KAVAN NARIA

Email: Kavan384@gmail.com
Contact: 929 459 – 8188
GC Holder

SUMMARY:
▪ Results-driven professional with over 7 years of proven expertise in AWS Cloud Security and Networking,
positioned to excel as a Cyber Security (ISSO) /Cloud Security Engineer/Security Engineer
▪ Experience working in and collaborating with Network/ Endpoint Security, SOAR, CSIRT, Cloud Security, Platform
Security.
▪ With over 5 years of working experience with Cisco, Palo Alto, Microsoft 365 Defender, Microsoft Defender,
HP(Aruba) Switches, One Login, Intrusion Prevention System (IPS), F5 LTM WAF, McAfee, Trend Micro, Symantec
WSS (Web Security Services), Azure and AWS Security, GCP (Google Cloud Platform) Bluecoat Proxy.
▪ Extensive working knowledge of Cisco ASA 5500 series firewalls, Check Point, and Palo Alto Firewalls.
▪ Explore and Enhanced Investment capacity leading to process efficiencies to reduce costs.
▪ Hands-on Experience in handling Microsoft 365 Security MS Defender.
▪ Analyze, troubleshoot, and investigate security-related, information systems anomalies based on security platform
reporting, network traffic, log files, and host-based and automated security alerts.
▪ Examined and triaged the security vulnerabilities generated by Burp Suite and eliminated false positives.
▪ Collaborated in the maintenance of relevant systems and processing documentation.
▪ Establish and retain a robust functioning association with all team members.
▪ Provision Azure resource Firewall for SQL server/database in Azure. Hands-on experience implementing Data
encryption for Azure SQL database.
▪ Event monitoring, analysis, and reporting to alerts from the following security tools: Prisma Palo Alto, FireEye,
Rapid7, and Securonix SIEM.

EDUCATION:

Bachelor’s in electronic and communication Engineer (ECE)

KEY STRENGTHS:
▪ IT Business/Strategic Planning
▪ IT Governance
▪ MITRE ATT&CK Framework
▪ Security Architecture & Eng.
▪ Cyber Threat Intelligence
▪ Disaster Recovery/Business Continuity Planning
▪ Cloud Architecture & Security
▪ Mentoring

PROFESSIONAL EXPERIENCE

Lululemon, Remote October 2022 - Present

Cloud Security Engineer

Responsibilities:

▪ Managed and administered Zscaler Internet Access (Web Proxy) and Windows Defender Advanced Threat
Protection (WDATP)
▪ Endpoint Detection and Response (EDR) is a cybersecurity solution to detect and respond to advanced threats and
 security incidents on endpoints.
▪ Conducted vulnerability testing using tools like Nessus, Rapid 7 and analyzed reports.
▪ Working Incidents, mitigating threats, and Threat Hunting for Microsoft Sentinial using Microsoft 365 Defender.
▪ Upgraded Zscaler app for end-user systems, configured App profile, and forwarding profile, and created task
schedulers for onboarding devices to Defender ATP.
▪ Provided technical guidance and training to junior team members on Palo Alto firewalls, enhancing their
knowledge and skillset.
▪ Worked on installing and configuring instances/virtual machines on AWS/Azure clouds.
▪ Having Prisma Experience and Policy update for Prisma Cloud.
▪ Implementation of secure web gateway using Zscaler Internet Access (ZIA) to protect against web-borne threats
and enforce web usage policies.
▪ Deploying and configuring Azure Application Gateway to load balance web traffic across multiple backend servers
and configured backend pools, backend HTTP settings, and health probes for optimal performance.
▪ Utilized Vulnerability scanning tools (Tenable Nessus, Rapid 7, Burp Suite) on web/mobile applications to detect
and remediate security vulnerabilities.
▪ Troubleshoot issues with onboarding of devices, provided vulnerability reports to other teams for remediation and
resolved issues with Defender updates and services.
▪ Involved in Malware detection using Tanium Connect and gathering threat intelligence from the endpoint for rapid
7 and effective identification of systems compromised by known viruses, Worms.
▪ Implemented SOAR for finding vulnerability to cyber threats with frequent unauthorized access attempts and
prevent the same.

AmerisourceBergen, Remote April 2021 – September 2022

Cloud Security Engineer

Responsibilities:

▪ Provided guidance on security architecture for the Operational Technology domain including Implementation and
Continuous Assessment of MITRE ATT&CK Framework by identifying patterns & trends within attack and incident
data for predictive analysis and strategic forecasting.
▪ Implementation of a comprehensive Cyber Threat Intelligence Program, Adversary Emulation Program with a
defined cadence of activities, Threat Hunting Program, Cyber Threat Taxonomy Standard, Insider Threat Behavior
Analytics, Bi-annual Table-top exercise for the CISO organization and specific CIS Controls.
▪ Implemented vulnerability management (VM) processes and Nexpose Rapid 7, Burp Suite and security solutions.
▪ A firm grasp on Cloud Service Provider/Customer Shared Security Responsibility across SaaS, PaaS, and IaaS Service
Models and Public, Private, and Hybrid Deployment models.
▪ Active involvement in Security Architecture and integration for hybrid Cloud deployment leveraging on-prem Data
centers with AWS, GCP & Azure.
▪ Phased footprint reduction for On-Prem Data Centers and migration to Public Cloud.
▪ Participated and provided input in vision building, leadership, and development of the Governance, Risk and
Compliance (GRC) program.
▪ 100% participation and completion of mandatory bi-annual Security Awareness Training.
Conduent, Austin, TX June 2019 – April 2021
SME Cyber Security

Responsibilities:

▪ Drove staff training sessions and enforce IT processes to ensure consistency with cyber security standards.
▪ Onboarded Azure-Prisma 90+ Subscriptions for monitoring and system hardening for CSPM and CWPP capability.
▪ Identified and Remediated 10K+ alerts for required Business Unit across the Organization for meeting 90%+
▪ Compliance standard.
▪ Trained and Mentored 5 Accenture associates on severity 1 and 2 incidents across the cloud infrastructure
(Incident handling, Misconfigurations, Anomalies) etc.
▪ Build Incident Response Threat Model to monitor detection systems for anomalies and internal abuse.
▪ Build out Cyber Defense Organization by optimizing tools such as Prisma Palo Alto (CSPM), Rapid7 (Divvy Cloud),
Dazz, SIEM tool Securonix all deployed in cloud instances.
▪ Collaborated for tuning and development of security information and event monitoring systems (SIEM) use cases
and other security control configurations to enhance threat hunting capabilities.
▪ Performed assessment and security evaluation for systems and log/ event correlation with network component
baselining.
▪ Developed detailed documentation regarding each event including timelines, affected systems, impacted users,
root cause analysis, lessons learned, etc.
▪ Applied Security Information and Event Management (SIEM), Intrusion Detection & Prevention (IDS / IPS), Data
Leakage Prevention (DLP), forensics and malware analysis tools.

TJX Companies, Marlborough, MA June 2018 – May 2019

Cyber Security Analyst

Responsibilities:

▪ Analyzed, troubleshot, and investigated security-related, information systems’ anomalies.

▪ Monitored and analyzed output and performance of network and host-based security platforms including
Vulnerability scanning systems and tools, Network-based Intrusion Detection/Prevention Systems (IDS/IPS), Host-
based Intrusion Detection/Prevention Systems (HIDS/HIPS), Security Information & Event Management (SIEM)
platform, Data Loss Prevention (DLP).
▪ Executed routine and ad-hoc vulnerability scans and other tests to verify system security settings and
configurations.
▪ Collected data on Attacks to help SOC engineers create reports for auditing purposes.
▪ Ensured the SOC analyst team provides excellent customer service and support.
▪ Configured AWS Control Tower in multi-account environment and developed custom Guardrails to prevent and
detect non-compliance with security best practices.
▪ Executed, organized, and distributed reoccurring and ah-hoc reports for network and host-based security solutions.
▪ Managed Endpoint Security with various endpoint security tools such as McAfee and Symantec.
▪ Assigned Risk assessment using Industry standards like NIST Rev5, HIPPA, PCI/DSS and develop Security policy as
per these standards projects.
Solera Holdings, Austin, TX Sep 2016 – June 2018
Cyber Security Engineer/Analyst

Responsibilities:

▪ Reviewed and Validate the User Access Compliance on a quarterly basis.

▪ Reviewed the requirements for privileged access on an everyday basis and provided recommendations.
▪ Reviewed and validated the privileged users and groups at Active Directory, Databases, and application on a
periodic basis.
▪ Documented information security guidance in step-by-step operational procedures.
▪ Performed a threat analysis and hunting on the new requirements and features.
▪ Established and improved the processes for privileged user access request.
▪ Reviewed firewall rules and policies in web proxy.
▪ Highlighted the user access and privileged user access risks to the organization and providing remediation. plan.

Hospira, Lake Forest, IL Feb 2015 – Aug 2016

Cyber Security Engineer

Responsibilities:

▪ Maintained Security configuration, audit, and management of applications and databases. Leading security incident
investigations, including basic forensic analysis and reporting.
▪ Administered access to information resources and provisioned timely detection, reporting, and analysis of actual
and attempted unauthorized access to information resources.
▪ Developed a procedure for testing disaster recovery plan.
▪ Excellent written and verbal communication skills. Ability to create, update and maintain technical Documentation.
Ability to work independently. Experience with ServiceNow.
▪ Provided guidance and policy regarding the administration of all computer security systems and their
corresponding or associated software, including endpoint security, intrusion detection systems etc.
▪ Participated in strategic security relationships between internal resources and external entities, including
government, customers, vendors, and partner organizations.