Rupesh Kumar Sendge - IT Baseline Compliance Consultant

Recommended expert

Munich, Germany

Experience

Feb 2023 - Present

3 years

Zürich, Switzerland

IT Baseline Compliance Consultant

Consultant

Baseline compliance verification against MAS audit findings
Building technical architecture concept for 30 technologies to build hardening standard artifacts
Identifying and building automation possibilities for given technologies based on CIS
Building the standard baseline configuration based on internal security standard
Responsible for building Cloud Native Application Protection Platform (CNAPP) architecture artifacts based on Azure cloud platform
Responsible for RFQ and RFP for different CNAPP solutions (Qualys Total Cloud, CrowdStrike, Azure Security Center)
Supporting compliance verification and validation via automated scripts for a sample population of IT devices and instances
Responsible for complete vulnerability management lifecycle using Nexpose, remediation, reporting and integration of results with Splunk, HPSM and Tableau
Audit support for MAS

Sep 2022 - Jan 2023

5 months

Beringen, Switzerland

Lead Consultant

Syntegon Packaging Systems AG

Led a team of 30 security analysts offshore and on shore for transition and transformation of on-prem solution to Azure cloud with multiple roll-out of technologies namely CrowdStrike, Azure Security, Qualys
Migrated Symantec security technologies to O365 EDR for data center and corporate IT devices
Integrated ICS devices with CrowdStrike as complete security landscape
Built roll-out plan and supported smooth execution of onboarding of Microsoft security technologies from old legacy security tools
Provided security dashboard of complete security intelligence landscape using Kenna
Responsible for complete vulnerability management lifecycle, remediation, reporting using Qualys
Integrated security devices with RSA Archer GRC tool to build risk and governance landscape

Feb 2020 - Sep 2022

2 years 8 months

Munich, Germany

Cyber Security Consultant

Railsbank Technologies GmbH

Delivered IT security projects: crypto zone infrastructure (HSM, KMS)
Built technical architecture artifacts for DLP solution using Azure ATP and O365 EDR
Designed crypto zone architecture focusing on integration of cloud and on-prem HSM solutions as a service with AWS Cloud HSM, Azure Dedicated HSM and Cryptomathic Crypto Services
Conducted IT security operations including code-base NSG review and MDR solutions
Responsible for complete vulnerability management lifecycle, remediation and reporting for internal and external (ASV) scans using Nessus
Transitioned from on-prem to Azure cloud for Symantec to Defender
Consulted and architected leading-edge IT security solutions to support Railsbank cloud infrastructure and built CI/CD pipeline with security gates
Implemented infrastructure provisioning strategies focusing on automation, high availability and scalability with continuous consultation on cloud security topics
Delivered security architecture on Azure and AWS
Supported audits for PCI, ISAE and ISO 27001

Jan 2019 - Jan 2020

1 year 1 month

Munich, Germany

Lead Information Security Architect

Wirecard Service Technologies GmbH

Delivered IT security projects including DDoS solution implementation and bot mitigation tool
Built technical architecture artifacts for DLP solution using Netskope
Served as member of IT architecture board working closely with principal and enterprise architects on complex global deliverables
Designed crypto zone architecture focusing on integration of cloud and on-prem HSM solutions as a service
Consulted and architected leading-edge IT security solutions to support hybrid cloud infrastructure
Implemented infrastructure provisioning strategies focusing on automation, high availability, scalability and datacenter redesign
Delivered security architecture integrating Cisco ACI with F5
Conducted IT security operations including automated firewall changes, AD and SIEM (LogRhythm, Splunk)
Responsible for complete vulnerability management lifecycle, remediation and reporting for internal and external (ASV) scans using Qualys
Implemented CIS benchmarking standard at infrastructure level
Performed vulnerability assessments, risk assessments and gap analysis
Conducted web application and network layer penetration testing
Integrated Qualys vulnerability tool with Azure Security Center and Archer GRC tool
Implemented custom defined search queries using Search Processing Language (SPL)
Performed firewall review and static code analysis on applications
Supported audits for BaFin, PCI, ISAE and ISO 27001

Sep 2018 - Dec 2019

1 year 4 months

Munich, Germany

Senior Information Security Analyst

Wirecard Service Technologies GmbH

Delivered IT security projects including Cisco ACI integration with Palo Alto FW and VMware
Delivered security architecture for Cisco ACI
Conducted IT security operations including firewall changes, AD and SIEM (LogRhythm, Splunk)
Defined and managed the implementation of PCI DSS compliance
Responsible for complete vulnerability management lifecycle, remediation and reporting for internal and external (ASV) scans
Implemented CIS benchmarking standard at infrastructure domain
Performed vulnerability assessments, risk assessments and gap analysis
Conducted web application and network layer penetration testing
Managed RFIs for integration of third-party applications with PCI applications
Defined KPIs requirements and implemented dashboards on Qualys with other vendor products via API (Remedy)
Implemented custom defined search queries using Search Processing Language (SPL)
Performed firewall and application reviews
Supported audits for BaFin, PCI, ISAE and ISO 27001

Oct 2016 - Aug 2018

1 year 11 months

Munich, Germany

Information Security Analyst

Wirecard Technologies GmbH

Defined and managed the implementation of PCI DSS compliance
Responsible for complete vulnerability management, remediation and reporting for internal and external scans (ASV) and benchmarking using Qualys
Conducted vulnerability assessments and risk assessments
Performed penetration testing of web applications, mobile apps, IoT devices and NFC devices
Managed RFIs for integration of third-party applications with PCI applications
Conducted firewall reviews and static code analysis reviews
Coordinated with external penetration testers for external and internal penetration tests and remediation activities
Participated in complete PCI DSS audit lifecycle including information gathering, evidence provision, remediation activities, compensating controls, ROC and AOC

Mar 2015 - Sep 2016

1 year 7 months

Munich, Germany

IT Security Administrator

Wirecard Technologies GmbH

Delivered IT security projects including Cisco ACI integration with Palo Alto FW and NFC payments
Delivered security architecture for Cisco ACI
Conducted IT security operations including firewall changes, AD and SIEM
Administered HSM and key management with SafeNet and Thales
Implemented hardening standard on infrastructure domain based on PCI, NIST and CIS
Managed access control including AD and User-ID access management in Palo Alto FW
Administered SIEM: QRadar and LogRhythm, including migration from QRadar to LogRhythm
Supported audits for BaFin, PCI and ISAE

Sep 2013 - Feb 2015

1 year 6 months

Munich, Germany

Junior IT Security Administrator

Wirecard Technologies GmbH

Delivered IT security projects including AD User-ID integration with Palo Alto FW
Delivered security architecture: proxy integration and SIEM implementation
Conducted IT security operations including firewall changes, AD and SIEM
Administered HSM and key management with SafeNet and Thales
Managed access control including AD and User-ID access management in Palo Alto FW

Jan 2013 - Sep 2013

9 months

Munich, Germany

Linux System Administrator

Novalnet AG

Designed and configured high availability network infrastructure and system configurations
Administered and maintained firewalls
Defined and managed the implementation of PCI DSS compliance
Prepared PCI Self-Assessment Questionnaire
Remediated web servers based on vulnerabilities in PCI ASV scan reports
Configured load balancing with Linux Virtual Server
Configured database redundancy architecture
Updated and maintained disaster recovery plan
Conducted vulnerability assessments and penetration testing using Nexpose

Mar 2010 - Dec 2012

2 years 10 months

Munich, Germany

Security Engineer

Uniscon GmbH

Implemented high availability clustering for web servers
Administered sealed cloud proxy architecture
Provided and documented detailed reports about security flaws and fixes
Conducted and reviewed security risk assessments
Administered firewalls and load balancing
Designed and implemented application-based intrusion detection system for sealed cloud architecture
Designed and implemented continual improvement model of defence
Set up VPN network and provided access for work from home users
Administered intrusion detection and prevention systems (AlienVault)

Aug 2007 - Dec 2008

1 year 5 months

Hyderabad, India

Project Coordinator/Co-Founder

G Logic Technologies Pvt Ltd

Supported offshore Android, BREW and Symbian development and testing projects for Qvantel Technologies, Finland
Trained and steered employees on platforms like GSM, GPRS and UMTS and technologies like BREW, Symbian and Android
Guided employees in enhancing in-house testing and application development according to 3GPP, GCF and OMA standards
Provided detailed information to project members about designing phase and testing phase of project lifecycle

May 2006 - Jun 2007

1 year 2 months

Munich, Germany

Test System Operator

Cetecom GmbH

Performed SIM, SIM Application Toolkit, RF testing and Bluetooth testing on GSM and GPRS devices
Conducted Java application testing using ORGA iT3, ANITE SAT8 and ANITE RAMS test systems
Managed database handling for test case results according to GCF certification requirements
Performed RF system calibration and reporting on ANITE RAMS
Interacted with vendors (Agilent, Anritsu, ORGA) on technical setup issues

Jun 2001 - Oct 2004

3 years 5 months

Hyderabad, India

Network Administrator/Co-Founder

Excel Media Private Ltd

Worked in network operations as part of TAC team providing L1 and L2 technical support
Administered firewalls, routers and switch configurations
Consulted with network users to resolve technical issues
Diagnosed hardware and software problems and replaced defective components
Ran and configured network cables, troubleshot connectivity issues, created users and configured related settings

Summary

Good Spoken and Written Communication skills, Good Presentation and Management skills.
Innovative, Analytical thinking, Goal oriented, Adaptive, Flexible, Pro-active.

Skills

Cryptographic Standards: Pki, X.509, Ldap, Ssl, Kerberos, Ipsec
Security Devices: Smartcards, Biometric Devices, Tpm, Hsm (Thales, Safenet)
Databases: Mysql, Mariadb, Percona Xtradb
Siem: Security Onion, Alienvault, Qradar, Logrhythm, Splunk
Scripting Languages: Bash, Python
Operating Systems: Linux (Ubuntu, Opensuse, Backtrack, Rhel), Microsoft Windows
Networking Protocols: Tcp/ip, Lan/wlan, Ipsec, Ssh, Gsm, Gprs, Cdma, Umts, Ble, Nfc
Security Tools: Wireshark Network Analyzer, Nessus, Qualys, Rapid 7, Metasploit, Intrusion Detection System Using Snort, Aide, Apparmor
Administration: Cisco 2900, 2960, Juniper Ssg 320, 350, Linksys Vpn Rv-082, Zywall 2000, Palo Alto
Web Servers: Apache, Nginx
Project Management: Itil V3
Security Standards: Mas, Pci-dss, Tüv, Owasp, Sans, Itil, Iso 27001, Isaca