Harsha CV
- 1. Professional Summary: Harsha Sarjapura Siddartha has profound of experience in Infrastructure and Cyber Security / Information Security domains. He has worked in various assignments across security domains ranging from consulting (post- sales) to architecting (Design, Development & Implementation) of various DLP security controls and processes. His experience includes exposure to clients of various business sectors like retail, pharmacy, corporate and mining. Work Experience: Having profound IT Experience Cyber Security / Information Security. Current Organization : PricewaterHouse Coopers LLP (PwC LLP) Period : December 2013 till date Experience : 2.5 Years and counting. Role : Senior Cyber (/Information) Security Consultant Previous Employers : Accenture Period : August 2011 till December 2014 Experience : 2 Years and 4 months Role : Cyber Security / Information Security Analyst Key Skills : • DLP (Data Loss Prevention) • Imperva SecureSphere (Database security) • Computer Forensics • ISO 22301:2012 BCM Implementation (Business Continuity Management) • ISMS Internal Assessments • Privileged Identity Management Tools / Applications: • Symantec DLP • Imperva SecureSphere • CA DataMinder • FTK Forensic Kit • Volatility • CyberArk Certification: • Symantec Technical Expert (Symantec DLP V12.0) • ISO 22301:2012 BCMS Lead Implementer • ITIL V3 Foundation • ISO 22301:2012 BCMS Lead Auditor Rewards / Recognition:
- 2. • Great Performer - Client Delivery • Great Performance Award – Project Specific • Star Performer – Practice Specific • Instant Recognition awards for 6 times • Received several well decorated client appreciations Professional Experience: Data Loss Prevention – Implementation, Administration and Continuous Monitoring, Regular Fine Tuning: PwC LLP • Held an end-to-end responsibility of managing the functionality of the DLP solution for a retail client (Confidential) and a mining client. • Implementation of the DLP solutions which includes Installation and Administration. • Building the policy lists and policy groups. • Regular fine tuning of the policies, as and when the opportunities are seen. • Remediating the incidents by following the outlaid procedures for closure of the incidents. • Performing monthly false positive and business process trend analysis for whitelisting/creating an exception for False positives and stated business process events. • Automation of event owner notifications for the incidents they own. • Troubleshooting of the issues related to DLP solution. • Monitor and protect network communications sent by users — on or off the corporate network — over SMTP/TLS, HTTP/HTTPS, IM, and FTP. • Monitor and protect network communications sent to and from mobile devices over ActiveSync, HTTP/HTTPS, and apps. • Monitor and protect confidential messages sent from cloud email services like Microsoft Exchange Online and Gmail. • Monitor and protect confidential files sent to cloud applications like Microsoft SharePoint Online and Dropbox. • Monitor email downloaded to mobile devices over ActiveSync. • Monitor and protect network communications sent from iPads and iPhones over ActiveSync, HTTP/HTTPS, and apps like Dropbox and Facebook • Scan and inventory internal hard drives for confidential data. • Encrypt, quarantine, or relocate exposed files to secure network folders. • Keep confidential data from being exposed on endpoints over email, web, IM, FTP, USB, DVD, print/fax, clipboard, and third-party applications. • Scan and inventory networked file shares, databases, document repositories, and web content servers at high speeds to discover where confidential data is stored (DAR – Data at Rest Scans). • Monitor file usage and access patterns on network-attached storage (NAS) filers, Windows servers, and SharePoint libraries. • Identify the data owners of exposed files and folders; alert security teams to anomalous activity or outlier users; and facilitate secure collaboration with access visualization and analytics. • Encrypt, quarantine or relocate exposed files to secure network folders. Imperva SecureSphere - Database Security Management for one of the biggest Retail Clients : PwC LLP The client is one of the biggest retail company in east coast of USA, The aim of the project was to provide database security Administration and support, including some of the maintenance activities and overall tool management. • Providing Incident & Problem Management, Change & Release Management • Monitoring the wide range of Databases used in the client environment. • Mangling the SecureSphere Gateways, agents and appliances. • Performing the Vulnerability scans and audits on the Databases and remediating the findings by suggesting the fix to the DBA teams.
- 3. • Proficient in mapping client’s requirements, designing & developing customised solutions, troubleshooting Oracle database. • Deployment of new infrastructure components, configuring agents to gateways and overall management via the MX server on Imperva. • Designing in building Blue Print and services for identified critical threats from Imperva. • Deployment of Test Environment for every security solution from Imperva. • Involved in preparing the Knowledge based documents on Imperva for future help. • Documentation of all Imperva related Process, various audit reports and workflows. • Creating and presenting the management reports for the applications, solution, DB health, DB security incidents and the vulnerabilities on the DB agents. • Customizing the monitoring scope of the DBs as per the client requirements and Integrating the SecureSphere solution with other SIEM tools such as IBM QRadar and HP ArcSight. Computer Forensics: PwC LLP • Have bagged an experience with a computer forensic project for a well-known (Confidential) pharmaceutical client. • Possess extensive experience in computer Forensic and Media Exploitation • Sound knowledge of principles and technology related to memory forensics. • Proficient with the procedures to be followed for a quality oriented forensic investigations and post investigation disposal technics and sign offs to be taken care of. • Profound knowledge of Report Writing • Proficient with EnCase, FTK, Volatility and other Computer Forensic Tools. • Strong interpersonal and attention to detail. • Excellent written and oral communication skills. • Skilled with Microsoft Office applications. • Examined and analyzed electronic media in support of computer intrusion and Data theft cases. • Analyzed media using a broad range of computer forensic tools then summarized findings in a technical report. Business Continuity Management and ISMS: PwC LLP Served as a BCP/DR Lead implementers for the internal ISMS Team. I am responsible for the following. • Conduct BIA assessment; work with team to define critical time sensitive systems and business functions. • Design, develop, and document Business Continuity and Disaster Recovery Plans as per ISO22301:2012 BCM Standards. • Coordinate DR/BCP exercises. • Facilitate training with critical support staff and management. • Develop project plans for lifecycle of DR/BCP project. • Develop ad hoc presentations for senior management. • Plan for mission assurance of operations and critical business functions for AMI. • Conduct business impact analysis, risk assessments of critical systems and business functions. • Responsible for developing business group ICS structure. • Conducting mock fire drills, preparing the risk reports based on the fire drill and providing the corrective measures for the risks, if any found. • Creating awareness to the employees by handling internal training sessions and performing the quiz competitions. • Conducting the ISMS internal controls reviews. Data Loss Prevention – Administration and Continuous Monitoring- Accenture Servers Management and Data Services: Accenture • Domain Managing AD server - Creation / deletion of domain IDs and delegating access levels, updating restrictions to the Domain IDs. • Managing DHCP servers – DHCP scope maintenance. • Updating windows patches on monthly basis through SCCM.
- 4. • Domain Administration for a large scale environment (over 1000 users) using Windows 2000 or 2003 Active Directory (MMC) to manage all objects • Ability to create local and global security groups and to apply permissions to access files, folders and resources on Windows 2000 or 2003 servers. • Ability to use Microsoft Exchange 2000 or 2003 Administrator to manage email accounts • Familiarity with Microsoft Office suite L1 System Analyst: Accenture • Installing workstations, Administration, network services and peripherals. • Working on incidents within the infrastructure on priority basis, and its closure within SLA. • Knowledge on ITIL based work environment • Installation, migration and configuration of network client workstations, manage Local and Domain wide groups (With the co-ordination with the Client IT team). • Troubleshooting Laptop / Desktop HW and computer peripheral issues i.e. local / network printer etc. • All the desktop issues, Client application, Software installation, handling connectivity issues, Data restoring & Symantec Ghost server configuration, Uploading & pushing the image to the local machines from the Ghost server. • Troubleshooting of MS Outlook, outlook express, Microsoft Applications i.e. MS Office, Internet Explorer, Operating System issues, Issues related to Virus / Malware etc • Troubleshooting connectivity related issues VPN, Wireless. • Client Software installation on Bulk request. • Handling BCP (Business Continuity Process) activity. • Hard binding the system with security updates of windows & Symantec Antivirus. • Handling (critical) Priority 1 incidents with location & client support & driving it to closure. • Installations, configuration and troubleshooting SAP, Citrix, and IBM Mainframe client applications. • Handling Escalations and assisting Technical Support to internal customer. • Good in Network concepts, OSI layers, TCP/IP protocols & administration. • Configuring Windows MS outlook express and Ms Outlook. • Trouble shooting of LAN related issues • Troubleshooting of internet related issues • Working as System Admin for a project as a dedicated engineer – offering Service support on Win XP Operating system, Windows-7 and Networking. • Handling the calls within the infrastructure on priority basis and supporting internal users in the company. • Configuration and troubleshooting of Network printer issues • Responsible and rollouts for new branch setup and deployment. • Worked on putty tool for Virtual Network maintenance. • Knowledge about Symantec endpoint protection anti-virus software, • Managing Voice related issues. Additional Knowledge • Possess fair bit knowledge on WASA (Web Application Security Assessments) and Penetration testing • Knowledge on using Metasploits for web exploits • IDS & IPS • Firewalls • VM’s and Virtualization • Cuckoo sandbox • Cloud Security • Cloud Data Loss Prevention Security Conferences Attended • NullCon Goa – The next Security thing 2015, 2016 • G4H (Garage for Hackers) Security meets • Null Security meets • Active participant in Null Bangalore Chapter
- 5. • Active participant in G4H (Garage for hackers) Bangalore Chapter Qualification: • Bachelors: B.E (Telecommunication) from Visveswaraya Technological University, Belgaum (2011). Personal Details: Nationality: Indian Passport: Available and I possess. Marital Status: Single.
- 6. • Active participant in G4H (Garage for hackers) Bangalore Chapter Qualification: • Bachelors: B.E (Telecommunication) from Visveswaraya Technological University, Belgaum (2011). Personal Details: Nationality: Indian Passport: Available and I possess. Marital Status: Single.