Summary
Work History
Education
Skills
Certification
Technologies
Additional Information
Timeline
Generic
Divya Bharathi Narayanan

Divya Bharathi Narayanan

Cyber Security analyst
Chennai

Summary

Results-oriented cybersecurity professional with over 5 years of experience in multinational and Fortune Global 500 companies. Strong academic and professional background with a track record of delivering effective solutions. Skilled in leadership, team motivation, and development. Excellent communicator with high integrity, adept at building relationships and collaborating with clients, colleagues, and stakeholders. Experienced in L1 and L2 SOC monitoring, vulnerability assessment, malware and phishing analysis, endpoint security incident response, and Splunk. Contributed to implementing controls in ISO 27001 Information Security Management Systems, documented processes for ISO 22301 Business Continuity Management Systems, and possess foundational knowledge of Industrial Automation Control Systems in Operation Technology (OT) environments.

Work History

Cyber Security Analyst

Tactix Sener Group
09.2023 - 09.2024
  • Company Overview: Tactix is an infrastructure advisory firm, delivering innovative engineering solutions across mass transit, rail, and road projects.
  • Provided L1 and L2 IT support to 250+ Tactix Sener users in Australia, addressing various IT issues, assisting with equipment setup and deployment, and delivering onboarding and offboarding support while managing an average of 30 daily end-user tickets.
  • Collaborated with senior consultants to complete the design documents related to Operational Critical Data Network and Passenger Information for Transport of NSW using Visio.
  • Collaborated with senior consultants to develop security policies, including Access Controls policy, Password construction guidelines, Password Management policy in alignment with industry standards IEC 62443 for Transport for NSW.
  • Created architecture design in Revit for the Cybersecurity Operations Centre incorporating SIEM and NIDS for the Sydney Metro Western Sydney Airport.
  • Mapped NIST controls to IEC 62443 for the Melbourne Metro Tunnel project.
  • Collaborated with senior consultants to complete the risk registry and conducted 5 Risk Assessment workshops.
  • Conducted zone-level security assessments for ICS Security based on the Purdue Model.
  • Assisted in the implementation of CyberArk and Splunk solution alongside a Senior Consultant, gaining hands-on exposure to privileged access management and security monitoring.

Systems Engineer

Extranet Systems
07.2022 - 08.2023
  • Company Overview: Extranet Systems is an information technology and services company that operates in Australia, Bahrain, and Egypt.
  • Conducted vulnerability assessments using Horizon3.ai and Nessus Scanner for the client Illawarra Retired Trust (IRT Age Care) Group.
  • Managed and monitored Cisco Meraki networks and provided detailed traffic reports to management.
  • Installed wiring, cabling, and devices to establish, repair, and improve network operations across all IRT branches.
  • Provided system admin support for 30+ users for the client ACT XM.
  • Deployed IoT sensors with Milesight LoRaWAN People Counters to enhance foot traffic monitoring in Westfield Bondi Junction.
  • Integrated Group Policies with Azure AD for user and device management.
  • Configured and managed Group Policy settings to align with Teramind integration for the client ACT XM.
  • Deployed Teramind agent to all ACT XM users, set up group policies and monitored the system, sending automated Teramind security reports and device status and backup status report to the managing director.
  • Conducted vulnerability assessments on Web applications using OWASP ZAP, Burp Suite, also manual test for common vulnerabilities such as Reconnaissance, SQL injection, XSS, CSRF, File inclusion, analyzing error messages, who is Lookup, Port scanning and documenting the findings.
  • Used VMware to perform upgrades, installations, configurations, and testing.
  • Provided administrative support as required.
  • Investigated alerts from endpoint detection tools regarding potential malware infections, coordinating with the security team for immediate remediation and threat mitigation.
  • Researched and analyzed new cybersecurity breaches and affairs, staying updated on the latest threats and trends.
  • Replaced all Aerohive switches with Cisco switches across all NSW Illawarra Retired Trust Aged Care branches.
  • Deployed Acronis Cyber Protect Cloud backup solutions for client ACT XM, integrating their Google Workspace organization.
  • Integrated Teramind and set up the group policies like DLP, blocking unwanted websites for ACT XM.
  • Implementing a security awareness training program that significantly improved employee awareness of phishing threats, resulting in a 25% decrease in successful phishing attempts.
  • Analyzed server resource usage through monitoring tools called Zabbix to identify processes causing performance degradation. Coordinated with the application team to optimize configurations and scaled up server resources as needed.

Associate Security Analyst Intern

Securemation
03.2022 - 06.2022
  • Company Overview: Securemation is an expert cybersecurity, IT and OT solutions, focusing on strategy, managed services, and risk management.
  • Conducted monthly vulnerability management report for 30+ endpoints and servers using Rapid7 InsightVM and patched on the basis of critical, high, medium severity.
  • Checked the organization complied with the Essential 8 mitigation strategies for the ACSC – ISM and implemented backup mitigation for hourly.
  • Created Statement of Applicability based on Risk Assessment.
  • Completed documents like Scope of the ISMS, RACI matrix, Evidence of Competence, Information security Policy.
  • Prepared and conducted Security Risk and Threat assessments for ISMS.
  • Created and calculated Risk Treatment Controls based on the Risk assessment for ISMS.
  • Prepared and monitored organizational ISMS 27001 Gap analysis.
  • Identified some of the risks inside the organization and helped the team to mitigate them, improvement opportunities and provided feedback to management.
  • Led review meetings for risk assessments with the team for ISMS.
  • Led the preparation and execution of Security Risk and Threat assessments for ISMS.
  • Completed all mandatory documentation for the organization, ensuring full adherence to regulatory and internal security requirements.

Security Analyst

TNQTech
11.2019 - 12.2021
  • Company Overview: TNQ is an AI-driven content services, IT consulting, managed services, and cybersecurity solution for leading publishers.
  • Provided 24/7/365 availability for L1 and L2 SOC monitoring, conducting regular checks on tickets to assess and address potential security threats.
  • Deployed Carbon black, Crowdstrike Falcon to more than 1500+ endpoints and resolved 35+ daily Antivirus ticket.
  • Conducted monthly vulnerability assessments for 650+ devices, including Windows servers, Linux systems, network devices, web servers, public facing websites and services.
  • Managed monthly patch management processes, utilizing the PDQ tool for vulnerability fixes, consolidating assessment reports, and delivering actionable recommendations to relevant teams; conducted VA meetings with the domain owners.
  • Collaborated with the senior managers implemented Crowdstrike Falcon and Carbon black solutions for 1500+ devices.
  • Monitored Carbon black Triage for threat detection, handled the ticket related to security incidents.
  • Collaborated with the team to implement the vulnerability assessment tools such as Tenable Nessus.
  • Coordinated with third-party vendors for annual penetration testing.
  • Created dashboards on Splunk, created separate index for Firewall logs, AV logs, System logs, Application logs, Authentication logs, Intrusion Detection/Intrusion Prevention logs.
  • Monitored network activity using Wireshark and Burp Suite.
  • Blocked USB to all endpoints for data loss prevention through Symantec, CrowdStrike.
  • Coordinated with the firewall vendor for cases and escalations.
  • Provided access to the users based on the least privilege policy with centralized Active Directory system.
  • Created and maintained risk management registers for unresolved or known vulnerabilities, including mitigation and escalation of unresolved vulnerabilities.
  • Conducted research on new and evolving threats and vulnerabilities through security blogs to stay updated on the latest cybersecurity developments.
  • Provided cybersecurity awareness training to new employees, promoting best practices and security protocols.
  • Helped the ISMS team to complete the documents like Antivirus policy, Access Control Policy, Patch Management Policy, Change Management Policy, Backup Policy, Incident Response plan, Monitoring and Logging Policy, Security Awareness training records, Non-Conformities and Corrective Actions in ISO 27001.
  • Contributed to the BCMS team to complete the documents like Business Continuity Policy, Business Continuity Plan, Scope, Roles and Responsibilities, Testing and Exercising Records, Non-Conformities and Corrective Actions in BCMS (ISO 22301).
  • Corrective actions taken to address non-conformities identified during Internal audit for ISMS.
  • Guided the Windows, Linux and Desktop team on the significance of vulnerability as a cybersecurity advisor.
  • Provided critical support during the pandemic, including desktop support, backup management, asset management, vendor coordination, and antivirus management, while maintaining on-site presence to ensure operations stability.
  • Conducted a rapid vulnerability assessment, patched all 650+ systems for Log4j within three days, and ensured protection from ransomware and other critical threats with continuous Nessus scans.

Administration Assistant

Debt Recovery Appellate Tribunal
05.2015 - 04.2017

Education

Bachelor of Science - Information Technology

Sathyabama University
Chennai, India
04.2011 - 01.2015

Skills

SOC Monitoring & Incident Response

Certification

Certified Ethical Hacker (CEH)

Technologies

Metasploit, Wireshark, Burp Suite, OWASP ZAP, Nmap, Kali Linux, Symantec Endpoint Protection, Symantec EDR, VMWare Carbon Black, Carbon Black EDR, Crowdstrike Falcon, Splunk, Cisco Meraki, GSuite, Nessus, Rapid7 InsightVM, Horizon3.ai, Teramind, Acronis, Airlock, BitLocker, Okta, VirusTotal, Microsoft Azure, Microsoft Entra ID, Microsoft Intune, MS Word, Excel, PowerPoint Presentation, Outlook, MS Team, Slack, Visio, MS Project, ServiceNow, HTML, JavaScript

Additional Information

Australian Red Cross School Volunteer: Volunteered to support educational initiatives, contributing to the well-being and development of students in the community.

Timeline

Cyber Security Analyst

Tactix Sener Group
09.2023 - 09.2024

Systems Engineer

Extranet Systems
07.2022 - 08.2023

Associate Security Analyst Intern

Securemation
03.2022 - 06.2022

Security Analyst

TNQTech
11.2019 - 12.2021

Administration Assistant

Debt Recovery Appellate Tribunal
05.2015 - 04.2017

Bachelor of Science - Information Technology

Sathyabama University
04.2011 - 01.2015
Divya Bharathi NarayananCyber Security analyst