SUMMARY:

• Security Professional with 5+ years’ experience in Security Industry, Certified ITIL professional & keen participant in Capture the Flag (CTF), Cyber War Gaming and Cyber Threat competitions. Familiar with penetration testing, Kali - Linux, Qualys, Incident response, TCP IP, IPS, IDS & wireless networks, Access control, Qualitative & Quantities risk analysis, COBIT, PCI, FFIEC
• Information Security Analyst/Engineer around 5 years of experience in analyzing security incidents, Vulnerability and Penetration testing, Network Monitoring functions.
• Experience with industry recognized SIEM (Security Information and Event Management) solutions such as HPE ArcSight, McAfee, Splunk, RSA NetWitness and many other tools.
• Hands on experience with security consulting and research
• Hands on experience with Incident Handling, Documentation and log analysis
• Hands on experience with Blue Coat Proxy, Proofpoint, Tufin and Bit9
• Experience and better understanding of scripting languages, command shells and regular expressions such as Python, Perl, PowerShell, Bash
• Assess and evaluate business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement
• Hands on Experience with Security frameworks such as NIST SP 800-37, HIPAA, PCI-DSS, SOX
• Have Solid experience with industry standards ISO 27001, HITRUST and ISO 22301
• Experience on the technical delivery side of Governance Risk and Compliance (GRC) projects
• Worked in 24*7 running SOC department to analyse security incidents and log analysis
• Solid working knowledge of ethical hacking and testing of cryptographic algorithms
• Solid Knowledge of Linux, RHEL, CentOS, Windows, Unix Operating systems
• Have Solid working knowledge of Unix and Linux administration
• Identify the threat vectors and security events by analyzing signatures
• Strong understanding of enterprise, network, system/endpoint, and application-level security issues and risks
• Excellent knowledge of FISMA, HIPAA and NIST, PCI DSS, SOX Compliance usage, rules and regulations
• Used Splunk Security Manager to identify threats and assigned in particular category
• Specialist in Consulting of different security solutions for all phases of solution cycle: Planning, Architecture, Design, Implementation, Deployment, Troubleshooting & Support, Handover and Documentation.
• Strong understanding of DLP Architecture, Rules and Policies and its implementation
• Have solid understanding with AWS VPN technology and Single Sign on Technology
• Assist in the creation of an end-to-end technology strategy for SIEM to address current and future security concerns, emerging threats, regulatory compliance and alignment with technology and the business
• Antivirus: McAfee Virus Scan Enterprise, Symantec, Endpoint Protection Suite
• DLP: Websense, Symantec & McAfee
• IPS/IDS: McAfee IPS, HP Tipping Point, Cisco IDS, SecureWorks IDS/IPS
• SIEM: RSA Envision, Arcsight, Splunk security manager, IBM QRadar
• MSS: Vulnerability Assessment, Content Filter, Antispam, IDS/IPS MAnagement
• Good Exposure to Security Tools.
• Application Security Project (OWASP) top 10 risks and their testing methods.
• Threat modeling of particular functionality of the application.
• Good knowledge on python scripting
• Experience on Server virtualization and configuring various virtual machines
• Excellent communication and Interpersonal skills with abilities in Customer Relationship
• Enthusiastic about learning new concepts in emerging technology.
• An efficient team player
• Management, Team management and working closely with Business area

TECHNICAL SKILLS:

Tools: Kali Linux, Tableau, Lotus Notes, ERP - SAP, Visio, Qlikview, Oracle, Identity and access management

Security Web Applications: TCP/IP OWASP, Nessus, Grabber, Zed Attack, Skipfish Hydra, Firewall, IDS, IPS

Languages and Database: Basics (C++, HTML, XML, Python, SQL), Amazon Web Services, (Security - IAM)

Networking & Frameworks: DNS, DHCP, UDP, ISO 27001/27002, SSO, SAML, NAT, PCI-DSS

Continuous Monitoring: Vulnerability Management, Web Application Scanning, ThreatProtect, Policy Compliance, Cloud Agents, Asset Management, Governance, Risk Management and Compliance, Sourcefire, Nexpose, Forcepoint, Rapid7

Event Management: RSA Archer, Blue Coat Proxy, Splunk, NetWitness, LogRhythm, HP Arcsight

PenTest Tools: Metasploit, NMAP, Wireshark and Kali

Security Software: Nessus, Ethereal, NMap, Metasploit, Snort, RSA Authentication

Frameworks: NIST SP 800-171, ISO 27001/31000, HIPPA, HITRUST CSF, PCI DSS

PROFESSIONAL EXPERIENCE:

Confidential, North Carolina

Information Security Analyst

Responsibilities:

• Analyze logs from different servers using GrayLog and Kibana visualization tool
• Provided internal review for risk management analyzing IT risks based upon NIST FICIC policies and IT plans addressing enterprise cyber security for hotels and franchise
• Conducted Security Evaluation and Testing (ST&E) for systems for Certification and Accreditation and conducted Risk Assessment to NIST 800-30
• Migrated machines from Physical to Virtual P-to-V migrations with VMware using vCenter convertor
• Prepared a standard 3rd party risk assessment questionnaires for vendor risk management (VRM) by comparing BITS, Cloud security alliance (CSA) and Google vendor security assessment
• Experienced in installing firewalls, anti-virus software, and protecting confidential information
• Skilled in testing, maintaining, & troubleshooting computer network
• Ensuring regular back up of data and monitoring security controls
• Worked on SOC department which runs 24*7 days and able to analyse all security incidents
• Conducted network penetration tests and implemented vulnerability assessments
• Hands on experience and Solid understanding of Nexpose tool, SIEM IBM Qradar, RSA NetWitness
• Drove significant efforts in meeting the strategic goals by deploying 'Use Cases' after assessing the integrated data and event feeds with ArcSight SIEM
• Participated in courses for password cracking and attack technologies
• Excellent experience to create algorithm through Bash and Powershell scripting
• Solid understanding of OWASP top Vulnerabilities and other software security best practices
• Familiarity with security and testing tools such as Burp Suite, Nmap, Zenmap, OpenVAS, Nessus
• Experience with penetration testing against a wide variety of application layer platforms, including web, mobile, and thick client above and beyond running automated tools
• Solid experience with Ethical hacking and testing/development of Cryptographic Algorithms
• Resolve Incidents while investigate & troubleshoot root causes when escalated
• Real time analysis of security events or threats which is generated by network hardware and applications through SIEM tools such as HP ArcSight, Splunk, RSA NetWitness
• Hands on Experience with App Provisioning and Server access Provisioning
• Responsible for various independent projects such as security test plans, security authorization and testing of systems

Information Security Analyst

Responsibilities:

• Installing the patches and bringing up the AIX servers to up to date patches.
• Responsible for Monitoring and enforcing information security program and policies
• Responsible for developing information security risk identification, classification, triaging and mitigation
• Worked with the enterprise architecture team, Security Governance, and Policy team
• Developed a Feasibility Plan for ArcSight Solution Design Implementation by assessing the existing Network & Security Infrastructure whilst determining measures to leverage ArcSight ESM platform
• Experience of administering and implementing SIEM RSA NetWitness, DLP, Web sense, Advance malware detection program, vulnerability assessment, and prevention
• Administer identity and security access globally for human and functional accounts across multiple systems and applications. This includes on-boarding/off- boarding, incident/problem management associated with access entitlements and terminations as well as Emergency & Privileged Access management
• IT Security-Identity & Access Management Provision and de-provision user and group accounts on Healthcare applications
• Daily reporting of assigned Security Administration team members productivity
• Provision user and group accounts within Microsoft Active Directory and AS/400 environments
• Support customer projects, performing assigned tasks while working on defined deadlines
• Assist with periodic access reviews of user account access

IT Risk Analyst

Responsibilities:

• Emphasize on Financial Statement & Internal Controls Audit which scopes in business applications and its supporting information technology elements like Database, O.S, Applications and Change Management Process.
• Perform multiple SOX 404 Audits for General IT Controls in areas such as Access Security Controls & Change Management Controls for Fortune 500 clients.
• Executing Operating Systems Security Audits in AS400, Windows & Unix (Solaris, HP-UX, AIX) & Database security audits in Oracle database, SQL for Fortune 500 clients.
• Involved in identifying the risks of material misstatement & mapping the internal controls.
• Perform review, reperformance & independent testing of controls.
• Involved in Testing of Automated process control configurations.
• Perform analysis of Service Auditor Report (SAR)-SOC1 and mapping the service organization’s controls to client controls.
• Perform IT risk assessments and implement strategies to identify business deficiencies and propose enhancements.
• Developing the audit documentation and the final audit report (primarily in Microsoft Excel, Microsoft word) based on evidence received from client.
• Participating in walkthrough calls which involves scoping of the application for audit.
• Communicating with onsite coordinator for discussing project issues daily.
• Weekly coordinating with onsite team for tracking project, budget and its completion.

Network & Security Engineer

Responsibilities:

• Responsible for configuration of Cyberoam firewalls, SSL VPNs and Cyberoam Central Console, i-View (open source logging software), Endpoint Data Protection Security/Data Leakage Prevention, remotely.
• Understood customer requirements, Network Infrastructure & Prepare Network Diagrams.
• Accountable for configuring of:
• Cyberoam firewalls and the network security architecture of the client.
• Complex hub and spoke architecture for VPNs with Cyberoam and other products.
• Cisco or Linksys switches and routers with Cyberoam
• User Level Authentication, integration with AD, LDAP, Radius authentication and Single Sign On authentication.
• Internet Access Policies, Bandwidth Policies, Surfing Quota Policies and content and application filtering.
• IDP and IPS Policies.
• Providing Gateway Antispam (Comtouch) and Antivirus (Kaspersky) solutions with Cyberoam.
• Involved in using the backend of Cyberoam which is Linux based and work with the Linux servers from the backend to resolve the clients issues which needs backend access.
• Designed the security and work interactively with other products like Checkpoint, Fortigate or Cisco Products at the client’s place test the solutions implemented by us.
• Played a pivotal role in analysis of network packets by capturing it through packet sniffer tools and check for the compliance with the RFCs and detect attacks.
• Conducted analysis of Cyberoam along with other UTMs and Security Products and work closely with the development team for future developments.
• Evaluated other security products and conducted the testing of Cyberoam and work interactively with the development team to bring in feature requests and resolve the bugs.