SUMMARY:

• me is a Cyber Security Consultant and Information Security Analyst.
• Established record of accomplishment with 7 plus years of experience in halping organizations to efficiently use their networks, ensuring that the design of an organization's computer site allows all the components including computers, the network and software to fit together and work properly.
• Demonstrated abilities in developing information security frameworks, conceptualizing information security policies, and ensuring compliance with security standards and procedures.
• Sound noledge of Technologies like SIEM (IBM Qradar, ArcSight, Splunk).

TECHNICAL SKILLS

Security: Network Security Scanner: GFI LAN guard, MacAfee IPSIpswitch WS FTP: Used for connecting to theirmote host and transferring the file.Anti-Virus Tools: MacAfee, AVS Reporting ToolsIndex Searcher: Analyzing internet Logs

Networking: LANs & WANs: Configuring SwitchesFirewalls (Juniper): Configuring the Firewall, Creating the policies.

Professionally Acquired Skills -: Configuration & Troubleshooting of LAN & WAN connections - routers, modem etc.Installation & configuration of virtual machineInstallation & configuration of Active DirectoryInstallation of hardware and software applicationsLAN, WAN connections.Installation Configuring and Installation of IISTroubleshooting of Office applications

PROFESSIONAL EXPERIENCE

Information Security Analyst

Responsibilities:

• Handling Multiple SIEM solutions like IBM Qradar,Splunk, HP ArcSight & RSA Envision.
• Managing numerous security devices for clients Ex: - IDS/IPS, Firewalls, DLP, PIM, DAM, Endpoints, VA/PTtools.
• My present primarily responsible to manage security event monitoring, management and response ensure incident identification, assessment, quantification, reporting, communication, mitigation and monitoring & Ensure compliance to SLA, process adherence and process improvisation to achieve operationalobjectives.
• Revise and develop processes to strengthen the current Security Operations Framework, review policies and highlight the challenges in managingSLAs.
• Manage daily operational service monitoring activities over of the SOC security infrastructure.
• Management, administration & maintenance of securitydevices
• Perform threat hunting, threat management, threat modeling, identify threatvectors and develop use cases for securitymonitoring
• Creation of reports, metrics for SOC/SCC operations and presentation to Sr.Mgmt.
• Co-ordination with stakeholders, build and maintain positive working relationships withthem.
• Consulting and providing recommendations based on industry bestpractices.
• Review and recommended benchmark against global practices around CyberSecurity.
• Monthly meetings with client CISO, CIO & CTO for incidents andescalations.

Technologies worked on: -

• Working on the IBM Qradar and taking care of L3 escalation of IBM Qradar
• Monitoring the Offenses of IBM Qradar.
• Creating, modifying and tuning the Qradar system rules to adjust the specifications of alerts and incidents.
• Analyzing logs from multiple devices such as IDS/IPS, ASA, PaloAlto
• Integrating the Log Sources
• Installing the Nxlog and Syslog for the log sources
• Giving the L3 support to my Client
• Working with vendor IBM for the critical support for the Client
• Creating the PMR ticket with the Vendor
• Creating the report for the client
• Worked on the Migration of the Qradar from one box to another

Cyber Security Analyst

Responsibilities:

• My key responsibilities are Design, implement, configure and maintain security applications and infrastructure to support corporate policies, federal and state security regulations.
• Got good noledge in Design, plan and conduct technical infrastructure security assessments of all layers of the information system including networking, servers, operating systems, databases, and applications
• Have good experience in Collaborate with Network Engineering in developing and maintaining a secure network infrastructure including thedesign of network segmentation, firewall policies, and configuration of security devices.
• Integrated with SIEM (E.g. OS, Database, Application, Network, Antivirus, Content filtering, Firewall, DLP, IDS, IPS, Etc.)
• Manage and Maintain and provide continuous tuning of Log Management and Security Incident & Event Management solutions. Evaluate and research SEIM alerts and modify triggers and policies as appropriate.
• Undertaking technical information security incident response, investigations, gathering and analyzing data.
• Perform Vulnerability Assessment and Web Application Security testing.
• Undertake technical infrastructure and application vulnerability assessments and penetration tests, report on findings and make recommendations
• Participate in investigations of computer security incidents including incident response, containment of the incident and forensics.
• Having agood practice in research and identify industry information security best practices and develop an action plan for executing changes as needed to enhance system security and ensure the integrity of the infrastructure.
• me also Create and maintain infrastructure security framework and policies to ensure they can meet its regulatory compliance and audit needs.
• Having good Knowledge of the state of the industry and experience with security scanning tools for Operating Systems, Databases, Networks, and Applications.

Technologies Worked On: -

IBM QradarVer 7.2.0

• Implementing the Qradarin the first instance
• Implemented the connector of the Qradar
• Handling all aspects of IT security, creating and implementing corporate IT security practices and ensuring that employees follow those procedures.
• Creating, modifying and tuning the Qradar system rules to adjust the specifications of alerts and incidents.
• Analyzing logs from multiple devices such as IDS/IPS, ASA, PaloAlto.
• Familiar with Antivirus Technologies such as McAfee (from ePO to AV and HIPS), Symantec etc.
• Working with the customers designated personnel to provide continual correlation rule tuning, incident classification and prioritization recommendations, report query adjustments, and various other configuration activities to halp customers fully optimize the SIEM system capabilities as well as the audit and logging features of the event log sources.
• Working closely with the assigned Managed Services SIEM resources to ensure client's customized solution is functioning optimally and is continuously tuned to the client's needs
• Checking the Event of Qradar.
• Closing the Offences in Qradar.
• Created the correlation rule over the Qradar to get the logs.
• Integrated the Qradar to correlate the Logs.
• Using the SolarWinds to track the IP and Host.
• Creating the Correlation rules in McAfee.
• Upgrading the patches of McAfee.

Cyber Security Analyst

Responsibilities:

• Working with Vulnerability Assessment Tools like Nessus, Rapid7Nexpose, Web Inspect
• Have agood noledge of Risk management.
• Threat and vulnerability management and remediationplan
• Have an exposure to various regulatory compliance requirements like PCI-DSS, ISO-27000
• Have good experience in handling and co-coordinating internal & external (Third Party) ISaudits.
• Work with external auditors, CISO/Director of Risk, and IT staff to coordinate annual PCI-DSS and security audits, including compiling request lists and responding to auditrequests.
• Work with internal staff to enforce corporate information security policy and procedures by aiding in applying security standards toprojects.
• Perform Information securityassessments.
• Maintaining a keen understanding of evolving Internet threats to ensure the security ofnetworks.
• Work alongside technology owners to recommend and implement security improvements.
• Proven involvement in operations requiring for stringent uptime service levelsand exposure to Security OperationsCentre.
• Recommended securityrelated softwareupdates.
• Conduct riskassessment.
• Good noledge of ITIL processes like Change management, AssetManagement, IncidentManagement.
• Writing technical articles for theinternal noledge base. Example: -Newsletters.
• Provide Information Security awareness training to newjoiners.

Network Security Engineer

Responsibilities:

• Level1 Monitoring, IT Security, IDS, Host IDS. Monitor alerts and messages forall system patches, virus activity, and upgrades to maintain the overall information security integrity of the enterprise. Inform and recommend acourse of action to information security management. Working noledge of Vulnerability Assessment, Penetration Testing methods and having basic noledge of Information security products, technologies, tools and standards. Ex: Nessus, ArcSight, and LANDesk.
• Entrusted with the responsibility of contributing to quality initiatives and ensure team performance in cooperation with the process goals. Prepare anaction plan andcoach analysts TEMPeffectively.
• Responsible for designing, installing, maintaining, and supporting LAN, WAN and VoIP infrastructures as per the instruction of core team located in Singapore and Australia.
• Handling the Inventory system and asset management team.
• Maintaining Alarm/monitoring system, troubleshooting (Desktop/Server/Network) and clearing the cases which are logged by the India and Singapore user in me care system.
• Lead, guide, and mentor a strong team of support analysts and instilled highwork tempo to generate peak performancelevels.
• Administration of all technical elements and to work closely with customers regarding configurations, and industry information and on the new features & new Cisco products.
• Expertise noledge of all Cisco products All latest Routers both for small business and large enterprises model and Plan, coordinate with multiple vendor equipments based on business requirements.
• Consult with customers to understand their business needs and design TEMPeffective solutions. Check the compatibility of router software and IOS through the Cisco tool and managing product line including life cycle planning, pricing, and product introduction.
• Provide Network Problem Resolution, Root-Cause Analysis, IOS Software Referral assistance as per contracted agreement with thenamed customer.