Siva Kumar Sodum

SentinelOne:·

• Deployed, configured, and maintained SentinelOne agents across endpoints and servers, ensuring compliance with security policies.
• Monitored and investigated alerts to detect and respond to endpoint security incidents, including containment, mitigation, and recovery efforts.
• Conducted threat hunting to identify vulnerabilities and malicious activities proactively.
• Generated detailed reports on threats, vulnerabilities, and mitigation efforts, providing actionable insights to leadership.
• Ensured compliance with regulatory standards like ISO 27001 by aligning endpoint security policies with industry best practices.
• Evaluated SentinelOne performance, implemented enhancements, and stayed updated on new features and threat intelligence trends.

Forcepoint DLP

• Deployed, configured, and maintained Forcepoint DLP systems across endpoints, networks, and cloud services.
• Developed and enforced DLP policies to protect sensitive data and ensure compliance with regulatory standards .
• Monitored and investigated DLP alerts to identify and respond to data loss incidents, performing root cause analysis.
• Generated detailed reports on data protection trends, policy violations, and compliance status for stakeholders.
• Trained employees on DLP policies, fostering a culture of data security awareness.
• Collaborated with IT, legal, and compliance teams to align DLP strategies with organizational objectives.
• Optimized DLP configurations to improve detection accuracy and minimize false positives.
• Stayed updated on emerging threats, Forcepoint advancements, and industry best practices to enhance data protection strategies.

BeyondTrust PAM

• · Deployed, configured, and maintained BeyondTrust PAM and PRA solutions across on-premises and cloud environments.
• · Managed privileged accounts by enforcing least-privilege policies, onboarding accounts, and rotating credentials to reduce risks.
• · Monitored and audited privileged sessions, ensuring accountability and generating compliance reports.
• · Investigated and responded to unauthorized access attempts or privilege escalation incidents.
• · Developed and enforced access control policies in alignment with regulatory standards like ISO 27001.
• · Trained users and administrators on best practices for privileged access and remote access management.
• · Recommended and implemented improvements to optimize BeyondTrust solutions and enhance security posture.

Audits & Compliance :

• Led ISO audits (ISO 27001), spotting areas for improvement and ensuring compliance across processes.
• Conducted internal and external audits to assess adherence to policies, procedures, and controls, identifying non-conformities and areas for improvement.

Email Security :

• Administered anti-spam, anti-virus, and email encryption policies to protect the organization’s email infrastructure.
• Monitored email traffic for security incidents, performance issues, and anomalies, taking proactive action to mitigate risks.

Client: National Australian Bank Roles & Responsibilities :

Vulnerability Management (Nexpose):

• Conducted daily, weekly, and monthly vulnerability scans and shared findings with infrastructure teams for remediation.
• Created policies, templates, and consolidated vulnerabilities based on severity.
• Coordinated product updates with Nexpose support and set up authenticated scans.

Splunk SIEM:

• Managed and configured Splunk architecture, including log collection, validation, and correlation rules.
• Deployed and maintained Splunk Universal Forwarder on Linux and Windows.
• Installed SSL certificates and resolved configuration issues.
• Used SPL for search queries and managed log retention policies.

Trend Micro Deep Security Solutions:

• Configured firewall and intrusion prevention policies and deployed Deep Security agents.
• Generated AV compliance reports and performed necessary security scans.
• Upgraded Deep Security components and liaised with vendors for escalations.

Venafi Trust Protection:

• Managed SSL certificate creation, renewal, and revocation.
• Worked with teams to resolve certificate-related issues.

Speedpayplus.com (AWS and Linux Admin)

• Managed VPC, migrated servers to AWS, and launched EC2 instances.
• Configured EBS volumes, S3 buckets, CloudFront distributions, and IAM roles.
• Automated backups, set up auto-scaling/load balancing, and applied PCI-compliant OS configurations.
• Conducted regular system scans with Nessus.

CTOPUP (BSNL) (Linux Admin)

• Installed and managed Red Hat Linux and CentOS.
• Monitored system performance and configured NFS, Iptables, and user access controls.
• Managed password policies, scheduled jobs, and backed up logs using Rsysnc.
• Secured SSH access, disabled unnecessary services, and set up static routes.