SUMMARY:

• An Information Systems professional around 7 years’ experience who has a background in Systems Administration, Security Engineering, and IT Security with Masters.
• I am always looking for opportunities to increase my Knowledge in the IT area. An Information Security expert with focus on Cyber security, risk management framework, contingency planning, and Vulnerability management, continuous monitoring, access control and compliance.
• Performed IT and security risk assessments and audits on multiple companies and performed corporate risk analysis Entrusted with large volumes of sensitive information recognizing privacy and confidentiality requirements.
• Perform comprehensive assessments and write reviews of management, operational and technical security controls on information systems.

TECHNICALSKILLS:

• McAfee ePO
• McAfee ESM SIEM
• DLPe
• McAfee Drive Encryption
• McAfee nDlp
• HIPS
• Imperva DAM
• WIPS
• Proxy
• Splunk
• Arc Sight
• RSA SA.

PROFESSIONAL EXPERIENCE:

Confidential, Cincinnati, Ohio

Security Analyst

Responsibilities:

• Performed real - time proactive Security monitoring and reporting on various Security enforcement systems, such as Confidential (SIEM), Anti-virus, Internet content filtering/reporting, malware code prevention, Firewalls, IDS & IPS, Web Security, Anti-spam, etc.
• Provide Level 2 Operations support for end user resolution investigating RSA SIEM events to determine any true intrusions.
• Identifying and remediating any threats and vulnerabilities as a Security Monitoring (SOC), Triage and Escalation to T2.
• Documenting incident results and reporting details through ticketing system
• Researching, analyzing and understanding log sources from security and networking devices such as firewalls, routers, anti-virus products, and operating systems
• Escalating issues to Tier-2 and follow up as required.
• Identifying and remediating any threats and vulnerabilities.
• Monitoring DDoS portals and alerting the team by reporting them using pager and opening the bridge call.
• Providing half an hour updates on traffic by monitoring portals from ISP’s.
• Triaging emails sent by internal users depending on the categories and responding to the customers after investigating the emails.
• PEM (Portable Electronic Media) alert monitoring.
• Subpoena requests, Credit Card Number Analysis to prevent fraud on external customers.
• Gathering all the required information from IDS, SA and Wireshark to investigate some of the attacks like SQLi, Zmeu, RAT, etc., and escalating to T2 and following up on these tickets.
• Investigate DDoS attacks, Fire-eye, Source-fire, malwares, web sense event that are prone. Connectors are set for the entire IDS/IPS appliance.
• Execute on appropriate mitigation strategies for identified threats.
• Generates end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty.
• Provide Rotation 24/7 On Call support.
• Remediation of workstations, Servers exhibiting McAfee Agent or Virus scan Enterprise products.
• Managing all client systems from endpoint perspective using McAfee ePO tool which includes managing Agent, VSE, pushing client tasks, managing ODS & OAS scans
• Prepared system plans and executed Arc Sight architecture modifications.
• Managed, upgraded and maintained operational data flows and Arc Sight platforms.
• Maintained and modified hardware and software components, content and documentation.
• Created and documented reports, rules, trends and Dashboard.
• Analyzed Arc Sight and related tools and resolved IT security failures.
• Provided guidance for equipment checks and supported processing of security requests.
• Experience in Network Intrusion detection/Intrusion Prevention System and Firewalls.
• Expertise in Installing VMWARE,ESX Servers, vSphere Client and VCenter Server
• Utilize Security Information and Event Management (SIEM), Intrusion Detection & Prevention (IDS / IPS), Data Leakage Prevention (DLP), forensics, sniffers and malware analysis tools
• Security Incident handling, SIEM (ESEM) using RSA Envision/Arc Sight products.
• Vulnerability assessment, penetration testing, Risk assessment, Threat management, Security advisories, compliance audits, IT security assessment.
• Excellent exposure to Database, VPN technologies, and Firewall
• Good knowledge and experience in Installation, Configuration and Administration of Windows Servers 2000/2003, Active Directory, FTP, DNS, DHCP, TFTP, Linux OS under LAN and WAN environments.
• Implementation of name resolution using WINS & DNS in TCP / IP environment.
• Negotiate VPN tunnels using IPsec encryption standards and also configured and implemented site-to-site VPN, Remote VPN .
• Conduct research on IDS alerts/traffic and Vulnerability/Vendor threats/Log Monitoring/Vulnerability Scanning.

Information Security Analyst

Responsibilities:

• Identify Security incidents, provide technical incident reports describing activity, threat attribution, scope, and provide remediation recommendations.
• Utilized Security Information and Event Management ( SIEM ), Intrusion Detection & Prevention ( IDS / IPS ), Data Leakage Prevention ( DLP ).
• Understand network protocols TCP/IP, SSH, SSL HTTP and HTTPS
• Experts to process, analyze and drive the remediation of identified IT related vulnerabilities. Follow the IT Security Incident Response policies and tools.
• Provided Security support and evaluation to management and development teams to integrate information assurance/ Security throughout the System Life Cycle Development of major application releases
• Analyze a variety of network and host-based Security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident.
• Identify Security issues and risks, and assist with the development of risk mitigation plans. Perform root cause analysis of complex issues with existing Security and privacy protection protocols.
• Generated Security documentation, including: Security assessment reports; system Security plans; contingency plans; and disaster recovery plans.
• Prepared monthly WebEx presentations for three clients concerning the Security situation in their regions
• Monitorong McAfee Web GateWay

Cyber Security Monitoring Specialist

Responsibilities:

• Performed security research, analysis and design for all client computing systems and the network infrastructure.
• Developed, implemented, and documented formal security programs and policies.
• Monitored events, responded to incidents and reported findings.
• Utilized Security Information and Event Management (SIEM), sniffers and malware analysis tools.
• Application and Network Security Assessment
• Identifying Security Risks and Vulnerabilities
• Monitoring IDS and IPS inSiem