Jay Reddy
Toronto,Canada
Summary
Cybersecurity Analyst with expertise in networking, threat intelligence, and incident response. Successfully implemented security policies and endpoint protection strategies, achieving a significant decrease in unauthorized access incidents. Proficient in conducting vulnerability assessments, risk mitigation, and ensuring compliance with industry standards. Experienced in Active Directory management and user access control, fostering collaboration across teams to maintain a strong security posture.
Overview
7
7
years of professional experience
Work History
Cyber Security Analyst
Southlake Regional Health Centre
ON
06.2024 - Current
- Implement and enforce cybersecurity controls in alignment with the organization's security strategy and program.
- Conduct and assist with Vulnerability and Threat Risk Assessments (TRAs), monitor remediation and mitigation efforts.
- Assist with preparing reports and action plans following security breaches.
- Serve as the administrator for various cybersecurity tools, ensuring they are updated and functional.
- Utilized sandboxing tools such as VirusTotal, FortiSandbox, Hybrid Analysis, Browserling, and Anomali to analyze and identify potential threats.
- Deployed and enforced security policies across Windows, macOS, iOS, and Android devices using Intune.
- Deployed and managed secure access to Office 365 and other enterprise applications using Intune and Azure AD integration.
- Coordinate with vendors for updates, implementations, and bug fixes related to security tools.
- Oversee identity and access management using Azure Active Directory (Azure AD) and Entra ID.
- Administer and monitor endpoint security solutions, including CrowdStrike, to ensure endpoint protection.
- Monitored and analyzed EDR CrowdStrike Falcon alerts to detect, investigate, and respond to security incidents in real-time.
- Strengthened endpoint security posture by implementing CrowdStrike and configuring advanced DLP settings.
- Integrated CrowdStrike Falcon APIs with SIEM/SOAR tools for automated threat intelligence correlation.
- Collaborated with IT and SOC teams to optimize EDR workflows and improve detection fidelity.
- Deployed E-mail security Solution Proofpoint to secure the email flow of inbound & outbound.
- Deployed Zenguide Proofpoint Security Awareness platform for user training by using SAML integration with Azure.
- Conduct Security Training and phishing campaigns to users within person and using Proofpoint application.
- Educated and trained users on information security policies and procedures.
- Create Newsletters to provide Security Awareness to users every month on hot security topics.
- Configure and manage Proof Point Data Loss Prevention (DLP) tools to safeguard sensitive information
- Manage all Inbound and out email flow to secure using Proof Point.
- Review all the quarantine emails.
- Implement Group Policy Object (GPO) settings to enforce security standards across the organization.
- Collaborated with teams of professionals from IT, operations, and compliance to establish agreements on BCP/DR strategies and fix identified weaknesses.
- Conducted risk assessments and business impact analyses (BIA) to identify critical systems and define Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO) for cloud-hosted and on-premises environments.
- Perform threat analysis and track vulnerabilities using Nessus.
- Collaborate with SOC team to update SIEM to improve threat detection.
- Integrated AD Audit Plus with SIEM platforms for centralized log analysis and enhanced threat correlation.
- Integrated CASB with SIEM solutions for centralized visibility and correlation of cloud security events.
- Monitored and analyzed cloud application usage using CASB tools to detect anomalies and mitigate insider threats and shadow IT.
- Applied MITRE ATT&CK techniques to analyze and enrich threat intelligence feeds, enhancing IOC/IOA correlation in SIEM tools.
- Utilized various threat intelligence feeds, open-source intelligence (OSINT), CISA, CYWARE and dark web monitoring to identify emerging threats and vulnerabilities.
- Monitored and analyzed AD logins, user account activities, and permission changes to detect unauthorized access and policy violations.
- Managed role-based access control (RBAC) and least privilege principles across organizational systems.
- Utilized AD Audit Plus to identify and respond to anomalies such as brute-force attacks, account lockouts, and unusual login patterns.
- Administered and configured Azure Active Directory (Azure AD) for user authentication, single sign-on (SSO), and multifactor authentication (MFA).
- Configured session recording and real-time monitoring for privileged account activities to detect and prevent misuse.
- Reduced unauthorized access incidents by CyberArk through enhanced PAM policies and monitoring.
- Troubleshooting Windows, Mac, and Linux
- Reviewing security alerts from various tools (Antimalware, EDR, Network security, SIEM, DLP, Web filtering, etc.
- Managed Fortinet Secure Web Gateway (SWG) to enforce web filtering policies, preventing unauthorized access to high-risk websites and protecting against data exfiltration.
Information Security Analyst
Scotia Bank
Toronto, ON
04.2022 - 03.2024
- Implemented security policies, streamlined IT Support and successfully adhered to SLA's
- Worked on different VMware products like VMware workstation, GSX/VMware server
- On workstation Creation of VMs and installing different guest OS like windows and Linux flavors
- Creating Teaming, cloning, snapshots
- Worked on Remote Administration by using VMware server
- Troubleshooting Windows, Mac, and Linux
- Good understanding of ESX/ESXi server architecture
- Configure Virtual Networks in ESX/ESXi server by creating vSwitches
- Creation of different port groups like Service Console, VMkernel and VM port groups
- Assigned tickets to the teams as needed, depending on the issue
- Good Knowledge on different storage technologies like DAS, NAS and SAN
- Worked on resource management framework like creation resource pools, adding the VMs into resource pools
- Worked on VMware clustering like HA and DRS clusters using Virtual Center
- Expertise in Information Security policies, securing the network and Network Security
- Configure Alarms, Host profiles, Scheduled Tasks, Distributed Power Management(DPM) and Fault Tolerance(FT)
- Worked on Cloning and snapshots
- Also worked on vCenter Update manager plugin for patch management
- Worked on Migration concepts like vMotion, Storage vMotion and cold migration
- Creation of templates from VMs and Creation of VM' v s from templates
- Configuration of vCenter 5.0 new features like Storage DRS(SDRS), vSphere Web Client 5.0 and Storage profiles
- Worked on Network IO Controller(NIOC), Storage IO Controller(SIOC) and Auto deploy
- Strong knowledge on VMware Networking, Storage and configuration commands
- Deployed Identity Access Management tool (SailPoint) with Multi factor authentication (RSA)
- Installation, maintenance and up gradation of various networks involving various types of network operating systems like WinNT 4.0, XP, 2000 and Win2003 Enterprise Edition
- Setup, Modify & Managing User/Group Accounts by assigning permissions
- Installing and configuring DNS Windows 2003, Windows2003 Active Directory Service
- Remote Administration by implementing Terminal Services
- Strategic planning of the network
- Maintenance of the LAN & WAN
- Troubleshooting Windows, Mac and Linux
- Managed the performance of the software and network
- Set up Internet and LAN in Windows NT/2000
- Managed remote Access issues
- Supported Users with technical issues
- Performed Interactive, Network based Installation
- Managed Backup and Restoration operations
Information Security Analyst
TECHIM.CA
ON
07.2018 - 04.2022
- Implemented security policies, streamlined Information Security and successfully adhered to SLA's.
- Managed organization's Sophos antivirus solution, monitored suspicious activity in the console, reviewed and responded to alerts, configured and ensured daily signature updates, and applied requested and necessary exclusions/exceptions.
- Configured Cortex XDR and deployed in on to the endpoints. Fine-tuned the alerts on the Cortex XDR to minimize false positive Configured Cortex XDR and deployed in on to the endpoints. Fine-tuned the alerts on the Cortex XDR to minimize false positive.
- Conducted investigations of security alerts by analyzing logs from firewalls (Palo Alto) and incident response systems (Cortex XDR).
- Continuous monitoring using network applications, DLP, SIEM, IDP/IDS, and trending of security-relevant data sources.
- Performed advanced persistent threat correlation between multiple security event sources, such as firewall and SIEM logs, threat intelligence feeds, anti-virus, and malware.
- Worked on different VMware products like VMware workstation, GSX/VMware server.
- Conducted accurate evaluation of the level of security required when requests were made by other team members and ensured that appropriate security measures were in effect to maintain an appropriate level of security confidentiality, integrity, and availability.
- Worked on Remote Administration by using VMware server.
- Supporting and mentoring the team. Conducting training sessions for all the employees, introduced continuous learning to encourage the team to go the distance.
- Implement Duo MFA for all accounts; including the service accounts utilized for RDP sessions and external vendor accounts. Continuously audit users in the bypass groups and authorized networks within Duo console, as well as ensure proper Duo and AD synchronization.
- Assigning tickets to the teams as needed, depending on the issue.
- Assisted in SOC 2 Type I & II audits, ensuring compliance with AICPA Trust Service Criteria (TSC), including Security, Availability, and Confidentiality.
- Worked closely with external auditors to provide evidence, address findings, and remediate gaps in security controls.
- Worked on resource management framework like creation resource pools, adding the VMs into resource pools.
- Created and maintained documentation for procedures and process improvements.
- Expertise in Information Security policies, securing the network and Network Security.
- Deployed Identity Access Management tool (SailPoint) with Multi factor authentication (RSA)
- Maintaining and creating user accounts and groups by assigning permissions.
- Deployed KB4 for user training by using SAML integration with Azure.
Education
Bachelor of Engineering - Information Technology
JNTU
Hyderabad, India06-2015
Skills
- Microsoft AD and Azure AD
- Network management (LAN, VLAN, WAN)
- Security tools (RSA SecurID, VMware, Cisco)
- Vulnerability scanning and assessment
- Endpoint protection and security
- Threat intelligence and analysis
- Incident response management
- Cloud security solutions
- Risk assessment strategies
- Information security policies
- Threat analysis
- Problem solving
- Software deployment
- Network monitoring
- Two-factor authentication
- Vulnerability assessment
Timeline
Cyber Security Analyst
Southlake Regional Health Centre
06.2024 - Current
Information Security Analyst
Scotia Bank
04.2022 - 03.2024
Information Security Analyst
TECHIM.CA
07.2018 - 04.2022
Bachelor of Engineering - Information Technology
JNTU
Similar Profiles
Zolal KazimZolal Kazim
Student Practical Nurse - Surgical Unit at Southlake Regional Health CentreStudent Practical Nurse - Surgical Unit at Southlake Regional Health Centre
Vanessa AirdVanessa Aird
Or Bookings at Southlake Regional Health CentreOr Bookings at Southlake Regional Health Centre
Denise KeskikylaDenise Keskikyla
Registered Nurse - CICU, RAU, MACU & Medicine 6 at Southlake Regional Health CentreRegistered Nurse - CICU, RAU, MACU & Medicine 6 at Southlake Regional Health Centre
Thanh Xuan (Cameron) PhamThanh Xuan (Cameron) Pham
Registered Practical Nurse at Southlake Regional Health CentreRegistered Practical Nurse at Southlake Regional Health Centre
Venkat MuruganVenkat Murugan
Associate Director, Murex Business Specialist at RBC Capital MarketsAssociate Director, Murex Business Specialist at RBC Capital Markets