Pooja R

Highly skilled and organized cyber security professional with 5+ years of experience in meeting company goals through consistent and efficient practices. Proven ability to work under pressure, adapt to new situations and challenges, and enhance the organizational brand. A dependable and organized candidate successful at managing multiple priorities with a positive attitude. Willingness to take on added responsibilities to meet team goals.

Cyber Threat Analyst at RBC (Royal Bank of Canada) from Jan 21 to present

Developing approaches for industry-specific threat analysis and generation of vulnerability reports.

• Conducted vulnerability assessments using Nexpose to evaluate attack vectors, identify system vulnerabilities and develop remediation plans and security procedures.
• Using SIEM technologies and other native tools to perform the monitoring of security events.
• Security event monitoring, analysis, triage incident alerting and reporting using QRadar

Security Information and Event Management SIEM management console.

• Aiding or support to members from other practice areas such as Investigations or Cyber threat analysis using MITRE ATT&CK framework,
• Conducted vulnerability assessment and penetration testing customized to the system function and technical requirements.
• Continuous monitoring of open and closed source material to provide relevant and timely notifications to clients about developing threats.
• Conducted onsite Penetration tests from an insider threat perspective.
• Worked with various tower teams to improve the detection of cyber security threats and breaches.
• Administered and maintained user access controls, processes, and procedures to
• prevent unauthorized access, modification, or misuse of the organization's resources.
• Investigate potential or actual security violations or incidents to identify issues and areas that require new security measures or policy changes.
• Identification, investigation, and escalation of security breaches to the client side.
• Security team (called Central Security Incident Response Team CSIR

Worked as a Cyber Security Engineer

Canadian Tire - Toronto Eaton Centre, ON · Contract Full-timeCanadian Tire - Toronto Eaton Centre, ON · Contract Full-timeJun 2020 - Aug 2021 · 1 yr 3 months

Scanned the servers using Qualys scanner and reported the found vulnerabilities to the appropriate teams for remediation.

• Created Qualys scan pro les for different project requirements.
• Generated customized Qualys reporting templates to explain the remediation status to the tower teams.
• Monitoring SIEM for any security Threats and Investigating the events and working on L2

tickets.

• Creating Dashboards, Active Channels, lters, and Data monitors as per the requirement on Splunk
• Managing EDR Console. SentinelOne & Cylance
• Performing Ad-hoc scans when a new Vulnerability is identified, OR a new system is added to the network with Nexpose.
• Conducting Vulnerability scans on Internally developed web apps using IBM AppScan
• Collaborating with stakeholders in patching the vulnerabilities.
• Monitoring Source for any security Threats, Investigating the threat events
• Working on security Incidents reported by users and building Incident reports
• Participated in an Internal Phishing exercise using PhishMe.
• Developed a Threat Hunting program and trained teammates in performing threat hunting campaigns based on NSA&FBI reports and OSINT data

IT Security Analyst IT Security Analyst

Accenture, Hyderabad · Full-timeAccenture, Hyderabad · Full-timeMar 2018 - May 2020 · 2 yrs 

Implement tools and automation to proactively detect security risks and threats for internal systems

• Collaborate with other engineers to identify security gaps and integrate security into software development process.
• CrowdStrike Falcon sensor implementation on to the end points.
• Analyze security logs and use forensic methods to identify and contain threats.
• Created EDR policies in Cisco AMP and Azure Defender
• Developed various Falcon sensor policies for rolling out new sensor updates to testing and prod environments.
• Developed a range of CrowdStrike prevention policies.
• Created Machine learning detection allow list, Machine learning exclusions, IOA exclusions and Sensor visibility exclusions in the CrowdStrike Falcon.
• Created Dashboards, alerts, custom searches, and applications in Splunk.
• Responsible for identifying and validating indicators of threat from multiple Intel sources (both commercial and OSINT)
• ISAC, Bluecoat, etc.) against internal assets to determine an accurate threat landscape
• Responsible for the vulnerability management tea.
• Manage the project Qualys policy compliance i.e., configuration compliance and systems hardening.
• Lead Threat and Vulnerability Management program.

According to the specific enterprise architecture and compliance requirements.

• Reviewed Remediation Plan and Mitigating Controls.
• Infrastructure hardening using CIS benchmarks and Qualys Policy Compliance.

JNTUH ECE Engineering from 2014-2018.