| Contact Information | |
| Name: | Mukesh Kumar Singh |
| Email: | singh.mukeshkr (at) gmail (dot) com [email concealed] |
| Location: | Noida, Uttar Pradesh, India |
| Resume | |
| Position/Title: | Security Consultant |
| Resume: |
Mukesh Kumar Singh Date of Birth: 13-11-1978 mailto: singh.mukeshkr (at) gmail (dot) com [email concealed] Mobile:+91-XXXXXXXXXX http://www.linkedin.com/in/mksingh SUMMARY: •Wanted to pursue a challenging position in Information Security. •Certified Ethical Hacker (ECC922790). •ISO 27001 LA •BS 25999 - Implementation(BCMS) •Having around 4+ years of experience in Cyber/Internet Security including the following: •Security Incident Handling •Vulnerability Assessment and Penetration Testing •Compromised System Log Analysis and Live System Analysis •Operating System minimization(Linux) and Hardening •System Administration and Security Configurations EDUCATIONAL SUMMARY: •Master of Science in Information Technology(MSc IT) 2003 Makhanlal University, Bhopal (M.P.). •Bachelor of Computer Applications(BCA) 2001 Z.H.I Patna. Makhanlal University, Bhopal (M.P.). •Diploma in System And Database Administration(DSDA) 2004 Center for Development of Advance Computing Noida CERTIFICATIONS: •Certified Ethical Hacking(CEH-ID- ECC922790) •BS 25999 Business Continuity Planning(BCMS) Implementation •ISO 27001 LA •Certified Information Security Auditor(scheduled: December 2008) •Preparing for Certified Information Systems Security Professional(CISSP) WORK EXPERIENCE: Sr. Consultant-MSSP / SOC-In-Charge Jan 2008 – July 2008 SecurView, Pune. Responsible for developing, maintaining and improving information security procedures including creating the strategy and processes to monitor and protect client’s and partner data, information systems. Some of the key responsibilities are as follows: •Overall SOC Operations delivery •Managing remote diagnostic and support services •Delivery of overall Project SLAs and ensure that the clients are informed about critical incidents 24 X 7 X 365. •Incident & Problem Identification, Escalation and Management. •Change management, logging and implementation •Vulnerability Assessment Project Engineer/Scientist-B July 2004 – Jan 2008 C-DAC Noida (www.cdacnoida.in) ISP/Data center, C-DAC March 2007 – Jan 2008 Center for Development of Advance Computing (C-DAC) is one of the premier Scientific Research & Development organizations under Ministry of Communication and IT, Govt. of India. The organization is also a major Internet Service Provider in the NCR region. C-DAC is a CLASS C ISP, having 300+ clients within NCR region. Role & responsibilities: •Vulnerability assessment of servers and network infrastructure •Monitoring and Handling Security Incidents and providing security countermeasures •Regular log analysis and finding the exploitation attempts •Recommend appropriate remediation steps to the NOC Team •Writing Security Policies and Guidelines for internal use •OS/Server Hardening and security Configurations Member Technical Staff/Scientist-B Cert-In (www.cert-in.org.in) Indian Computer Emergency Response Team July 2004 – March 2007 Worked as a Team Leader of the ‘UNIX Working Group’ and was responsible for providing technical leadership in securing the Linux infrastructure and handling different security issues and was responsible for development of ‘Standard Operating Procedures’ for Security Incident Handling. The major responsibilities are to ensure the following:- Role & responsibilities: •Managing TRIAGE(Incident Management System) and handling security incidents reported to CERT-In and developing countermeasures •Compromised System Log Analysis & Live system Analysis •Log analysis and finding the hacking attempts for security incidents reported to CERT-In •System forensics with the help of open source tools including dd, The Coroner's Toolkit(TCT), Sleuth kit & Autopsy browser and many other tools •Threat Monitoring and publishing security alerts/notes/advisories •OS Hardening and Security Configurations •Co-coordinating vendors on current and ongoing security issues. •Writing Security white papers and Guidelines. •Evaluation different security tools & techniques LECTURES & PUBLICATIONS: 1.Written following white papers/guidelines •“RedHat Enterprise Linux V3 Minimization and Hardening”.(Available at http://www.cert-in.org.in) •“Steps for Recovery from a Compromised LINUX System”, CERT-In. •“Rootkits and Countermeasures”, CERT-In. •“Detecting hacking Attempt/Attacks through Log Analysis” CERT-In. •“SSH Brute Force Attacks and Countermeasures”, CERT-In •“Steps for Recovery of Deleted Log files from a Compromised Linux system”. 2.Delivered lectures and demonstration of various hacker tools and rootkits including Hacker Defender Root kit(Windows) and t0rn Root kit(Linux) on various training programs including 'Malicious Code Trends and Countermeasures' workshop(available at http://www.CERT-In.org.in). ACHIEVEMENTS •Created a standard guideline for ‘Detecting hacking Attempt/Attacks through Log Analysis’ •Created standard guidelines for ‘Live System Analysis’. •Successful Log Analysis of multiple Compromised Systems. •Chess Champion MCU, Bhopal, 2002. |