Alankrit Shrivastava

Proven 10+ years of progressive experience in Vulnerability Management, Security Operations Center
(SOC) operations, and Incident Management. Demonstrated ability to identify, assess, and mitigate
security risks, optimize security processes, and drive operational efficiency through innovative solutions.

Contact - +91-9619049795, +91-7021124624

Email : [email protected]

Education:
Bachelor's of Engineering in Electronics and Telecommunication from Rajiv Gandhi Technical
University.

KEY SKILLS AND CHARACTERISTICS

Vulnerability Management, SOC Operations, Endpoint Security and Security Architecture and Engineering

Cybersecurity Tools
Tenable Nessus and Security Center, CrowdStrike EDR, TrendMicro EDR, Wazuh SIEM, Microsoft Azure Sentinel, Microsoft Azure
Security Center, Zscaler, Carbon Black Application Control, Microsoft Defender EDR, Tenable IO, Squid Proxy, Beyond Trust EPM,
Microsoft Intune, Qualys Guard, Cososys Endpoint Protector DLP, KQL (Kusto Query Language).

Experience
Pine Labs Pvt Ltd – Manager Information Security
July 2023 - Present
o Architected and implemented security solutions for in-house products.
o Developed and executed security tool deployment strategies for TrendMicro Cloudone, Wazuh as a FIM, Tenable
Security Center, Squid Proxy solution for servers and SOC implementation.
o Creating rules and alerts based on use cases and requirements.
o Collaborated with multiple banks to ensure compliance and manage audits.
o Creating Azure policies and deploying policies across Azure UAT and Prod infra.
o Separately tracking Azure Vulnerabilities through Azure Security Center.
o Working as security lead in fine-tuning of security products Responsible for the successful deployment of security tools
across the infrastructure.
o Handling vulnerability management. Handling SOC operations.
o Defining SOAR use cases for deployment.
o Deploying and managing SOAR solution using function app in Azure Sentinel.
o Handling cloud security posture management of cloud infra which includes GCP and AWS.
o Defining access control and RBAC policies in Azure.
o Creating Azure function app for log ingestion of different log sources to MS Sentinel SIEM.
o Creating and presenting monthly dashboards for Vulnerability management and SOC operations to CISO and CTO
o Developed and deployed squid proxy solution and created a process around handling of squid proxy.
o Defining minimum baseline security standards

ZS Associates – Security Architecture and Engineering

December 2021 – July 2023
o Lead Security Architecture and Engineering Working with different vendors for POC and product understanding.
o Creating workflows for endpoint security operations and managing the adherence to the workflow internally.
o Contacting vendor for troubleshooting on issues.
o Creating tool gap assessment report.
o Managing teamwork and efforts through a skillbased matrix.
o Managing incidents raised by different security tools and taking necessary action for their closure.
o Leading Endpoint operations and tracking the incident closure.
o Performing tier 3 analysis on the incidents and triggered correlation rules.
o Creating SOP, RACI’s and RAID’s.
o Preparing Incident playbooks. Creating and defining policies in carbon black (Application Control), CrowdStrike
(EDR),Zscaler (Proxy solution) and Endpoint Protector DLP solution.
o Deployed Beyond trust application control for MAC environment and Microsoft defender for windows endpoints
o Deployed baseline standards for MAC and windows endpoints.
 Accenture – Technical Security Specialist
April 2020 – December 2021
o Technical Security Specialist Performing vulnerability assessment analyzing the vulnerability report and creating a 30-
60-90 days plan for vulnerability reduction.
o Contacting vendor for troubleshooting on any toolreported issues. Creating vulnerability trend reports.
o Tracking vulnerabilities till its closure Raising incident and assigning them to the specific team to track the closure of the
reported vulnerabilities.
o Managing incidents raised from different security tools and taking necessary action for its closure.
o Leading SOC operations and tracking the incident closure. Performing tier 3 analysis on the incidents and triggered
correlation rules.
o Creating correlation rules in McAfee SIEM.
o Preparing Service Improvement plans.
o Being a part of incident response team and actively involved in any detected threats by triaging the incidents.

Reliance Industries Ltd – SME Vulnerability Management

August 2016 – April 2020
o SME Vulnerability Management Creating POC’s for new procuring security tools.
o Performed tier 3 analysis on raised incidents.
o Using Vulnerability Management tools identifies vulnerabilities while tracking the vulnerability to its closure.
o Managing Vulnerability Management process and operations.
o Managing SOC operations. Enhancing cloud security.
o Worked on container security.
o OT Vulnerability Assessment.
o OT Remote Patching deployment design.
o OT network configuration review MBSS implementation.
o Worked on creating MBSS scripts in powershell and bash for windows and unix machines.
o Creating MBSS (Minimum Baseline Security Standards) for different flavors of OS and network devices and rolling out these security
policies across the organization.
o Maintaining asset inventory and overall compliance of different business units.
o Awareness of Cyber Security threats, and latest Vulnerabilities.
o Creating reports and dashboards in the Tenable security center for a holistic view of vulnerabilities in the different business units of
reliance
Paladion Networks – L2 SOC Security Analyst
September 2015 – July 2016
o L2 Information Security Analyst Performed security monitoring and log analysis to detect security incidents.
o Monitor the correlated events and performing analysis on the triggered correlated events.
o Monitors HP Arcsight (SIEM) as a security tool to detect incidents and raise the incidents and working through the closure of
the incident.
o Worked on Qualys Guard to identify the latest vulnerabilities presiding in the company’s assets and reporting the vulnerabilities to
the concerned team for closure.
Reliance Jio Infocom – L2 SOC Security Analyst
April 2014 – September 2015
o Working as an Assistant Manager Information Security Analyst Performed security monitoring and data/log analysis to detect
security incidents and mounts incident response.
o Generates report and takes appropriate action based on the data analysis and intelligence.
o Worked on security systems such as IPS/IDS, HIPS, Antivirus, Tenable Nessus, and Malware protection and detection
system. Maintain/ Update SOC ticketing and knowledge base systems.
o Handle incidents notifications and escalation as per SOC policies.
o Created automation for Nessus reporting in python.
o Worked on Tenable (Security Center, Log Correlation Engine, Nessus Scanner), to Identify vulnerability in an asset and reporting the
vulnerabilities to the asset owner by creating the report and mitigating the vulnerabilities

Achievements, Awards and Certifications

o Achieved Ace Award in Accenture for developing and delivering robust vulnerability management structure
o Received Multitasker Award in Reliance Industries for handling Vulnerability Management and SOC operations
o Cisco Cyber Range Program Certification V1 (September 2014)
o Cisco Cyber Range Program Certification V2 (January 2015)