Summary
Overview
Work History
Education
Skills
Timeline
Generic

Sanjay Pandey

London

Summary

Multi-faceted information security professional with diverse operational experience. Expertise includes broader incident response skillsets involving digital forensics, threat hunting and malware analysis & triage. Exceptional analytical mindset and ability to assess and troubleshoot complex technical and procedural problems and consistently delivers high quality outcomes for security incidents, and projects.

Overview

18
18
years of professional experience

Work History

Digital Forensics & Incident Response

Apple UK Limited
London, City of London
12.2021 - Current
  • Primary responsibilities includes forensic analysis of devices, data and artefacts from security incidents involving Apple corporate employees and vendors working for Apple.
  • Co-led and investigated as part of a larger global team and point of contact for the EMEA region as a lead for various complex and high priority security incidents.
  • Build, maintain, deploy and track updates of triage script/tool for macOS and Linux for triage data artefacts collection from devices during a security incident.
  • Identify automation opportunities for repetitive tasks during incident response investigations and enabling the team to focus on more time-consuming tasks including accurate and reporting.
  • Operationalised actionable intelligence from IR cases, internal teams, external sources and OSINT data which is helpful in increasing fidelity during security investigations.
  • Static and dynamic malware reversing of malware for quick triage and IOC retrieval for security incidents and malware hunt use cases.
  • Liaise with partner teams within Apple and third parties to investigate fraud and theft related cases concerning to Apple products and services.

Security Incident Response Analyst

Apple UK Limited
London, City of London
09.2017 - 11.2021
  • Started and build-up a team of 4 from ground up in London for the Apple‘s first IR team in the EMEA region.
  • Partnered with multiple business units within the organisation likes of, Apple Retail, Music, Services etc to understanding their network telemetry, risk exposure, user behaviour and patterns to build tailored security alerts and enhance monitoring.
  • During M&A‘s by Apple in the region, worked with relevant teams on log and user onboarding, on understanding network telemetry of the acquired company, review application and network access of employees and inventory of network topology/devices transitioning to Apple.
  • Conducted complex investigation types including account compromise, malware infections, email compromise and data leak cases, liaising with teams and stakeholders to resolve relevant security incidents efficiently and effectively.
  • Identifying and managing security incidents by aligning them with the MITRE ATT&CK Framework; and understanding to achieve a benchmark for minimum security detections in line with their environment.
  • Phasing away in creating detections based on IOC's and relying more on TTP's, signals and common attack patterns.
  • Identified and created automation of daily repetitive tasks or otherwise to improve team's efficiency and focus on any ongoing cases or incident.
  • Worked on projects on improving, detections, network visibility, data enrichments and evaluation and upgrade of existing tooling/solutions.
  • Frequently participated during discussions on updates and improvement of organisations Incident Response Plan (IRP), reporting of high severity incidents for leadership and communication with stakeholders.

Security Incident Response Analyst

Apple South East Asia Pte Ltd
Singapore, Singapore
05.2016 - 08.2017
  • Started and build-up a team of 4 from ground up in London for the Apple‘s first IR team in the APAC region.
  • Partnered with multiple business units within the organisation for understanding their network telemetry, risk exposure, user behaviour and patterns to build tailored security alerts and enhance monitoring and IR capabilities.
  • Liaised with Apple partner suppliers, onsite vendors, and manufacturing partners in the regions to establish relations, understanding telemetry, their exposure to Apple business and underlying risk for Apple in an event of a compromise at their end.
  • Conducted complex investigation types including account compromise, malware infections, email compromise and data leak cases, liaising with teams and stakeholders to resolve relevant security incidents efficiently and effectively.
  • Worked on multiple initiatives to maximise risk mitigation for Apple corporate and network endpoints.

Senior Security Operations Centre Analyst

Lazada SEA Pvt Ltd (Alibaba Group)
Singapore, Singapore
01.2016 - 03.2016


  • Operationalised organisation's newly formed SOC with relevant process documentation, knowledge base, SLA and metrics definition and reporting.
  • Review and approval of major network ACL changes, application approval and testing network sensors/tap for log collection, anlerting and aggregations.
  • Coordinate escalations and collaborate with internal technology teams to ensure timely resolution of security incidents, misconfigurations, and exposures on internal assets.

Senior Security Operations Centre Analyst

Dell Technologies (Secureworks)
Noida, India
04.2011 - 01.2016
  • Design and executes security operations processes, identify and measure critical security operations metrics, and continuously improve the efficiency and effectiveness of the security operations function.
  • Focus on incident reduction activities and assist in creating of Service improvement program for key client accounts.
  • Managing and reporting on the activities and performance of the Security Operations team.
  • Reports, trends and implications regarding design and integration of evolving systems and devices.
  • Evaluating and updating SOC policies and procedures as appropriate.
  • Prepares briefing and reports of analysis methodology and result s in support of IT security incidents
  • Provides highest level of support for security issues including security incident handling, triage and other security incident remediation plans,
  • Perform correlation of events from a variety of network, enterprise and host collection sensors.

IT Service Desk Analyst

Perot Systems TSI Ltd (Dell Technologies)
Noida, India
12.2008 - 03.2011
  • Worked as IT Service desk associate on incidents, requests and change management cases for a US healthcare client.
  • Account provisioning and 1st Level and 2nd level support for major healthcare applications used for patient charting, clinical reporting and medication.
  • Handling account provisioning for users along with access to mailboxes, shared drives and other supported applications.
  • Configuring individual and group mailboxes with access permissions, VPN user provisioning and setting up user level rights and role-based access as per the user profile.

IT Service Desk Analyst

IBM India Pvt Ltd
Gurgaon, India
10.2006 - 09.2008
  • Providing phone & remote desktop support to the bank employees for issues related to user account provisioning , applications, account provisioning and access issues.
  • Performing system software and application maintenance, supporting various applications access and right issues installed for standard users and installing applications critical for banking operations.
  • Managing security token/authentication issues for the users for secure access on critical financial applications.

Junior Executive - BSS

Brinks India Pvt Ltd
Kanpur, India
09.2005 - 06.2006
  • Role included Banking Support Services for providing onsite third party Services for ATM IT management and support for various national and private banks in India.
  • Installation of OS patches and updates on the system related to the ATM software to ensure online security and reduce risks.
  • Worked in co-ordination with third party vendors for issue related to ATM network connection issues and other technical failures.

Education

Bachelor of Science - Chemistry, Biology

DDU University
Gorakhpur, India
07/1999 - 06/2002

Skills

  • SANS GIAC Certified Incident Handler (GCIH)
  • SANS GIAC Certified Battlefield Forensics Analyst (GBFA)
  • SANS GIAC Certified Forensics Analyst (GCFA)
  • SANS: Mac and iOS Forensics and Incident Response
  • SANS GIAC Certified Reverse Engineering Malware (GCRM)
  • ITIL v3 Foundation
  • EC Council CEH v7
  • Qualys Certified Specialist

Timeline

Digital Forensics & Incident Response

Apple UK Limited
12.2021 - Current

Security Incident Response Analyst

Apple UK Limited
09.2017 - 11.2021

Security Incident Response Analyst

Apple South East Asia Pte Ltd
05.2016 - 08.2017

Senior Security Operations Centre Analyst

Lazada SEA Pvt Ltd (Alibaba Group)
01.2016 - 03.2016

Senior Security Operations Centre Analyst

Dell Technologies (Secureworks)
04.2011 - 01.2016

IT Service Desk Analyst

Perot Systems TSI Ltd (Dell Technologies)
12.2008 - 03.2011

IT Service Desk Analyst

IBM India Pvt Ltd
10.2006 - 09.2008

Junior Executive - BSS

Brinks India Pvt Ltd
09.2005 - 06.2006

Bachelor of Science - Chemistry, Biology

DDU University
07/1999 - 06/2002

Similar Profiles

  • Jenifer Khan

    Jenifer KhanJenifer Khan

    Specialist (Customer Service) at Apple UKSpecialist (Customer Service) at Apple UK

    View Profile
  • Ryan Newman

    Ryan NewmanRyan Newman

    Head of Music Editorial & Major Label MBP at Apple Music UK/IEHead of Music Editorial & Major Label MBP at Apple Music UK/IE

    View Profile
  • Hanson So

    Hanson SoHanson So

    Solutions Planning and Business Development at Canon (UK) Limited - Solutions Planning / UK & IrelandSolutions Planning and Business Development at Canon (UK) Limited - Solutions Planning / UK & Ireland

    View Profile
Sanjay Pandey