PROFESSIONAL SUMMARY:

• Experienced Professional with over 5+ years of experience as an IT Security Professional in IT Infrastructure, Information Security, and Cyber Security.
• Information - security expert with a diverse technical background in enterprise networking, server infrastructure, database technologies, and system security. Strong knowledge of risk management and computer forensic tools, technologies, and methods. Experienced in IT security design and implementation with a solid understanding of disaster recovery, intrusion detection systems (IDS), intrusion protection systems (IPS), and web application firewalls (WAF). Analytical problem solver adept at managing network changes and troubleshooting network issues to ensure maximum up time.
• Experience configuring and deploying McAfee modules and products like McAfee ePO, McAfee VSE, McAfee HIPS, McAfee Endpoint Encryption, McAfee Network DLP, McAfee DLP Endpoint, McAfee SIEM.
• Maintaining critical monitoring systems (Splunk - log management systems) measuring system errors logs performance and availability. Evaluation of log management solution Splunk plus open source Linux storage systems.
• Experience in supporting Symantec Endpoint Protection 12.1 workstation clients in an enterprise environment. Installation, configuration, and day-to-day management of Symantec Endpoint Protection.
• Experience configuring and deployingmodules and products like McAfee ePO, McAfee VSE, McAfee HIPS, McAfee Endpoint Encryption, McAfee Network DLP, McAfee DLP Endpoint, McAfee SIEM.
• Experienced working on Solarwinds SIEM to upgrade security and compliance standards.
• Experience in Security Information and Event Management Tools like IBM QRadar, Splunk and RSA Archer
• Have Excellent written and verbal communication skills, Analytical, Problem Solving skills, highly motivated, fast learner, lead/work within a team environment.

TECHNICAL SKILLS:

Qualys Continuous Monitoring: Vulnerability Management, Web Application Scanning, ThreatProtect, Policy Compliance, Cloud Agents, Asset Management, Governance, Risk Management and Compliance.

Event Management: RSA Archer, Blue Coat Proxy, Norse, Splunk, NTT Security, LogRhythm.

PenTest Tools: Metasploit, NMAP, Wireshark and Kali.

Security Software: Nessus, Ethereal, NMap, Metasploit, Snort, BASE.

Frameworks: NIST SP 800-171, ISO 27001/31000, HIPPA, HITRUST CSF, PCI DSS.

Security Technologies: WhiteHat Web Security, iDefence, NTT Security, LogRhythm., McAfee Nitro (SIEM)McAfeeePO, McAfee Endpoint Protection Suite,

Switches: Cisco Catalyst VSS 1440 / 6513 / 6509 / 4900 / 3750- X / 2960.

Routers: Cisco Routers ASR 1002 / 7606 / 7304 / 7206 / 3945 / 2951 / 2600.

Firewalls: Check Point, ISA 2004/2006, Palo Alto PA 3000/5000.

Networking: Conversant in LAN, WAN, Wi-Fi, DNS, WINS, DHCP, TCP/IP, ISCSI, Fiber, Firewalls/IPS/IDS.

Routing: OSPF, EIGRP, BGP, RIP-2, PBR, Route Filtering, Redistribution, Summarization, Static Routing.

Switching: VLAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switching, Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging.

Operating Systems: Windows, NT, Windows 98/XP/ 2000/2003/2007, MS-DOS, Linux.

PROFESSIONAL EXPERIENCE:

Confidential, Princeton New Jersey

Sr. Information Security Analyst

Responsibilities:

• Monitored Security Management Console for Security Operation Centre (SOC) for ensuring confidentiality, Integrity and Availability of Information systems.
• Provided leadership in architecting and implementing security solutions towards Qualys and SIEM tools like Splunk, Solutionary and LogRhythm.
• Responsible for working with Endpoint Management team to manage software deployment to PCs using tools such as 2008/2012 Active Directory, Microsoft WSUS patching, Anti-virus and endpoint protection using McAfee ePO. Creation and management of PC Build Images WinXP and Win7, and application for PCI security policies.
• Manually Installed McafeeNDLP Prevent 10.x ISO.file and configured in mcafee epo server.
• Provide assistance to management with administration and configuration of critical enterprise security systems and software such as McAfee ePO, McAfee DLP, McAfee Complete Endpoint Protection-Enterprise, Proofpoint etc.
• Utilize McAfee ePO and Microsoft SCCM for endpoint management.
• Manage enterprise security systems, identifying key security risks, reporting risks to management with recommendations for corrective action utilizing NIST frameworks.
• Manage McAfee ePO A/V environment, using ePO console to pull reports to validate security protection compliance via DAT file updates, and take appropriate action to correct issues found within the ePO environment.
• Support Veterans Affairs Information system and Network, maintain HIPPA Confidentiality, Integrity via vulnerability scanning and testing for OWASP Top Ten Application/Infrastrucrure Security vulnerabilities.
• Managed Cyber Security threats through prevention, detection, response, escalation and reporting in effort to protect Enterprise IT Assets through Computer Security Incident Response Team (CSIRT).
• Responsibilities for CSIRT included SIEM, Context Filtering, Web Security, Incident Tracking, IPS/IDS and Malware Analysis.
• Generate security reports utilizing enterprise security systems such as McAfee ePO.
• Developed Cyber Security Standards on NIST Frameworks and insured their proper implementation to reduce the risk of vulnerability to IT assets.
• Provide expertise with incident response, security event monitoring, vulnerability management, asset security compliance and data loss prevention utilizing McAfee Nitro (SIEM), McAfee ePO, McAfee DLP.
• Experience in security engineering, system and network security, authentication and security protocols, applied cryptography, and application security.
• Design DLP architecture.
• Documentation regarding DLP administration, scanning, reporting, and remediation.
• Knowledge transfer to customers.
• Conducting network and application penetration tests. These assessments involve manual testing, analysis, and exploitation as well as the use of automated vulnerability scanning/testing tools such as nmap, Nessus, Metasploit / Metasploit Pro, and Burp Suite Professional.
• Symantec DLP and RSA DLP architecture and implementation for enterprise level companies.
• Monitor, analyze and respond to network incidents and events. Participate in disaster recovery implementation and testing under NIST framework, HIPPA, & HITECH standards.
• Vulnerability Management: Configured Qualys Guard Tool for Vulnerability Analysis of Devices and Applications. Monitored them constantly through the dashboard by running the reports all the time.
• Configuration, troubleshooting, and management of Websense Data Security (DLP).
• Implementation of DLP.
• Managed all the scans including discovery maps, authentication scans to ensure proper scheduling, reporting and smooth functioning of IP’s.
• Managed a Vulnerability Remediation Team (VRT) for reporting all the scan reports and guided them to fix the vulnerabilities and patches using the QID’s, Bugtraq ID’s and CVE ID’s from knowledge base from vendors.
• Managed to secure the devices across entire network by using the ThreatProtect Module from Qualys. Measured the level of Severity of devices to fix the issues arising from them by providing solutions.

Confidential, Dublin, Oh

Information Security Engineer

Responsibilities:

• Provided leadership in architecting and implementing security solutions towards Qualys and SIEM tools like Splunk, Solutionary, LogRhythm, SCCM, Altiris, LanDesk, BigFix, McAfee/Symantec.
• Push configurations and updates to multiple Splunk Enterprise instances via the Splunk Deployment Server
• Monitor the performance of Splunk via the Splunk Monitoring Console.
• Candidate will drive deployments of Splunk while working side by side with the customers to solve their unique problems across a variety of use cases.
• Collaborate across the entire organization to bring Splunk access to product and technical teams to get the right solution delivered and drive future innovation gathered from customer input.
• Design, Deploy, support and maintain Splunk cluster infrastructure in a highly available, geo-redundant configuration Develop, implement, and execute standard procedures for the administration, content management, change management, version/patch management, and lifecycle management of the firm’s enterprise security platforms
• Utilized Security Information and Event Management (SIEM), Intrusion Detection & Prevention (IDS / IPS), Data Leakage Prevention (DLP), forensics, sniffers and malware analysis tools.
• Monitoring and remediating daily security alerts generated by end users with the tools like Intel/McAfee SIEM, ForcePoints Websense, and Intel/McAfee EPO 5.X and also responsible for effectiveness of tools and scans, as well as assessing and tracking risk of exposure.
• Vulnerability Management: Configured Qualys Guard Tool for Vulnerability Analysis of Devices and Applications. Monitored them constantly through the dashboard by running the reports all the time.
• Co-ordinating pen testing and application security testing audits with PenTest Tools like Metasploit, NMAP, Wireshark and Kali on Linux/Unix operating system.
• Administer Business Continuity Program including disaster recovery plans developments and coordinating disaster recovery testing activities
• Conduct vulnerability scans to support to our risk/threat/vulnerability management program including resolving risks and the documentation of any residual risks.
• Monitor daily backups and EPO logs
• Manage EPO for Servers and Desktops/laptops company wide. Apply updates as needed. Resolve client issues, and perform routine updates to client systems.
• Provide backup support for web filtering solution-white/black lists to ensure traffic is protected.
• Managed Cyber Security threats through prevention, detection, response, escalation and reporting
• Monitoring and remediating daily security alerts generated by end users with the tools like Intel/McAfee SIEM, ForcePoints Websense, and Intel/McAfee EPO and also responsible for effectiveness of tools and scans, as well as assessing and tracking risk of exposure.
• Installing, patching and maintaining McAfee EPO 5.X and DLP, utilizing McAfee Orchestrator, and able to deploy DLP and reporting and working knowledge in ENS 10.
• Identifies, analyzes, monitors and minimizes complex areas of risk that pertain to information technology.
• Work with Windows Operating systems for the building, configuring, and troubleshooting of Windows 2003, 2008, 2008 R2, 2012, and most currently 2012 R2 and support x86 hardware regarding storage requirements and use x86 tools such as Dell Open Manage and IBM Director.
• Deploy and support information security systems and solutions such as key management, IPS/IDS, SIEM, MDM, NAC, APT detection, and endpoint management for remote user.
• Utilized Security Information and Event Management (SIEM), Intrusion Detection & Prevention (IDS / IPS), Data Leakage Prevention (DLP), forensics, sniffers and malware analysis tools.
• Implemented multiple tools including Symantec DLP, and QRadar SIEM.
• Monitored Security Management Console for Security Operation Centre (SOC) for ensuring confidentiality, Integrity and Availability of Information systems.

Confidential

Information security engineer

Responsibilities:

• Monitor controls post authorization to ensure continuous compliance with the security requirements.
• Update the controls changes from NIST-800 53 rev 3 to NIST-800 53 rev 4 and control assessment changes from NIST-800 53A to NIST 53A rev4 .
• Conceptualize and implement DLP Program and policies.
• Install and manage Symantec DLP for testing in the environment for security compliance.
• Creation, development, and/or restructuring of DLP programs from conception to fully perational state.
• Performed Monthly and quarterly Scans using Symantec DLP and done the escalation of critical data found on Share devices and Shared drives. Created and managed DLP policies.
• Network and host DLP monitoring and logging.
• Information protection solutions including Monitoring, DLP and Security Auditing solutions from Symantec.
• Responsible for using cutting edge solutions for Data Loss Prevention DLP.
• In-depth experience with Symantec DLP in an enterprise environment.
• Experience with architecting Symantec DLP Platforms.
• Experience analyzing Symantec DLP events and reports.