Ashutosh A

Solutions Architect | Cyber Security

Dubai, United Arab Emirates

About

Cyber Security Professional with 9+ years of experience in the Information Security domain implementing robust solutions. Engaging with technical and non-technical stakeholders, aiding the achievement of key deliverables. Have wide experience serving in Telecom Industry, Oil & Gas, Aviation, Banking, Manufacturing, Financial Services, and Retail in The Middle East.

Experience

  • Solutions Architect at Emitac Enterprise Solutions
    Oct 2023 - Present · 2 yrs 10 mos

    Implemented Fortify Application Security Suite (SAST and DAST) and integrated end to end with CI/CD pipeline with reporting via email using API and security gates for one of the major Oil and Gas company in Dubai. Implemented complete Fortify Application Security Suite in Kubernetes successfully for major Oil and Gas company in Abu Dhabi. Implemented ArcSight suite for a Real Estate company in Ajman, UAE. Developing and designing enterprise-wide security architectures integrating security solutions to safeguard digital assets and ensure compliance with industry standards (e.g., NIST, ISO 27001). Leading the deployment and configuration of security tools, ensuring seamless integration with existing IT infrastructure. Providing technical leadership in evaluating, selecting, and recommending security technologies to enhance the organization’s overall security posture. Collaborating with cross-functional teams to translate business requirements into secure and scalable security solutions. Architecting and fine-tuning SIEM platforms to improve threat detection, log correlation, and incident investigation workflows. Leading the integration of application security tools into the software development lifecycle (SDLC), ensuring secure coding practices, vulnerability management, and continuous application testing. Working closely with DevOps teams to embed security measures in CI/CD pipelines, promoting a DevSecOps approach. Performing security assessments, gap analyses, and provide remediation strategies to mitigate risks across enterprise environments.

  • Security Expert at HAKKEN Group
    Jun 2022 - Oct 2023 · 1 yr 5 mos

    Develop, implement, and execute control activities to ensure that security products, processes, and procedures are working as intended; remediate any deficiencies detected. Assessing customer feedback to establish, improve, and refine services. Mentored and supervised junior analysts to sharpen security skills and grow talent pools. Remaining organized and meeting deadlines. Strong customer service, project management, and quality control. Establishing and maintaining strong relationships with internal and external stakeholders. Develop and maintain documentation of the design, implementation, and operation of security products and processes. Identifying risks and forming contingency plans as soon as possible. Executed penetration tests and code reviews and used results to secure systems.

  • Security Consultant at Sattrix Information Security DMCC
    Nov 2018 - May 2022 · 3 yrs 7 mos

    Executed penetration tests and code reviews and used results to secure systems. Implemented ArcSight solution in multiple sectors, both Appliance and software form factors. Customers include 1 leading telecom in Dubai, 1 Aviation Customer in Abu Dhabi, 1 Telecom in Bangladesh, another in Pakistan (Remotely), 1 IT service company in India, and more. Implemented ArcSight Distributed High Availability setup with persistor, aggregator, and correlator on separate nodes at leading telco in Dubai. Administered ArcSight solution as an L3 Analyst for a Retail Service Provider in India. Provided remote support to many other customers of the Company and OEM in India. Provided PS Training via OEM for one of the customers. Developed Flex Connectors/Parsers of different kinds like Syslog, database, json, etc. for unsupported devices for various customers across multiple sectors. Content development in ESM and Logger (Correlated Rules, Alerts, Reports, and Dashboards), Health monitoring of ESM, Logger and Smart Connectors, ESM, Logger, Smart connector, ArcMC upgrade, Logger Migration, Backup and restore, Troubleshooting related to ESM, Logger and Smart Connector. Implementation and operational knowledge on ArcSight Components like Transformation Hub, creating consumers on the same collecting the logs. Implementation and operational knowledge on ArcSight Components like Transformation Hub, creating consumers on the same collecting the logs. Implementation experience at 3 Banks, 1 IT Service, and 1 Finance Customer in India on Fortify, WebInspect, and WebInspect Enterprise with CI/CD pipeline integration with various tools like Jenkins, TFS, Jira, etc. Provided Training to 1 Government Service Provider in Dubai to 4 batches and 1 Government Service Provider in India to 2 batches. Implementation experience at 1 Railway Sector customer in Qatar, and1 Oil and Gas in UAE. Creating and configuring rules, reports, dashboards.

  • Security Analyst at Sattrix Information Security
    Feb 2017 - Oct 2018 · 1 yr 9 mos

    Integrate new devices as per client guidelines. Troubleshoot parsing and log reachability issues with existing devices. Logger Administration, content development, and fine-tuning. Integrating connectors & loggers with ArcMC and maintaining their health. Reviewing Connector logs for issues. Developing Regex and DB parsers. Handle all the escalation of L1. Provide operational and technical support to the customer. Oversee completion of day-to-day checklist(s), including log review, management report scheduling, alert analysis, and escalation follow-up activity status. Provide knowledge to L1 to maintain and improve the Operation. Ensure all unresolvable cases are passed to the correct team for action as appropriate. Support implementation of SOC processes and perform periodic checks for compliance. Handle configuration and change management of SIEM. Handle all the escalation requests of L1. Verify the incident reported by theL1 analyst. Verify Reports made by the L1 analyst. Prepare reports & distribute them in readiness for Customer tuning calls. Arrange & manage client calls. Take action accordingly. Create scheduled Customer reporting, from existing reports, whenever appropriate.