Services etc.) from the platform team and clean
up user access
Closely working with Access Control Operations team lead on remedy of access control issues.
IT MANAGER Honda R &D India Ltd May/2020- Jan/2022
Responsibilities
Configuration and Management of SSO (AD, AD Azure, Okta, GSuite etc.)
Management of Microsoft Defender and Sentinel Environment.
Configuration of IT security policies.
Serve as internal liaison for RBAC/IAM issues with representatives from application solution owners and Information
Security
Develop alerts and timed reports Develop and manage Splunk applications.
Assist with design of core scripts to automate SPLUNK maintenance and alerting tasks.
Manage SPLUNK user accounts (create, delete, modify, etc.)
Making Information security and compliance policy for the organization
Coordinate analysis of discovered user accounts for risk, ownership and access appropriateness
Coordinate with application owners during UAT post RBAC deployment
Manage and engage change network and conduct change impact assessment
Work with stakeholders to understand their access needs and design access roles accordingly
Coordinate on-going remediation efforts by working with stakeholders to determine ownership and appropriate
corrective actions
Define roles and resource groups for standardization as per client security standards
Review active privileges in the system and conclude on creation/modification of roles
Communicate requirements to stakeholders, manage conflicts, issues and challenges in order to ensure that
stakeholders and project team members remain in agreement on solution scope
Plan and monitor to determine which activities are necessary to identify relevant stakeholders
Analyse and document business requirements and interfacing with system/platform owners
Manage Role Based Access Control (RBAC) process lifecycle
Analyse data pull (Service accounts, PowerShell commands, Shares, Services etc.) from the platform team and clean
up user access
Involved in Provisioning Roles in Net IQ
Closely working with Access Control Operations team lead on remedy of access control issues.
Involved in Provisioning RBAC Resource Groups in Active Directory
Involved in Provisioning RBAC Resource Groups in the server Local Groups
Support business stakeholders with periodic review.
Work with stakeholders to understand their access needs and design access roles accordingly.
Strategy Manager Virtusa Polaris Consulting Service Ltd Nov/2019- March 2019 (Client –RBS)
Hands on with Okta console/Admin tasks and Application integration at the technical and/or functional level
appropriate for the situation.
Implementation of B2B and B2C Collaboration for the Organization
Perform hands on technical design, configuration, and troubleshooting of the Okta service.
Strong understanding of SAML, O Auth.
Understand and Detecting Cyber Security Events.
- Perform initial triage and Incident Analysis.
- Raise Incident and perform mitigation with the help of asset owners.
- Report computer security events in accordance with established processes and procedures.
Monitor for security indicators by correlating and analysing a variety of application, network and host-based
security logs and determining the correct remediation actions and escalation paths for each incident.
Developing anomaly detection dashboards and reports in SIEM tools to identify potential threats, suspicious
activity and intrusions.
Deep understanding of either the Lockheed Cyber Kill Chain or MITRE Attacks framework and OSINT
Environment
Developing Rules in SIEM Solutions to identify suspicious activities.
Assist with the development of processes and procedures to improve security operations functions, incident
response teams, analysis of incidents, and overall, SOC functions.
Performing hunting exercises using threat intelligence, analysis of anomalous log data and results of historical
events and data to detect and response to threats.
In-depth understanding of security threats (preferably OWASP Top 10 vulnerabilities), threat attack methods
and the current threat environment.
Understanding of common attacks (e.g., brute force, SYN flood, session hijack, Smurf etc.)
Experience with handling Multi Factor Authentication.
Administer, maintain and implement policies and procedures for Okta, and other IAM service delivery toolsets.
Experience with Continuous Delivery.
Support on boarding of application and platform users.
Monitor IAM platform components and resource.
Provide IAM support to end users.
Support integration with Active Directory and other Identity Stores.
Associate IT Consultant | ITC InfoTech Ltd, Gurgaon, Jun/2018- till present date (Client Side- AON
HEWITT/Fidelity International)
Responsibilities:
IAM Analyst
Work with business and solution owners to identify and maintain user role definitions
Maintaining the Exchange Admin Center (O365) for the mailbox permissions and access.
Sending out weekly reports of the tickets closed, and SLA breached and preparing the visual representation through
Power BI.
Controlling the Safe Net remote access (Mobile Pass) through Safe Net Administration through Admin portal
Build partnerships with business units to ensure that business requirements continually inform Role Based Access
Control program
Configuration and Management of SSO (AD, AD Azure, Okta, GSuite etc.)
Serve as internal liaison for RBAC/IAM issues with representatives from application solution owners and Information
Security
Coordinate analysis of discovered user accounts for risk, ownership, and access appropriateness
Coordinate with application owners during UAT post RBAC deployment
Manage and engage change network and conduct change impact assessment
Support business stakeholders with periodic review.
Work with stakeholders to understand their access needs and design access roles accordingly.
Knowledge of ISO27002.
Associate IT Consultant | ITC Infotech Ltd, Gurgaon, Jun/2017- Jun 2018 (Client Side-Fidelity International)
Responsibilities
Incident and Problem Specialist
Responsibilities
Installation and Configuration of applications – server side
Implemented user security by creating user profiles, roles and good working knowledge on CRM
application
Create properties and update in Active Directories along with creating new user's account with
appropriate rights.
Taking ownership of operational issues, ensure timely and quality resolutions within SLA.
Experience with Active Directory configuration management and administration
Scripting skills using PowerShell plus knowledge of other scripting or programming languages
Troubleshooting of Web based application.
Application Account Management / Super User Administration (Creation of users add new
functionality and granting role).
Ensuring that all the licensed & project specific software are being used and performing regular
checking on machines for verification.
Responsibilities:
Working on Client Network with the help of VPN
To provide all kind of software support to the customer for the Computers and Laptops by taking remote
access, chat or over the phone.
Managed Identity access management through Active Directory.
Managing Incidents according to Severity Levels and also acting as the SPOC for High Severity tickets
Liaising with vendors and Service Providers to ensure Continuity of desired level of service with
minimum downtime and business impact.
Responsibilities:
To provide all kind of software support to the customer for the Computers and Laptops by taking remote
access, chat or over the phone.
Repair & reinstallation of windows and troubleshooting the wireless connections.
Work on switches, routers and hubs.
Performing basic triage work from Security perspective like removing virus infections manually.
Technical Support Engineer | Tele performance, Gurgaon, March/2011 – Oct/2011
Responsibilities:
To provide all kind of software support to the customer for the Computers and Laptops by taking remote
access, chat or over the phone.
Repair and reinstallation of windows and Mac Computers
PERSONAL DETAIL
Father’s Name : Kamal Agaria
Date of Birth : 28 June 1987
Permanent Address: 501/1, Adarsh Nagar Sipri Bazar Jhansi-284003
Marital status : Married
Nationality : Indian