Summary
Work History
Education
Skills
Websites
Certification
Mentoring university students studying in the field of Cyber and IT
Timeline
SoftwareEngineer
Sandesh Shelar

Sandesh Shelar

Summary

Highly motivated and experienced Cyber Security Operations Lead with proven success in safeguarding critical IT and OT infrastructure against evolving cyber threats. Proven ability to build and lead high-performing security teams, implement robust security processes, and effectively respond to security incidents. Delivered exceptional results in leading incident response investigations, reducing security risks and minimizing business impact. I possess a strong independent judgment and critical-thinking abilities.

Work History

Security Operations Lead

Icon Water
01.2022 - Current
  • Guided the implementation of Splunk Cloud to collect logs from OT, AWS, and on-premises environments
  • Built custom parsers for diverse data sources, normalized formats, and extracted key indicators
  • Fine-tuned data ingestion, correlation rules, and alerting thresholds to enhance efficiency and minimize false positives
  • Connected SIEM with other security tools and threat feeds, enriching detection capabilities and situational awareness
  • Assessed the Radio Network configuration and provided inputs for a successful upgrade
  • Developed a new incident response process that reduced the average time to resolve security incidents by 25%
  • Developed scripts and playbooks for automated incident handling, reducing manual workload and accelerating mitigation
  • Comprehensive monthly operational reports (email, weblogs, etc.) detailing security event monitoring activities for management and relevant teams, providing valuable insights into the overall cybersecurity posture
  • Successfully implemented a cybersecurity awareness platform, to conduct phishing simulations and provide cyber safety training for all users
  • Collaborated with external vendors to design, implement, and deploy a new Active Directory forest and multiple domains for the entire Icon Water tenancy
  • Proactively engaged with third-party service providers to identify upcoming cybersecurity projects and establish clear expectations regarding adherence to stringent security standards
  • Expertise in industry standards and cybersecurity frameworks (ISO27002, NIST CSF) to enhance Icon Water's cybersecurity posture and safeguard critical infrastructure
  • Organized cyber tabletop exercises to simulate cyberattacks and test organizations' ability to respond to them.

Security Analyst (SOC)

AUCloud
07.2020 - 01.2022
  • Acting team lead and managing team rostering, attending CAB, reviewing customer technical documentation and conducting standups across all technical teams
  • IR Team lead in times of Incidents and quick response for any incident happening across the company
  • Monitored customer networks and endpoints for security events/alerts for active threats, intrusions and/or compromises
  • Customer onboarding and documentation including operational manuals, technical documentations, PoC design and low-level designs
  • Developing playbooks, use-cases and tuning dashboards and widgets for the SIEM
  • Tuning alerts in SIEM and making sure the rules are updated and performing optimally as per the required standards
  • Worked along with different teams in order to provide a streamlined solutions for security issues and making sure the network is up and running
  • Proactively safeguarding the environment through continuous process review, documentation, and refinement
  • Performed rigorous SIEM-driven security monitoring and network traffic analysis to proactively detect and mitigate threats.

SOC Analyst

ActewAGL
07.2019 - 06.2020
  • Reviewed, documented and improved processes to contribute to the overall security of the environment
  • Monitored client networks and endpoints for security events/alerts for active threats, intrusions and/or compromises
  • Was involved in the SOC building program, writing up Action Plans, Playbooks, Use cases, Capability Plans and other documentation
  • Actively involved in AirLocker rollout project which replaced AppLocker on Windows machines for cloud migration
  • Monitoring and assessing emerging threats and vulnerabilities to the environment and ensuring those requiring action are addressed
  • Generating multiple monthly reports (Mail, weblogs, etc.) for Monitoring purposes for Management and other teams
  • Analysis of security events from multiple sources including but not limited to events from the SIEM
  • Defining and implementing business rules for endpoint and network security systems and correlation rules to identify security events of interest
  • Coordinating Patch management and software vulnerabilities using different tools.

IT Support and Operations (BSD)

ActewAGL
  • Managing desktop support, troubleshooting user issues via screen-share or in person.
  • Updating the users in Active Directory and modifying software packages using SCCM
  • Managing exchange and creating a group email account and distribution lists for the purpose of team management
  • Creating and assigning VoIP extensions to the users using Cisco Prime Collaboration Provisioning (PCP).

Education

Master of Information Technology and Systems -

University of Canberra

Bachelors of Science in Information Technology -

Mumbai University, India

Skills

TECHNICAL SKILLS:

  • Ability to gather, analyze, and interpret threat intelligence feeds to inform security decisions and prioritize risks
  • Strong analytical skills to analyze security data, identify anomalies, and detect potential threats
  • Knowledge of Splunk SIEM/SOAR, EDR, along with expertise in their configuration, analysis, and reporting
  • Incident Response
  • Threat Intelligence
  • Security Awareness Training

SOFT SKILLS

  • Demonstrated ability to lead, motivate, and coach a team of security analysts
  • Ability to analyze the organization's security posture, identify gaps, and develop effective security strategies

Certification

  • Microsoft Azure Security Engineer Certified (AZ-103/AZ-500/AZ-900)
  • Cisco Certified CyberOps Professional
  • Microsoft Azure Administrator Certified
  • Fortinet Network Security Expert

Mentoring university students studying in the field of Cyber and IT

As a mentor to cyber and IT students, I get to share my passion and watch their eyes light up as they crack encryption codes or build secure networks. It's more than just teaching; it's about shaping responsible minds for the digital age. We learn from each other, pushing boundaries and tackling challenges together. Seeing them confidently enter the tech world, ready to make a difference, fills me with pride. It's a privilege to be a part of their journey.

Timeline

Security Operations Lead

Icon Water
01.2022 - Current

Security Analyst (SOC)

AUCloud
07.2020 - 01.2022

SOC Analyst

ActewAGL
07.2019 - 06.2020

Master of Information Technology and Systems -

University of Canberra

Bachelors of Science in Information Technology -

Mumbai University, India

IT Support and Operations (BSD)

ActewAGL

Similar Profiles

  • Ben Allan

    Ben AllanBen Allan

    Network Maintenance Supervisor, Reactive South at Icon WaterNetwork Maintenance Supervisor, Reactive South at Icon Water

  • William Draper

    William DraperWilliam Draper

    Mechanical Leading Hand at Icon WaterMechanical Leading Hand at Icon Water

  • Dimitre Yousif

    Dimitre YousifDimitre Yousif

    Luxury Real Estate Agent at Icon Realty Brokerage, LLC & Icon Realty ManagementLuxury Real Estate Agent at Icon Realty Brokerage, LLC & Icon Realty Management

  • Joshua Pugh

    Joshua PughJoshua Pugh

    Regional Security Operations Lead – Home Life at Cox CommunicationsRegional Security Operations Lead – Home Life at Cox Communications

  • Cory Houser

    Cory HouserCory Houser

    SME - Security Operations Lead at BYTE OF INFOSME - Security Operations Lead at BYTE OF INFO

CREATE PROFILE
Sandesh Shelar