PROFESSIONAL SUMMARY:

• Result Oriented Sr. cyber Security Analyst with 6 years of experience in various aspects of Information and Network Security. Admirable correspondent with analytical, Technical Expertise, relationship management and coordination skills.
• Responsible for defining, delivering and supporting the enterprise network security architecture developed in collaboration with the IT Network Engineering team. Implement and manage security vendor technologies that provide detective and preventative capabilities including: Vulnerability scanners, endpoint security, intrusion detection, SSL VPN network forensics, content detonation, network and application firewalling, change detection, and Security Event Management. Employ technologies and refine strategy to detect and mitigate Denial of Service (DoS) attacks. Tune and update signatures and rules for Web Applications Firewalls, Intrusion Detection Systems, DoS mitigation tools, monitoring tools and capacity planning tools.
• Six years plus experience in IT Security Operations and implementation, integration & operation.
• Experience in planning, developing, implementing, monitoring and updating security programs, and advanced technical information security solutions, and sound knowledge in SOX and PCI compliance requirements and understanding of NIST and ISO standards.
• Develop strategic plans for agency - wide implementation to address the operations of client services, product support, quality assurance, and information security training.
• Technical experience in System and Network Analysis, Intrusion Detection, Malware Analysis
• Maintained up-to-date procedures and documentation to support IT security processes.
• Experience and knowledge of threats, analysis, and remediation efforts in reference to Intrusion Prevention and penetrations
• Experience in Network Intrusion detection/Intrusion Prevention System and Firewalls
• Experience as a Splunk Engineer configuring, implementing and supporting Splunk Server Infrastructure across Windows, UNIX and Linux environments
• Providing support to Microsoft Active Directory, Microsoft SCCM servers and SQL servers.
• Hands-on designing Active Directories using power shell scripts.
• Responsible for logical and physical database design, implementation, transforming logical data models into physical databases and defining strategies for database implementation, high performance, replication and failover.
• Hands-on experience on Citrix Provisioning Services,XenApp, App-V, Metaframe PS, XenDesktop and VMware ESX/ESXi.
• Experience with Project documentation tools & implementing and maintaining network monitoring systems and experience with developing network design documentation and presentations using Visio.
• Supported the development of technical standards and guidance related to access control, governance / risk management, privacy / data protection, configuration management, continuous monitoring and vulnerability management.
• Experience in managing complex routed networks providing technical support, troubleshooting and configuration.
• Configure, maintain and design network security solutions including firewalls (CheckPoint and Cisco ASA), IDS/IPS (CheckPoint and SourceFire), VPN, ACLs, Web Proxy, etc.
• Hands on experience on NGFW Firewall management and UTM solutions (IPS/IDS, DLP, Gateway Antivirus, Antispam, Content Filtering, Application Control).

PROFESSIONAL EXPERIENCE:

Confidential, Philadelphia, PA

Sr. Cyber Security Analyst

Responsibilities:

• Worked on Cloud Security Products to ensure security of customer from cyberattacks.
• Knowledge of various DDoS attack types (UDP/ICMP Flood, SYN Flood, HTTP Get Flood, TCP Connection Attack, TCP Flag-based Attacks).
• Coordinated internal and external information security compliance activities with respect to AT101 (SOC 2&3), SOX, PCI DSS, HIPAA, Cloud Security Alliance CCM, ISO 27001/27002, ITAR, FedRAMP, and FISMA.
• Identification of phishing attempts, malware detonation, and knowledge of the DHS SOC email analysis toolset and Security Analyst.
• Ensured authorized IA tools were used to perform vulnerability testing and analysis of networks and systems to ensure DoD compliance.
• Using FISMA template to categorize the strength of a network, Reviewing and updating systems security documentation and artifacts such as SSP, ISRA, MOU, SSR, CAP and POA&Ms.
• Analyzed network traffic with ArcSight tools on network traffic, firewall (Source Fire defense center) and AV (McAfee) logs.
• Preparing daily checklist and weekly Infra call report. Deployments of Security patch management through WSUS server. Manage Symantec Antivirus. Create / Delete / Modify User and Group in File Server.
• Good knowledge on GRE tunnel, IP sec tunnel, troubleshooting of different issue of tunnels.
• Experience with Firewall migrations from PIX firewall to Cisco ASA and Juniper SRX firewall appliances.
• Experienced with RSA DLP, as well as Symantec DLP versions 12.5, 14.0, 14.5, and 14.6.
• Provided remote Technical support on implementation of technology using various Juniper Network & Security products and applications and resolve product related issues through research and troubleshooting.
• Involved in configuring and troubleshooting Juniper Firewalls including UTM features like anti-virus, deep inspection (IDP), URL filtering and screening.
• Responsible for Cisco ASA and Palo Alto configuration and administration of networks.
• Troubleshoot traffic passing managed firewalls via logs and packet captures
• Involved in a team responsible for Network security management by implementing and managing NGFW systems.
• Virtual Private Networks on Cisco ASAs with AnyConnect, Cisco ISE for authentication, as well as site to site VPN
• Implemented new Cisco ASA's, installed the framework for Cisco ACI and implemented new F5 LTM's and GTM's.
• Experience configuring and deploying McAfee modules and products like McAfee ePO, McAfee VSE, McAfee HIPS, McAfee Endpoint Encryption, McAfee Network DLP, McAfee DLP Endpoint, McAfee SIEM.
• Troubleshoot SSL AnyConnect VPN and IPSec VPN on Cisco ASA 5520 Firewall.
• Experience with Cisco ASA 5505, 5506, 5508 appliances versions 8.2 to 9.0 and up, also security plus licensing for advanced configuration.
• Creating, implementing and testing Citrix NetScaler ADC (Application Delivery Controller) responder policies in order to meet DDoS defense strategies.
• Worked on Converting the Partner IPSEC VPN from one Data Center to Another Data Center
• Expertise in installing, configuring and troubleshooting Juniper EX Switches (EX2200, EX2500, EX3200, EX4200, EX4500, EX8200 series).
• Performed various configurations using the CISCO SDM like configuring VPN, Security Audits, Firewalls, VLANS.
• Hands on experience in the Rapid7 NeXpose Insight VM vulnerability Management tool.
• Remediated vulnerabilities by decommissioning assets and by performing normal Rapid7 Nexpose cleanup.
• Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5585 Security appliance
• Everyday performance with the Cisco Iron ports - WSA S170 (Web Security Appliance) Version: 8.0.6-119, ESA C370 (Email Security Appliance) Version: 8.5.6-074, and M670 - Content Security Management Appliance Version: 8.3.6-028

Confidential, Austin, TX

IT Security Analyst - Global Security Operations

Responsibilities:

• Worked on Cloud Security Products to ensure security of customer from cyberattacks.
• Knowledge of various DDoS attack types (UDP/ICMP Flood, SYN Flood, HTTP Get Flood, TCP Connection Attack, TCP Flag-based Attacks)
• Gather information, log, data, investigation, create report.
• Created a new team to monitor three aspects of RSA DLP: Data in Motion (Network), Data at Rest (Datacenter), and Data at Endpoint.
• Creation, development, and/or restructuring of DLP programs from conception to fully perational state.
• Worked on OWASP TOP 10 attacks like, XSS, SQL Injection, CSRF, PHP Injection etc.
• Interacation with customer regarding security alerts and attacks.
• Worked on DDOS mitigation and have good idea on different kind flood attacks.
• Good knowledge on GRE tunnel, IP sec tunnel, troubleshooting of different issue of tunnels.
• Experience with Firewall migrations from PIX firewall to Cisco ASA and Juniper SRX firewall appliances.
• Provided remote Technical support on implementation of technology using various Juniper Network & Security products and applications and resolve product related issues through research and troubleshooting.
• Involved in configuring and troubleshooting Juniper Firewalls including UTM features like anti-virus, deep inspection (IDP), URL filtering and screening.
• Responsible for Cisco ASA and Palo Alto configuration and administration of networks.
• Configuring Virtual Chassis for Juniper switches EX-4200, Firewalls SRX-210
• Troubleshoot traffic passing managed firewalls via logs and packet captures
• Involved as Platform Engineer for Sourcefire including all 4.10 and NG and NGFW
• Integrated web application delivery controller(ADC).
• Involved in a team responsible for Network security management by implementing and managing NGFW systems.
• Virtual Private Networks on Cisco ASAs with AnyConnect, Cisco ISE for authentication, as well as site to site VPN
• Implemented new Cisco ASA's, installed the framework for Cisco ACI and implemented new F5 LTM's and GTM's.
• Creating, implementing and testing Citrix NetScaler ADC (Application Delivery Controller) responder.
• Managed multiple complex security implementations such as evaluating and adopting security Baseline standards and a Rapid7 Nexpose to Service Now integration to automate the reporting of vulnerabilities.
• Worked on Converting the Partner IPSEC VPN from one Data Center to Another Data Center
• Expertise in installing, configuring and troubleshooting Juniper EX Switches (EX2200, EX2500, EX3200, EX4200, EX4500, EX8200 series).
• Performed various configurations using the CISCO SDM like configuring VPN, Security Audits, Firewalls, VLANS.
• Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5585 Security appliance
• Responsible for Cisco Proxy ESA and WSA.
• Everyday performance with the Cisco Iron ports - WSA S170 (Web Security Appliance) Version: 8.0.6-119, ESA C370 (Email Security Appliance) Version: 8.5.6-074, and M670 - Content Security Management Appliance Version: 8.3.6-028
• Implementation and Configuration (Profiles, I Rules) of F5 Big-IP LTM-6400 load balancers
• Hands on experience on Web Application Firewalls and attack mitigation techniques.

Confidential

Jr. Analyst

Responsibilities:

• Managing the service request tickets within the phases of troubleshooting, maintenance, upgrades, fixes, patches and providing all-round technical support.
• Commissioning and Decommissioning of the MPLS circuits for various field offices.
• Preparing feasibility report for various upgrades and installations.
• Ensure Network, system and data availability and integrity through preventive maintenance and upgrade
• Troubleshooting complex networks layer 1, 2to layer 3 (routing with MPLS, BGP, EIGRP, OSPF protocols) technical issues.
• Providing support to networks containing more than 2000 Cisco devices.
• Performing troubleshooting for IOS related bugs by analyzing past history and related notes.
• Carrying out documentation for tracking network issue symptoms and large scale technical escalations.
• Responsible for overall firewall configuration implementations and policy installations across all platforms during maintenance windows including Palo-Alto, Cisco ASA, Check Point, and Fortigates for major enterprise network.
• Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, Inter-Vlan routing, LAN security.
• Worked on the security levels with RADIUS, TACACS+.
• Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
• Configured switches with port security and 802.1 xs for enhancing customer's security.
• Validate existing infrastructure and recommend new network designs.
• Created scripts to monitor CPU/Memory on various low end routers in the network.
• Configuring and troubleshooting multi-customer network environment.
• Involved in network monitoring, alarm notification and acknowledgement.
• Implementing new/changing existing data networks for various projects as per the requirement.
• Installed and maintained local printer as well as network printers.