SUMMARY:

• Developing an information security program and implemented ISO - 27001 framework.
• Developed security strategy and performing risk assessment, vulnerability assessment and working with the business to mitigate risks.
• Developed information security awareness program for all users and conducted phishing campaign (Wombat security) to analyze vulnerabilities and reduce risks.
• Developed a plan and working with the business to ensure compliance to GDPR and NIST initiatives.
• Implemented and managing vulnerability management solution using tenable security center, policy compliance, nessus scanners and nessus network monitor.
• Installed tenable SIEM lite, Splunk and configured correlation rules to detect a variety of internet attacks & probes and investigate any abnormalities
• Installed Palo Alto firewall and configured IPS, DLP, vulnerability protection and wildfire.
• Analyzing malware and other unknown threats using Traps, Autofocus- Threat intelligence service, Threat Connect and other threat intelligence service.
• Installed and configured Encase Enterprise 7, Examiner, SAFE and servlets.
• Performing ongoing forensics investigation on computers & mobile devices for malware, advanced persistent threats, etc.
• Performing static and dynamic malware analysis for behaviors and other malicious activity.
• Installed and configured advanced endpoint protection (TRAPS) on servers and clients to prevent exploit, malicious executable and advanced malware.
• Installed and managing RSA Authentication manager 8.2 and configured RSA authentication agents, soft tokens, hard tokens authentication and risk based authentication on all servers & laptops globally,
• Upgraded to SEP 14 to leverage SONAR, IPS and network threat protection, etc.
• Installed and configured a secure FTP and secure email solutions.
• Updated security policies and standards and performed social engineering and security exercises.
• Developed monthly security newsletter for employees.
• Managing MDM solution to monitor mobile devices from intrusions, etc.
• Performing ongoing information security audits on a monthly basis for ISO27001, SOX and other required audits.

PROFESSIONAL EXPERIENCE:

Confidential,MI

Sr. Security Analyst

• Managing PCI-DSS and ISO2 program and providing technical leadership for information security program.
• Developed security awareness program and conducted security awareness training for new hires.
• Working with operations team to implement Mcafee encryption & DLP.
• Performing regular penetration testing and vulnerability assessment/remediation using Nessus, IBM app scan and metasploit.
• Managing Palo alto appliance for IPS, URL filtering, Anti-Virus, DLP, Malware, Denial of service and vulnerability protection
• Configured Wildfire advanced malware analysis tool to identify unknown malware, zero day threats and advanced persistent threats.
• Upgraded RSA authentication manager from 6.1 to 8.1 and setup self-service console and risk based authentication.
• Installed splunk enterprise 6.1, Configured ES, PCI app to monitor activity for internal and external attacks.
• Created dashboards, apps, real time alerts and daily reports in splunk.
• Installed and configured Encase Enterprise 7.10, Examiner, SAFE and servlets.
• Gather and analyze forensics evidence for computer & smartphone related incidents.

Confidential,Dearborn,MI

Security & Control Engineer

• Provided 2nd level operation supports to the enterprise for Two Factor Authentication, SSL, Secure email, Single Sign-on, Virtual Directory Services, Identity Management and Encryption.
• Participating in RSA authentication manager 8, VDS, IDM & SSO upgrade projects.
• Working on customized scripts to automate multiple security applications.

Confidential,Ann Arbor,MI

Information Security Analyst

• Provide technical leadership to the enterprise for the information security program.
• Reviewed & monitored change request for unauthorized changes to systems, network devices and firewalls.
• Reviewed daily audit logs for failed log-in attempts and reviewing audit logs on a monthly basis for SAS70, SSAE-16, PCI-DSS, HIPAA and SOX audits.
• Reviewed & monitored access to network ports, protocols and services.
• Conducting periodic vulnerability scans of systems, wireless and network devices.
• Established a procedure to detect rogue wireless devices.
• Developed minimum baseline standards for UNIX, Linux and Windows servers, firewalls and SSL VPN based on NIST frameworks, PCI and HIPAA guidelines.
• Installed and configured Guardium appliance 8 to manage several Oracle databases & configured multiple reports for privilege users, etc.
• Installed S-Tap client on AIX, Linux and Windows servers.
• Performed regular penetration and vulnerability assessment and review using Qualys, NMap, Nessus, Metasploit and other tools.
• Installed and configured Qualys appliance in multiple locations.
• Performed PCI and HIPAA compliance scans as well as internal and external vulnerability scans using Qualys.
• Scheduled automated reports from Qualys and worked with the appropriate groups on remediation process.
• Installed and configured SPLUNK 4.3 to monitor events and logs on Windows, Linux, AIX Servers, firewalls and network devices.
• Configured Syslog server and developed several scripts in UNIX and Windows to maintain several applications.
• Participated in incident response team and recommended corrective actions.
• Configured Juniper SSL VPN and ensured host checker, cache cleaner and other End-point security connections are configured correctly.
• Installed trend micro’s data loss prevention solution and configured PCI-DSS and HIPAA policies to monitor clients.
• Installed and Configured Data Loss Prevention on the external network and on clients. Defined digital assets such as fingerprints, patterns, etc. Configured device control and data discovery scans to locate sensitive data on the network.
• Upgraded Check Point firewall from R65 to R75 and configured IPS module to prevent network security, application intelligence, web intelligence and GEO protection.
• Resolved firewall and VPN issues using smart view tracker, smart view monitor, fw monitor, tcp-dump and other utilities.
• Installed and Configured Algosec firewall Analyzer and reviewed firewall rules to discover unused and conflicting rules.
• Worked with business to consolidate and remove unused firewall rules.
• Installed & configured voltage secure e-mail server on Linux and Windows.
• Worked on implementation & configuration of fire-eye malware protection system.
• Installed and configured Websense content gateway (web proxy) and websense web security 7.7, E-Mail encryption from voltage.
• Implemented HIDS (Tripwire Enterprise 8) and configured agents, rules, tasks, policies & reporting.
• Installed and configured IDS to detect a variety of internet attacks & probes, such as buffer overflows, SMB probes, brute force attacks, port scans and investigate any abnormalities
• Customized pattern based & anomaly based rules as per best practices and business requirements.
• Implemented IPS on external network and created multiple rules to prevent attacks from the internet.

Confidential,Farmington Hills,MI

Systems Engineer/ Sr. Security Administrator

• Managed multiple infrastructure projects in North America and Europe.
• Installed & Configured F5 Big IP, Windows 2003,2008 Server, HP Proliant Servers, Cisco PIX, ASA, Catalyst series switches, Checkpoint Firewall R70, R65,R54, R55, NGX, FP2, FP3 on SPLAT, Linux, Solaris, Windows and Nokia platform, Checkpoint VPN 1 Edge, Watch guard firewall, Microsoft (ISA) Internet Security and Acceleration Server 2006.
• Configured Web sense (internet filtering software) on ISA Server and Checkpoint, Created several policies for users and provided reports to management as required.
• Upgraded from Web sense 6.3 to Web sense 7.1.
• Upgraded Checkpoint Firewall from 4.1, FP2 to R54, R55, R60, R61, R62, R65 & R70 using pre upgrade verifier utility.
• Configured Network SSL extender, secure client, installed latest Checkpoint HFA’s and configured several VPN tunnels to Cisco PIX and ASA’s, Watch guard and other firewalls.
• Installed windows 2003/2008 active directory network, Exchange 2003, 2007, SQL Server, Front end OWA 2003, 2007 and configured several AD group policies.
• Configured OWA, ISA 2006, Share point server using RSA agent (Single sign on).
• Supporting users globally on a day-to-day basis for Network, firewall, VPN, RSA Server, ISA Server, AD group policies and other security related issues.
• Installed Trend Micro Software and Symantec endpoint protection10 for Windows 2003, Exchange Server, Checkpoint Firewall (Virus wall for Checkpoint).
• Configured Cisco Aironet wireless access points using, RADIUS, WPA & WPA2.
• Prepared IT budget for Confidential and Supervised the NA Infrastructure team
• Installed and configured Sentinel 6 (event log management software) for Magneti Marelli and configured correlation rules for firewalls, AD domain controllers, IDS and other critical servers.
• Configured hot spot for visitors, DHCP, DNS, TCP/IP, OSPF and BGP routing protocols.
• Installed and configured Smart Defense, Desktop Security Policy, Secure Client & network SSL extender using RSA Secure ID authentication.
• Configured ANX tunnel to GM, Ford, Auto Web, Covisint, Honda, Chrysler, remote users (Secure Client/SSL network extender) and managing several site to site (Star and Meshed topology) IPSEC VPN tunnels to suppliers and other branch offices.
• Resolved firewall and VPN issues using smart view tracker, smart view monitor, smart defense, fw monitor, cp info, tcp dump, wire shark and several other utilities.
• Configured and managing ACE Server (RSA Authentication Manager), Radius server, RSA authentication agent for windows, ISA 2006 and RSA authentication agent for IIS.
• Upgraded RSA authentication manager from 6.1 to 7.1, configured RSA self service console, created replicas package and installed several RSA replicas servers globally.
• Installed and configured Blackberry Enterprise server 4 and 5 for exchange, outlook anywhere and push e-mails for remote users.
• Working with corporate on IT and SOX procedures and policies.
• Providing SOX auditors with the necessary documentation and logs as required.
• Configured IP 360 (vulnerability & risk management solution) & Etherscope Series II for discovery of network host, discover wired & wireless infrastructure devices & configurations.

Confidential,MI

Systems Analyst

• Installation and Maintaining NT Servers, Exchange 5.5, Outlook Web Access, IIS, SQL Server 7.0 and Support internal and remote users.
• Re-designing of corporate web pages using Flash, Front Page and Java scripts.

Confidential,Chicago,IL

Network Specialist

• Installed and Maintain NT servers, Netware Servers, Exchange Server 5.5, SQL Server, IIS, NT Workstation, and Windows 95/98/2000 and provide support to all internal and remote users.
• Installed and Configured Outlook Web on IIS Server, Create new users, Distribution lists in Exchange 5.5 on a daily basis.