CAREER OBJECTIVE

Seeking a position as a Cyber Security Analyst and Information Security Analyst in initiatives at SOC environment that utilize state - of-the-art, software and/or hardware components security with a creative, technology-driven organization in an environment that encourages innovative thinking, recognition and career development.

SUMMARY:

• Performs event correlation using information gathered from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system IDS logs) within the enterprise to gain situational awareness and determine the effectiveness of an observed attack By using Splunk, Fire eyes, Snort, SIEM/ArcSight and Scanning tools& Network security tools (Nmap.Nessus,Wireshark, and tcp dump).
• Led IT service refresh efforts for large enterprise SOC environments with a focus on security solutions such as firewalls, data loss prevention solutions, web application firewalls, intrusion detection/prevention solutions, network sniffers, and more.
• Analyzes identified malicious activity and determines appropriate course of action in response to identified and analyzed anomalous network activity.
• Performing periodically application vulnerability assessments
• Work closely with our developers and management on security practices
• Experience with web application development .
• Analyzes existing processes, standards, policies and/or equipment and makes process improvement recommendations to managers ensuring compliance with laws, standards and policies while managing business risks
• Work closely with our developers and management on security practices
• Develops positive relationships with other business and IT functions involved in security and privacy matters. Digital Forensics research, Malware Analysis, Cyber Threat Intelligence.
• Vulnerability Assessment, reach conclusions, and make recommendations
• Install, Configuration and troubleshoot information security tools, Splunk and Fire Eyes at windows & Linux Environment.
• Monitor networks for security events and alerts clients to potential (or active) threats, intrusions, and compromises by Netsparker Web server Scanner
• Sound knowledge of TCP/IP networking, switches, routers, firewalls, VPNs, and encryption.
• The ability to analyze event and systems logs, perform forensic analysis, analyze malware, and other incident response related data, as needed.

TECHNICAL SKILLS:

Best Security Tools I have used: Class-Dump-Z, Cycript, GNU Debugger, Fiddler, Nmap, Wikto, Brutus, WireShark, Burp Proxy, Paros Proxy, Cain and Abel, John the Ripper, Hydra, Metasploit, netcat, openssl, ike tools, Back track tools, Nessus, IBM-AppScan, Acunetix, Nikto, NetSparker, MicrosoftBaseline Security Analyzer (MBSA), Web Securify, Snipper, QualysGuard, Open VAS. Encase, FTK, X-Ways, F-Response, Volatility, Open Source Forensics Tools, Splunk Security Enterprise and Fire Eyes, Netsparker, ArcSight SIEM.

Operating Systems: Good knowledge and working experience with Operating Systems (O/S) includes Windows Server 2008, 2008r2, 2000, Windows XP Professional, 7 Professional and UNIX/LINUX

Hardware/Storage: SAN, RAID

Programming: SQL, T-SQL, Store Procedures, PL/SQL, Trigger, Functions, Java, Splunk

PROFESSIONAL EXPERIENCE:

Confidential, Dulles, VA

Cyber Security Analyst

Responsibilities:

• Support proactive detection and analysis of security incidents by Splunk Enterprise security
• Periodic assessment on incident trending to guide the strategy
• Conduct Digital Forensics research, Malware Analysis, Cyber Threat Intelligence.
• Vulnerability Assessment, reach conclusions, and make recommendations by Splunk
• Monitor networks for security events and alerts clients to potential (or active) threats, intrusions, and compromises by Splunk & Fire Eyes.
• Performing application vulnerability assessments
• Performing code review across a variety of programming languages
• Work closely with our developers and management on security practices
• Identified information security related events/incidence and document through to resolution.
• Analyze data provided from other departments/ Business Unit customers to evaluate the severity/magnitudes of events to determine if an incident occurred and formulate an appropriate and calibrated response in the event of a confirmed incident.
• Led IT service refresh efforts for large enterprise SOC environments with a focus on security solutions such as firewalls, data loss prevention solutions, web application firewalls, intrusion detection/prevention solutions, network sniffers, and more.
• Sound knowledge of TCP/IP networking, switches, routers, firewalls, VPNs, and encryption. possess demonstrated analytical ability and the ability to handle a large, complex workload. Monitoring indicators and warnings of threats and potential threats to voice, video, and data networks and associated systems;
• Reports and documents on business use cases, the creation and maintenance ArcSight rule sets, channels, and customized views;
• Short and Long-term security event trend analysis performed on a regular basis using Splunk, FireEye, and a dozen other cyber security tools;
• Network Monitoring, Network Security, Database Backup & Restore Installed and Configure SQL Server 2008 & 2012 in development, test, and production environment

Confidential, Irvine, CA

Data Security Engineer

Responsibilities:

• Performs event correlation using information gathered from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system IDS logs) within the enterprise to gain situational awareness and determine the effectiveness of an observed attack By using Splunk, Fire eyes, Snort, SIEM/ArcSight and Scanning tools& Network security tools (Nmap.Nessus,Wireshark, and tcp dump).
• Daily evaluation and update of SOC security posture, including firewall policy and other network devices in order to provide secure connectivity.
• ToDevelop and execute security processes, policies, and procedures.
• To Proactively identify, troubleshoot, and resolve vulnerabilities
• Performing code review across a variety of programming languages
• Work closely with our developers and management on security practices
• Participate in incident response and management as required 24x7
• Participate in multiple Projects and manage large projects as required
• To defense-in-depth security for the organization to protect critical IT assets and data.
• Design the people, processes, and technology systems to enable an effective security program including:
• Security infrastructure device management
• Security and critical IT monitoring
• Threat management
• Vulnerability management

Confidential, Richmond, VA

Data Analyst

Responsibilities:

• To presenting data in charts, graphs and tables as well as designing and developing relational databases for collecting data by tableau, SQL Server, Microsoft Excel, or Microsoft Access.
• Installation, Configuration, Upgrade SQL Server 2000, 2005 & 2008
• Administration and Manage SQL Server 2000, 2005 & 2008 with Cluster Environment.
• Installed and Configured Operating System, Windows Server (2000, 2003r2 & 2008)
• Migrated databases from SQL Server 2000 to 2005 and 2005 to 2008 in test and production environment
• Identify and address database performance issues and capacity issues.
• Develop plans for and be able to execute disaster recovery for SQL server database systems.
• Develop and maintain Database backup strategy
• Implement policies related to compliance and information protection as they apply in the database environment
• Effectively articulate database requirements to non-database teams
• Review developer SQL queries and stored procedures for optimization and security purposes
• Security Management
• Assist SQL developers to optimize SQL queries and Stored Procedures
• Identify and address database performance issues and capacity issues.
• To execute disaster recovery for SQL server database systems.