We provide IT Staff Augmentation Services!

Security & Compliance Engineer Resume

SUMMARY:

  • To be a key technical contributor, in a position where knowledge, experience and interpersonal skills can be applied towards the growth of the organization
  • Extensive, practical experience in all areas of product development life cycle
  • Good trouble - shooter, problem solver and quick to learn and incorporate
  • Strong communication and collaborative skills
  • Function well in fast-paced and time-critical environments
  • Managed SCAP deployments on large scale, across systems in various application environments

TECHNICAL SKILLS:

Programming Languages, Tools & Technologies: SCAP, XCCDF, OVAL, Unix, Python, C, Perl, XML, LDAP, SQL, Unix Shell Scripting, Elastic Search, VirtualBox, GIT, Java, REST APIs, JSON, Spring boot, COBOL, DB2, CICS, JCL

Operating Systems: Solaris, Linux, AIX, Windows, Mac OS, MVS.

Courses Taken: AWS Solutions Architect Associate, Linux Administration

PROFESSIONAL EXPERIENCE:

Confidential

Security & Compliance Engineer

Responsibilities:

  • Developed the SCAP SOX/PCI Compliance Benchmark for Solaris 10 & 11, AIX 7.1 and Oracle Enterprise Linux (OEL 6 & 7).
  • Ported OPENSCAP to Solaris 10, AIX and developed Linux KVM SCAP Compliance Baseline and implemented the Benchmarks.
  • Tested and deployed CIS Security Checks for Linux (OEL 6 & 7) into Production, following the D2P process.
  • Deployed Compliance Benchmark on Solaris 10 & 11, Linux (OEL 6 & 7) into Production systems in various application environments, following the D2P process, over a fleet of 90,000 systems.
  • Assisted in designing the Compass dashboard to provide compliance data for various users (auditors, Systems Engineers, managers) in the organization.
  • Resolved deployment issues, by working in collaboration with Systems Engineers, and Network teams and App teams. Developed tools to assist in creation of Incident tickets to fix compliance failures on systems in various application environments. Provided remediations for bringing systems into compliance.

Confidential

Senior Software Engineer, Solaris Security Development

Responsibilities:

  • Designed OVAL schemas and implemented probes on Solaris for the compliance framework. Designed and implemented Benchmark policies for Solaris.
  • Provided patches for fixes to OPENSCAP to the open-source community. Ported the latest versions of OPENSCAP for successful operation of the solaris compliance framework.
  • Provided to sustaining engineering team to support OPENSCAP.
  • Managed the schedule and coordinated the development, project testing, ARC reviews, and integration of RBAC project for Solaris 11.
  • Designed and implemented LDAP support, Separation of duty for the existing RBAC (Role Based Access Control) administrative commands in Solaris.
  • Designed authorizations with the goal of preventing escalation of power.
  • Designed and implemented library with abstract interfaces to handle multiple types of name service databases.
  • Designed and Implemented Separation of Duty in Solaris Trusted Extensions.
  • Fixed and enhanced the administrative interface (Solaris Management Console) in Solaris for managing user security and trusted labeling information.
  • Provided expertise in resolving customer issues within a very short window of time by fixing or enhancing the product to suit customer needs.
  • Provided weekly reports to upper management on key fixes and features that were integrated or milestones achieved for various projects in Solaris Security.

Confidential

Java Licensee Engineer

Responsibilities:

  • Provided Engineering support for licensees on Java Card Technology.
  • Debugged Java Card VM, Java Card RE and handled specification clarifications.
  • Provided recommendations for enhancements to Java Partner website for Java Card Licensees.
  • Demonstrated prototypes of Java Card VM 3.0 at Java One.

Confidential

Software Engineer

Responsibilities:

  • Provided solutions to the pre-sales team for POCs.
  • Researched, analyzed, designed and implemented bug fixes and enhancements for customer issues.
  • Performed code reviews for bug fixes and enhancements.
  • Did performance tuning and profiling of JVMs to resolve performance bottlenecks.
  • Designed and implemented various SeeBeyond Core Components.

Systems Analyst

Confidential

Responsibilities:

  • A complex relational database system consisting of 400 subprogram modules that are designed to handle numerous specifications related to the auto and home owners insurance industry.
  • Designed and administered modifications to the existing framework to accommodate new policy rules.
  • My functions included investigation of anomalies in the system and design solutions and managed to handle implementation of projects by leading a group of people.

Programmer Analyst

Confidential

Responsibilities:

  • The system was responsible for processing loan/lease applications specific to the automobile industry.
  • Custom tailored vendor Finance System to meet the needs of Confidential Corp.
  • Designed, implemented and tested modifications to the vendor product.

Hire Now