SUMMARY:

• Over 9 years of SOC experience in cyber security with multiple Federal Government Departments and Agencies, both in classified and unclassified working environments.
• Over 4 years of VA experience with Confidential SAA VA team as Senior VA Lead, overseeing the configuration, scheduling and monitoring the scans for the Confidential network, generating technical analysis reports and reviewing following the risk based approach, vulnerability analysis, recommending and monitoring of remediation activities. Updating of the SOP for the Vulnerability management system.
• Demonstrated success in designing, implementing, and completing projects that exceeded the satisfaction of senior management.

TECHNICAL SKILLS:

• Arcsight SIEM, ISS Real Secure, Sourcefire/Snort, McAfee IntruShield, Tipping Point, Websense.
• Netforensics, StealthWatch, BlueCoat, Niksun, Mars, Solarwinds Orion, Dragon, BigFix
• Nessus Security Center, tripwire IP 360, tripwire SIH, Web Inspect, RedSeal, nmap.
• Splunk, Arcsight logger, Syslog, LogLogic, Wireshark.
• Symantec Security Info.manager, SAV 10, 11 and SEP
• Remedy, Applix
• Windows 9x/NT/2000/XP,Windows 7 enterprise, Redhat Enterprise, Linux, Cisco IOS, DOS
• MS Office 2013, Lotus Notes

PROFESSIONAL EXPERIENCE

Confidential

Senior Security Analyst

Responsibilities:

• VA lead and responsible for vulnerability assessment task for senate network with the VA tools - tripwire suite IP 360, Nessus Security Center and RedSeal
• Actively involved for the configuration, testing of the Nessus Security Center and performed test scans under different phases, when the VA tool was inducted in the client network. Monitored running of scheduled VA scans, ad hoc scans, setting of the scan profiles, change of configurations.
• Effectively utilizing the RedSeal software to measure and manage the digital resilience of the client’s network by monitoring network topology, best practice checks, vulnerabilities checks of the enterprise network, analysis of downstream and upstream risks and generation of vulnerability reports - high interest hosts, access reports and threat reports etc. for hosts under different subnets.
• Ensuring timely generation of technical evaluation reports, computer security evaluation report, vulnerability matrix, and authentication failure data. Review of the reports following the risk based approach. This greatly assisted the client for the timely action for removal for vulnerabilities in enterprise systems and applying of patches.
• Kept track of the updated versions of all applications in use in the enterprise network and performed quality assurance in the light of latest versions of the applications with tripwire IP 360.
• Monitored vulnerabilities categorization on basis of the host scoring of the system in tripwire and this greatly assisted the client to prioritize the removal of vulnerabilities from the different enterprise systems.
• Updating of the different documents, SOP for the Vulnerability Management system on regular basis.

Confidential

Senior Security Analyst

Responsibilities:

• VA lead and responsible for vulnerability assessment task for senate network with the VA tool- tripwire suite IP 360.
• Monitored running of scheduled VA scans, ad hoc scans, setting of the scan profiles, and change of configurations.
• Ensuring timely generation of technical evaluation reports, computer security evaluation report, vulnerability matrix, and authentication failure data. Review of the reports following the risk based approach. This greatly assisted the client for the timely action for removal for vulnerabilities in enterprise systems and applying of patches.
• Kept track of the updated versions of all applications in use in the enterprise network and performed quality assurance in the light of latest versions of the applications.
• Monitored vulnerabilities categorization on basis of the host scoring of the system and this greatly assisted the client to prioritize the removal of vulnerabilities from the different enterprise systems.
• Updating of the different documents, SOP for the Vulnerability Management system on regular basis.

Confidential

Senior Principal Analyst, Information Security

Responsibilities:

• Security monitoring for threat identification, mitigation and compliance by using Cisco Security Monitoring, Analysis and Response System (MARS), Dragon and Sourcefire. Monitored Blue Coat Proxies for checking web traffic and taking action for blocking malicious web sites.

Monitored vulnerabilities in desktops, enterprises servers and network devices with Nessus Vulnerability Scanner and effectively utilized nmap scanning on the enterprise network for host discovery. Utilized ArcSight Co-relation engine for collecting, processing and assessing security and risk event information. Utilized BigFix, system and security management tool for systems life cycle management, endpoint protection, security configuration and vulnerability management.

Checking of malware and viruses in desktops by using Symantec SAV10 and SEP11 and taking remedial action for their removal and to run the full AV scan to check for their status that the machines were virus free.

Confidential

Senior Security Engineer

• Monitored incoming and outing network traffic of DCN and Web based Pacer Network for US courts with IPS/IDS systems through Site Protector of ISS Proventia, Multi Router Traffic Grapher (MRTG) and SolarWinds, Orion Network Performance Monitor. Informed the US courts for violation of security incidents and follow up for remedial action. Utilized Lotus Notes for communication through the e-mails.

Confidential

Information Security Specialist

Responsibilities:

• Monitored incoming and outgoing network traffic with the Tipping Point IPS and investigated the blocks for further scrutiny. Performed detailed study of network traffic with NIKSUN Net Detector.
• Utilized Websense technologies in blocking the malicious domains. Applied security patches to spam firewalls, and virus definitions to various AV software-Sophos, MacAfee, Symantec, Norman and Digital Vaccines to Tipping Point SMS. Co-ordinated with network security team for installation, implementation, network configuration and maintenance of IDS, IPS and firewall equipment’s and better resource utilization.

Confidential

Security Analyst

Responsibilities:

• Analyzed internal and incoming /outgoing network traffic for network anomalies with different intrusion detection systems-Cisco IDS, Snort, SNP and CSAs. Investigated patterns of malicious and suspicious network traffic to discern malicious activity and incidents from false positives when responding to IDS alarms. Actively used of Blue Coat and X-Stop 3000 technologies for blocking malicious web sites. Utilized Log Logic for analysis of network traffic. Hands on with Nessus Vulnerability Scanner, ISS Scanner and Web Inspect for checking vulnerabilities in the systems.

Confidential

Security Analyst

Responsibilities:

• Analyzed internal and incoming/outgoing military and non-military network traffic for network anomalies with different Intrusion Detection Systems -COTS (RealSecure, Lancope, and Arbor Peakflow, IntruShield, ArcSight, and Open Source (Argus, Bro and Snort). Investigated patterns of malicious and suspicious network traffic to discern malicious activity and incidents from false positives when responding to IDS alarms. Initiated defensive action through the router team to coordinate defensive action to malicious Internet activity/attacks. Communicated with incident response team (and other communities of interest) to identify, describe, and report on incidents, malicious activity and poor security practices for further remedial action.