Nishanth Menothparambil

Cybersecurity Strategy and Azure Cost
Optimization: Directed a large-scale Azure
infrastructure optimization project,
achieving over 40% cost reduction while
elevating security posture and operational
efficiency.
• Application Security Enhancement:
Architected Web Application Firewall
(WAF) with OWASP policies and
IP/geolocation-based rules, strengthening
the security of critical applications and
mitigating attack vectors.
• Firewall and VPN Security Management:
Oversaw firewall administration,
implementing least-privilege access
policies and enforcing multi-factor
authentication (MFA) for SSL VPN.
Developed robust processes for secure IPSec tunnel setup, enhancing cross-network
security.
SSL and Digital Certificate Administration:
Led secure digital communication
initiatives through SSL certificate lifecycle
management, ensuring encryption
standards across digital channels.
• Vulnerability Management and
Remediation: Executed monthly
vulnerability scans using Qualys and
Acunetix, systematically reducing
vulnerabilities to zero within two years and
bolstering the cybersecurity resilience of
key applications.
• Cybersecurity Testing and Exercises:
Supported annual Vulnerability Assessment
& Penetration Testing (VAPT), Red Team
exercises, and bug bounty programs to
identify security gaps and proactively
implement protective measures.
• Audit and Compliance Management:
Conducted comprehensive audits of
service principles, account expiration, and
password policies, maintaining regulatory
compliance and robust security hygiene
across the enterprise.
• Identity and Access Management (IAM):
Spearheaded CyberArk integration and
enforced IAM protocols, reducing attack
surfaces by bringing 90% of applications
under Single Sign-On (SSO) with MFA
requirements.
• Defense-in-Depth Implementation: Applied
multi-layered defense strategies across
Office 365, cloud applications, and
endpoints, reducing attack exposure
across platforms.
• Network Security and Segmentation: Led
network segmentation through VLAN and
subnetting implementations, strengthening
network access control and enhancing
internal security.
• Network Access Control (NAC) with AAA
RADIUS: Deployed RADIUS for NAC,
including secure wireless authentication, ensuring rigorous access control across
network endpoints.
• Conditional Access Policies: Developed
and enforced conditional access policies
to establish comprehensive control over
access management and endpoint
security.
• Cloud Local Administrator Password
Solution (LAPS): Implemented Cloud LAPS,
ensuring secure and compliant local
account management practices.
• Database Vulnerability Management:
Utilized Scuba Database Vulnerability
Scanner to identify and mitigate database
vulnerabilities, safeguarding critical data
assets.
• Cyber Threat Intelligence and Monitoring:
Leveraged Intrinsec for proactive threat
intelligence, encompassing data leak
detection, asset monitoring, brand
protection, and risk anticipation.
• ISO 27001 Certification and ISMS
Development: Achieved ISO 27001
certification through the development of
an Information Security Management
System (ISMS), establishing a formal
cybersecurity framework for the
organization.
• Policy and Incident Response
Development: Developed policies, incident
response processes, and reporting
mechanisms, optimizing operational
efficiency and ensuring effective incident
handling.
• Security Operations Center (SOC)
Management: Collaborated with Microsoft
XDR to fortify SOC functions, reducing false
positives and refining detection algorithms
to strengthen threat response

• Administering Data Center
• Administering VM-Ware cluster
• Managing Microsoft Win 2003, 2008, 2012 Servers
• Installing and administering Mail Servers using Exchange 2003/2007/2010 in Multi-Domain Environment
• Experienced in troubleshooting network connectivity problems
• Design, build, and maintain Local Area Network and Wide Area Network Designing, implementing, and maintaining Active Directory Domains
• Designing, Configuring, and Troubleshooting DHCP, DNS, WINS in routed environments Designing, implementing, and maintaining Active Directory Domains
• Installing and Configuring Firewalls of different vendors like Cisco, FortiGate, SonicWALL Publishing
• Mail and Web servers on the Internet
• Managing Backup servers using Symantec Backup Exec, SonicWALL CDP Devices
• Managing Anti-Virus Servers Symantec, McAfee, Trend Micro
• Installing and configuring Spector-Soft Network Monitoring Solutions

• Maintain helpdesk support for user-level issues
• Responsible for troubleshooting remote user issues through RDP technologies
• Conducts site inspection for IT requirements
• Maintains and updates IT Inventory
• Formatting and re-installing Operating Systems and software
• Troubleshooting Desktop, Laptop related issues
• Support Desk Engineer for issues related to printing scanning