PROFESSIONAL EXPERIENCE

Confidential

Cyber Security Expert

Responsibilities:

• Cyber Security Awareness campaign in developing countries currently focused in Nepal. Interaction with, scholars, confidential.In order to have a good governance as well as how to upgrade existing cyber infrastructures to a secure environment. I started awareness training programs for various colleges in Kathmandu.
• Providing demonstration to students, and office users on network sniffing, ethical hacking, port scanning, spoofing, SCAM, Spam. Performed internal and external vulnerability assessments as well as penetration testing by Wireshark, controlled vulnerability exploitation/penetration testing on applications, network protocols, and databases. Knowledge on IPS/IDS device.
• Understanding of Data protection. Ability to perform analysis, audit and examination of a system compromise Incident response process for malware Skills Malware analyst should able to examine malicious software and site, such as confidential.
• Demonstrated advanced understanding of business processes, internal control risk management, IT controls and related standards. Identified and evaluated complex business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement. Responsible to operate, manage and maintain security systems.
• Developed an affordable secure network model for the confidential at Kathmandu. Making bottom up cyber security agenda for confidential. Providing new ideas and leadership to carry out cyber security mission cross the country. Developed syllabus for cyber security classes for beginner level, mid - level and advanced level students and participants.
• Maintaining staffs and volunteers in focusing on its mission and vision and balance organizational priorities through an inclusive strategic planning and management system.

Confidential

Systems Engineer / Security Analyst

Responsibilities:

• Manage firewall rule set updates: provide timely/accurate firewall rule set updates as requested by customers. Ensure rule sets adhere to Confidential /EOS/Netops policies and procedures. Update appropriate documentation. Manage network switch port and VLAN: audit/perform network port and VLAN decommissions quarterly. Communicate updates with the appropriate system owners to ensure not impact to customers.
• Eliminate intra - network NAT: Identify and coordinate with the system owners to eliminate internal flows that unnecessarily utilize public addresses. Configure firewalls to support both flows, and decomm old rules once application updates are performed/verified. IT security to scan PC and MAC systems using Foundstone. Creating security documentation, creating bundles. Applying appropriate patches and making systems up-to-date required by the agency. Worked on Juniper firewalls, creating firewall rules using command line, Juniper NSM and Space. Worked on firewall rule switch port audit.
• Weekly vulnerabilities scanning on Windows and Linux based systems including, PC, servers, switches, routers and firewalls connected to the network and operated standalone systems. Scanning tools I used was the Splunk for logs, and Gap analysis, Case tool for inventories of the systems, Mcafee Foundstone tool for for high, medium, and low vulnerabilities scan, generated report and provided that report to the customers. Developing action and mitigation plans with POA&M to the customers on weekly meetings. Monitoring of the organization(s) information systems following FISMA compliance and confidential based standards and best practices.
• Team lead on VMWARE products to virtualize space mission research labs. Supporting Windows Servers and Unix servers environment into ESXI 5.0/4.1 with vCcenter Server, vMotion, and Cluster for the high availability. Install, build, manage and support high availability for vmware environment with Fiber Channel SAN storage. Good understanding and implementation of VMPLAYER, VMWARE Workstation, VSpare Client, VCenter Server and ESXI 4.1 / 5.0, and SAN. Support, configure, and manage Checkpoint Firewall and Juniper Firewall for the research and development labs. Monitoring security and login logs, scanning systems, follow up security procedure of Kace and Foundstone and apply them appropriately in timely manner. Setting up contingency procedure for virtualization environment in the labs. Applying security patches regularly on Windows and vmware systems.
• Install, configure, and support an organization's local area network (LAN), wide area network (WAN), and Internet system or a segment of a network system. Maintain network hardware and software. Monitor network to ensure network availability to all system users and perform necessary maintenance to support network availability. Supervise other network support and client server specialists and plan, coordinate, and implement network security measures.
• Day-to-day Windows server administration (Windows 2003, Windows 2000, Unix, Microsoft Office 2003/2007, various other applications, and 2008) and maintenance, including patching, hardware break-fix, troubleshooting, and upgrades. Good knowledge of working on Dell, HP, IBM servers. Creating user accounts on Active Directory, groups, and distribution lists. Setting up and creating group policies, local security policy and GPO to computers and users. Monitoring NetIQ tools, Daily operation and support on NetBackup 6.5 and Veritas Backup Exec 12.5. Installation and migration with Windows 2003, 2008 32 bit, 64 bit, and R2 servers with RAID 5 configuration and VMware 2003, 2008 Servers and Windows XP, Windows 2007 support, installation and configuration.
• Supporting Symantec Antivirus server and client administration. Setting up Windows 2003/2008 Cluster, NAS and SAN solution. Supporting data recovery solution by using snap shoot, Netbackup, and Ghost product. Used Altiris Server to deploy application packages on host computers and gathering reports. Installation, Configuration, troubleshoot and Support CISCO ASA Security, VPN Concentrator, Checkpoint Firewall. CISCO routers and Switch.
• Responsible for all aspects of systems administration on a large and complex government software system running on Virtual Machines (VMs). Coordinates and supports testing and installation of complex applications in a team environment. Responsible for day to day support of Windows and Linux Systems and storage administration including: automation, deployment, administration, monitoring and management. Troubleshoots user accounts, platform configuration changes, software version changes and other system performance and resolves problems with skill and professionalism. Plans and coordinates software and system changes with team members. Ensures all actions meet system security requirements.

Confidential

Systems Engineer

Responsibilities:

• Responsible for day - to-day network operation of confidential Headquarter. Creating/managing User accounts for US confidential employees in Windows Server 2003/2000 Active Directory environment. Managing different group policy for different organizational unit within the Active Directory for 1000 users. Installed SQL 2000 / 2005, IIS and Share Point.
• Installed, managed, and setting up print queues, moving print queues to the right Organizational Unit within Active Directory. Currently I managed 200 Network Printers/Scanners (Dell, HP, XEROX) in Windows 2003 Print Server.
• Fully responsible for Veritas NetBackup 5.1 Master Server/Clients in Windows 2003 and using Dell Powervault (4 tape libraries, Holds 50 SDLT Tapes). Responsible for incremental/differential/full backup in daily basis for 30 servers as well as backing up couple of Terabytes of data includes SQL database, Flat file, System State. Responsible for setting up, maintaining Volume Shadow Copy in File & Print server 2003 for emergency user data restore.
• Responsible for Live State Recovery using Symantec Enterprise Solution to create an image files for all servers to the external storage device for an emergency (Disaster Recovery) propose. Manage Live State Recovery by baking up images in daily basis. Responsible for SAV/NAV Server 10.0 for Spyware solutions.

Confidential

Sr. Network Engineer

Responsibilities:

• Installed and support an Enterprise Checkpoint Firewall to securely connected 11 offices. Planned and installed PIX515E, LinkSys firewall, Access Point, VPN, DMZ for remote offices.
• Planned and managed the migration of NT 4.0 network to Windows Server 2003 and Exchange 5.5 to Exchange 2003. Installed Active Directory, Terminal Servers, Domain Controller 2003 on Virtual Server 2005 environment. Experienced with Windows 2003 Standard and Enterprise Edition.
• I have been working on the computer Networking from Gateway servers, Dell Servers, HP Servers, Compaq servers, configuring OS (NT, 2000 and 2003 Servers) workstation (NT workstation, Windows 2000 professional, Windows XP Professional).
• Coordinated and managed several major office moves, which included all workstations, printers, Scanners, phone systems and the entire network infrastructure. Wireless Networking.
• Planned and managed the installation of several Enterprise network server solutions for Blackberry devices, working on end user support as a Help Desk such as Spam Mail and Web filtering, Antivirus, Symantec Antivirus Enterprise Server, Desktop scanning/faxing /printing/phone system and a CRM database (Sales Logix).