Amol Wanave

Sr. Information Security Analyst

Incident Response, Cyber Threat Intelligence

  • Summary

    One head with different hats! Internet Enthusiast & an Avid Traveler

    Money movement never stops, and the same goes with cybersecurity. If everything runs smooth and nothing suffers a glitch, then I know I did my job. Being in Western Union’s IR team, my job is to perform Incident Response and Digital Forensic Investigations.

    I am GIAC Certified Forensic Analyst (GCFA), Certified Forensic Examiner (EnCase and AccessData) with rich mix of experience in Incident Response, Digital Forensics and Cyber Threat Intelligence.

    Having worked with Law Enforcement as well as Fortune 500 companies over the past 9 years, I have successfully built and led the teams, helped mature incident response and threat intelligence programs, delivered productive training sessions, been part of investigating war room incidents which in turn helped me win various performance awards and perks.

    Outside of work, I am author on ThreatRavens.com, a niche cybersecurity blog. I love chatting tech, space science, aeroplanes and महाभारत.

    Certifications:

    • GIAC Certified Forensic Analyst (GCFA)
    • EnCase Certified Examiner (EnCE)
    • Certified AccessData Investigator
    • AWS Certified Solutions Architect
    • Certified Threat Intelligence Analyst (CTIA)

    Life So Far...

    • Breathing since 1991
    • Completed Schooling from AES, Satara in 2006
    • Finished Higher Secondary Education from YCIS, Satara in 2008
    • Enrolled to RIT for Graduation in Computer Science and Engineering in 2008
    • Started SMS Channel for RIT in 2009 (appreciated and approved by Board of Directors)
    • Elected as the President of 'Computer Society of India' (RIT- Pune Chapter) - 2012-13
    • Completed Graduation in Computer Science & Engineering from RIT (An Autonomous Institute) in 2013
    • Started working as a Freelance Artist in 2013
    • Joined Tendul Tech Labs in January 2014 as Web Designer
    • Joined Null Object Interactive in September 2014 as a Web Developer and Security Analyst
    • Promoted to Lead Web Security Analyst in January 2016
    • Changed career direction to Cyber Forensic Investigation and joined Regional Forensic Science Laboratory (Cyber Crime Investigation) department at State Government of Maharashtra. (November 2016)
    • Joined Cognizant Technology Solutions, Chennai as a Cyber-Security Analyst on Valentine's of 2018. :)
    • Became Author at ThreatRavens | A Cyber-Security News Blog.
    • Joined TechMahindra in Feb 2019 as Sr. Security Analyst. Soon became offshore lead.
    • Won several performance awards for my initiative in kick-starting Cyber Threat Intelligence program and maturing security posture of customers.
    • Joined Western Union as Sr. Information Security Analyst in Incident Response team. Leading Forensic service and handling forensic investigations in APAC, Oceania region.

  • Certifications

    I have demonstrated knowledge of various cutting edge forensic & security tools and technologies. I believe in continuous education and learning. Currently I am preparing for a Cyber Threat Intelligence certification.

    broken image
    broken image
    Certified EnCase Examiner
    IBM QRadar SIEM Foundation
    broken image

  • Experience

    broken image

    TechMahindra Limited

    Sr. Security Analyst, Team Lead

    February 2019 to Present

    As a Senior Security Analyst, I protect sensitive information of thousands of people from hackers and cyber attacks.

    Currently using cutting edge security tools and technologies:

    1. QRadar SIEM
    2. CrowdStrike EDR Solution
    3. ProofPoint Enterprise Security
    4. CISCO Prime, Rapid7
    5. Service-Now for Incident Management

    I am primarily responsible for;

    • Provide analytical feedback related to malware and other network threats.
    • Understand information security policies and best practices in client environments.
    • Accept, manage and update service requests and incidents to ensure contracted Service Level Agreements are met.
    • Lead and manage various security incidents - Launch and track investigations to resolution.
    • Review the latest alerts to determine relevancy and urgency. Create new trouble tickets for alerts that signal an incident.
    • Review trouble tickets generated by Tier 1 Analyst(s). Leverage emerging threat intelligence (IOCs, updated rules, etc.) to identify affected systems and the scope of the attack. Review and collects asset data (configs, running processes, etc.) on these systems for further investigation. Determine and direct remediation and recovery efforts. Root Cause analysis of security incidents.
    • Prepare/update IR plans, playbooks along with process and procedural documentation.
    • Facilitate effective and appropriate communication to all stake holders to meet SLAs and expectations.
    • Create/publish Service-Now dashboards to leadership and stakeholders as per agreed schedule.

    People Responsibilities:

    • Leading our offshore Incident Response team and 24*7 operations
    • KT Sessions
    broken image

    Cognizant Technology Solutions

    Security Analyst

    February 2018 to October 2018

    As a cybersecurity analyst, I need to keep updated with the latest developments in the threat landscape and lead incident response activities with industry standards. My day-to-day activities include:
    - Conducting and leading incident response activities.
    - Root cause analysis of security incidents.
    - Performing in-depth forensic analysis of various data storage devices using cutting-edge tools and technologies.
    - Responding to, reporting on and tracking cybersecurity events reported to SIEM.
    - Establishing and leveraging external relationships to obtain cyber threat intelligence.
    - Staying up-to-date on security technologies, trends and standards.
    - Responding and acting on the threat intelligence feeds obtained from external sources.

    broken image

    Regional Forensic Science Laboratory, Pune

    Scientific Assistant (Cyber Crime)

    November 2016 to February 2018

    Well versed in all phases of digital forensic investigation including Digital imaging/duplication and authentication, data recovery, mobile forensic, photo forensic, data analysis and reporting, case management, documentation and training.

    Have core understanding of forensic tools and softwares such as Tableau TD2, MASSter Solo 4, Tableau Forensic Bridge, Encase, UFED 4PC,Oxygen Forensic Suite and AMPED FIVE Professional and AMPED Authenticate.
    broken image

    Null Object Interactive Pvt. Ltd

    Lead Web Developer
    September 2014 to October 2016
    Lead product development efforts for Null Object Interactive. Including but not limited to desktop, mobile, tablet & emerging platforms. Formulated the road-map, strategy and tactics for Null Object Interactive's growth. Developed web applications for educational institutions, content management systems and user experiences for web users.

    Tendul Tech Labs

    Web Designer
    January 2014 to August 2014
    Brand Strategy and Product Development:
    Consistently worked with design team to create updated brand identity for WoodenBazaar, including new logos for the family of products and new front end design and user experience for the web and mobile site. Developed a custom CMS based tool to make it easy for online store managers to manage inventory, pricing, shipping, order management and customer service.

    Business Development:
    Structured and negotiated contract terms and managed relationships with artisans, manufacturers, re-sellers. Signed MoU with handicraft factories from different states for crafting best quality products that passes international toy safety standards.

    Marketing, Sales & Research:
    Devised new ways to promote 'Made In India' toys and crafts by putting up promotional stalls in flea markets, malls and companies in Pune, India. Sold few varieties of wooden toys on Amazon India marketplace to get on board customer feedback and opinions. Visited all wooden handicraft hubs across India as a part of market research.

  • Skills

    Incident Response

    SIEM Systems, QRadar, Endpoint Detection and Response (CrowdStrike), Email Analysis, ProofPoint, Microsoft ATP, Root Cause Analysis, Lead/manage cyber-security incidents (Viz. Malware/ Ransomware attacks, Social Engineering, Phishing, AUP violation etc.)

    Forensic Analysis

    EnCase Enterprise, Internet Evidence Finder (IEF), Axiom by Magnet Forensic, Falcon Imaging Devices, FTK Imager, Tableau TD2, Tableau Forensic Bridge, Masster Solo IV

    Threat Intelligence

    Threat Intelligence Feeds, Open IOC, IOC Extraction/Management, Pro-active Threat Hunting, STIX, TAXII

    Forensic Investigation Skills

    In-depth forensic analysis of exhibits, Evidence Seizing, Maintaining Chain of Custody, Reporting, Case Management

    Mobile Device Acquisition

    UFED 4PC by Cellebrite Communications, Oxygen Forensic Suite

    Other Skills

    Crime Scene Reporting, Training, Knowledge Base Management

    Web Development

    HTML5, PHP, JavaScript, MySQL

    Open Source

    WordPress, Magento

  • Steve Jobs | Innovation

    “I think if you do something and it turns out pretty good, then you should go do something else wonderful, not dwell on it for too long. Just figure out what’s next.”

  • Projects

    A list of my recent studies and developments

    Case Study: Forensic Analysis of Private/ Incognito Mode Browsing in Modern Browsers using IEF

    March 2018

    With increasing use of modern browsers and it's private browsing capabilities, it has become a challenge for forensic investigators to trace the evidences. This case study involves forensic analysis of private mode browsing in modern browsers Google Chrome, Mozilla Firefox and Internet Explorer using Internet Evidence Finder. (Uploading the report in my upcoming blog post.)

    Malware Sample Submission Portal

    May 2018

    In diverse organizations having security teams working across locations, it is vital to ensure secure handling malware samples between teams for analysis, IOC extraction etc.

    Developed a Proof-of-Concept (PoC) for centralized malware sample submission portal to avoid mishandling of malware samples by various teams in organization.

    Threat Intelligence Portal

    June 2018

    Thousands of news and articles about the latest trends in cyber security are published every single day and as a cyber security professional it’s impossible to keep your tabs open all the time.

    I developed a RSS Feeds aggregation platform providing cyber security team regularly updated web content by gathering it in one place for easy reading. Instead of constantly checking multiple news sites, blogs, podcasts and other sources throughout the day, analysts can just access this portal which will automatically keep itself updated with the latest developments as they happen.

    This not only helped in proactive threat hunting but also helped team in
    staying a step ahead of potential cyber-security incidents.

    Case Study: Forensic Analysis of Private/ Incognito Mode Browsing in Modern Browsers using Axiom

    July 2018

    With increasing use of modern browsers and it's private browsing capabilities, it has become a challenge for forensic investigators to trace the evidences. This case study involves forensic analysis of private mode browsing in modern browsers Google Chrome, Mozilla Firefox and Internet Explorer using Axiom Tool by Magnet Forensic. (Uploading the report in my upcoming blog post.)

  • People are the first line of defense in Cyber Security

  • The Blog

    I love technical writing, specifically about Cyber Security and Threat Intelligence.

    Incident Response Plan for Phishing Attacks
    December 30, 2019
    Phishing schemes are still one of the most serious threats to companies. Even internet giants like Google and Facebook got duped out of $100 million through an email phishing scheme. According to the FBI, criminals made off with at least $676 million last year through business email compromise...
    Cyber Threat Intelligence — The Next Big Thing
    December 30, 2019
    Threat Intelligence has been the hottest buzzword in the recent times in cyber security space. Be it any security conference or a podcast or a launch of a new security product/ service, or even in your daily meetings, Threat Intel has become the topic of discussions now. With breaknecking...

  • Awards

    I have successfully built and led the teams, helped mature incident response and threat intelligence programs, delivered productive training sessions, been part of investigating war room incidents which in turn helped me win various performance awards and perks.

    Pat on Back Award - September 2019
    Pat on Back Award - December 2019
    Bravo Award - March 2020

  • Look me up on

    Keep in touch.

    broken image
    Email
    +91 77220 22615
    Phone
    broken image
    Facebook
    broken image
    Twitter
    broken image
    Instagram

  • Happy to hear from you

    Contact me

Cookie Use
We use cookies to ensure a smooth browsing experience. By continuing we assume you accept the use of cookies.
Learn More