Rishabh Addu
Toronto,ON
Summary
Highly organized, customer-focused, and result-oriented IT security professional with over 4.5 years of experience in information security. Expertise in cyber security, Microsoft security, Azure cloud security, threat management, SIEM, Security Operations, Endpoint Protection, Identity and Access Management, Business Analysis, network engineering, risk management and strategy, vulnerability assessment, project management, and technical analysis.
Overview
5
5
years of professional experience
1
1
Certification
Work History
Security Analyst Intern
iA Financials Group
Oakville, ON
05.2024 - Current
- Developed use cases, rules, reports, and dashboards in accordance with business and security requirements.
- Implemented effective logging and monitoring strategy by categorizing log sources, prioritizing them according to security value and business requirements, and configuring appropriate levels of logging and ingestion mechanisms.
- Capturing current CSOC tools and services, identifying gaps, and providing recommendations to procure new tools
- Reviewing existing Sentinel data connectors and correlation rules and providing enhancement recommendations to reduce false positives and improve detection coverage
- Identifying risks, threats, compliance, and monitoring requirements and providing use case recommendations
- Developed MS Sentinel playbook automation using Logic Apps to enrich and respond to incidents to reduce response time and manual efforts
- Collaborated with various stakeholders and teams for requirements gathering to create incident response plans and forensics.
Security Analyst-Intern
CIBC
08.2023 - 12.2023
- Designed and implemented Microsoft Defender solutions such as Defender for Office365, Defender for Endpoint, Defender for Identity
- Onboarded devices to Defender for Endpoint (EDR) solutions using various methods such as local script, Group Policy
- Identify and report on information security risks, threats, vulnerabilities and breaches and make recommendations on remediation opportunities to manage risks
- Configured policies with Defender for Endpoint such as AV, EDR policies
- Improved security posture of organizations by implemented security configurations and controls based on the Azure Benchmark and service baseline best practices and recommendations
- Enforced least privilege and need to know principles by defined RBAC model to securely access cloud resource
- Implemented Defender for Cloud to secure cloud infrastructure for PaaS and IaaS such as Defender for Server, Storage, Databases, Storage, and Key Vault
- Designed Azure Sentinel and Log Analytics solutions and migrated from on-prem SIEM to Sentinel SIEM
- Conducted cloud security assessment aligned to Cloud Controls Matrix (CCM), NIST and Azure Benchmark to identify gaps and provided recommendations and roadmap
Security Consultant
Security Geeks
Toronto, Canada
03.2023 - 08.2023
- Designed, architected, and implemented SIEM solutions (QRadar, Microsoft Sentinel).
- Implemented MS Defender solutions (Defender for Endpoint, Office365).
- Created and implemented security policies and configurations based on best practices and compliance requirements.
- Mapped security controls to frameworks such as CSA, CCM, NIST, CIS, and Azure Security Benchmark.
- Integrated Azure sources with Sentinel and other SIEMs for correlation, security monitoring, alerting, and reporting.
- Developed and configured use cases in SIEM to detect suspicious and anomalous activities.
- Performed vulnerability and threat assessments, SIEM, SOC, Risk and Vulnerability assessments, and gap analysis.
Senior Security Analyst
Inspira Enterprise Ltd - MSSP
Mumbai, MAHARASHTRA
07.2021 - 11.2022
- Developed and configured use cases in SIEM to detect suspicious and anomalous activities such as detecting misconfigurations, shadow IT, insider threats, and unauthorized access.
- Performed vulnerability and threat assessments to identify, classify, prioritize, and provide recommendations for remediating vulnerabilities and mitigating risks.
- Conducted SIEM, SOC, Risk, and Vulnerability assessments, performed gap analysis, and developed strategies to transform and mature Security Operations.
- Managed 24/7 support for SOC operations, ensuring a smooth transition from remote to onsite support, and received client appreciation.
- Optimized Event Per Second (EPS) in SIEM by filtering out less critical events, ensuring EPS remained under the threshold limit, and received client appreciation.
- Suggested and implemented a malicious file extension blocking policy on proxy for all users.
- Created over 20 SIEM rules according to NIST standards tailored to the client environment.
- Awarded twice in a calendar year by IBM delivery head for outstanding performance and client appreciation.
Information Security Analyst
NTT
Mumbai, Maharashtra
12.2019 - 07.2021
- Worked in a 24x7 Security Operation Center (SOC) environment, monitoring security systems, performing log analysis, raising alerts, and managing incidents.
- Utilized Symphony Ticketing tool for incident reporting and tracking, ensuring compliance with the escalation matrix to avoid SLA breaches.
- Conducted proactive threat hunting based on Indicators of Compromise (IOCs) received from threat intelligence.
- Prepared daily and monthly reports on event data and the health status of security devices and connectors.
- Developed Standard Operating Procedures (SOPs) and runbooks for new joiners to summarize processes.
- Received multiple appreciations, including from the manager and clients, for managing transitions, handling daily BAUs without escalations, and taking proactive actions on IOCs.
Education
Post Graduate Diploma - Cyber Security And Computer Forensics
Lambton College of Applied Arts And Technology
01-2023
Bachelor in Electronics & Telecommunication Engineering- - Computer Science
Vivekanand Education Society Institute of Tech
05-2019
Skills
Cloud Platforms: Microsoft Azure, AWS
SIEM & Security Detection: Azure Sentinel, IBM QRadar, PhishER, ProofPoint, FortiSOAR, Tanium
UBA/UEBA: Microsoft Sentinel, QRadar User Behavior Analytics
Endpoint Protection/EDR: McAfee, MS Defender for Endpoint
Identity & Access Management: Azure Active Directory, Azure Privileged Identity Manager, Role Based Access Control (RBAC),
Security Logging and Monitoring: Azure Monitor, Log Analytics Workspace, Sentinel
Email Security: Defender for Office365, KnowB4
Endpoint Protection: CrowdStrike, Microsoft Defender for Endpoint
CASB: MS Defender for Cloud Apps
Scan and vulnerability tools: Nmap, Nessus, Qualys, MS Defender for Endpoint
Strong MS Office skills – Word, Outlook, Excel, and PowerPoint
Certification
• CompTIA CASP+
• CompTIA CySA+
• Microsoft Azure Security Engineer Associate AZ-500
• Microsoft Security Operations Analyst SC-200
• Azure Sentinel Ninja Training
• Microsoft Defender for Endpoint Ninja Training
Timeline
Security Analyst Intern
iA Financials Group
05.2024 - Current
Security Analyst-Intern
CIBC
08.2023 - 12.2023
Security Consultant
Security Geeks
03.2023 - 08.2023
Senior Security Analyst
Inspira Enterprise Ltd - MSSP
07.2021 - 11.2022
Information Security Analyst
NTT
12.2019 - 07.2021
Post Graduate Diploma - Cyber Security And Computer Forensics
Lambton College of Applied Arts And Technology
Bachelor in Electronics & Telecommunication Engineering- - Computer Science
Vivekanand Education Society Institute of Tech
Similar Profiles
Rey AlanizRey Alaniz
Owner at IA Group / Independent Adjuster GroupOwner at IA Group / Independent Adjuster Group
Opeoluwa AjayiOpeoluwa Ajayi
Business Development Manager at World Financial Group IA, LiT GroupBusiness Development Manager at World Financial Group IA, LiT Group
MICHAEL R. HAMILLMICHAEL R. HAMILL
Senior Claims Adjuster at IA American Warranty GroupSenior Claims Adjuster at IA American Warranty Group
Sinthuja VijayarajSinthuja Vijayaraj
Intern Waitress at Cibo Wine BarIntern Waitress at Cibo Wine Bar
Salman ValimohamedSalman Valimohamed
Project Manager / Social Media Manager at Waveform Entertainment IncProject Manager / Social Media Manager at Waveform Entertainment Inc