SUMMARY:

Seeking Challenging Opportunities in the various domains of Information Security, to showcase the existing skill base and learn new things, and technologies. Highly Motivated IT Professional with different flavors of tools and technologies, and core focus on Information Security

SKILLS:

• Security Operations Centre (SOC)
• Security Information and Event Management (SIEM)
• Database Activity Monitoring (DAM)
• File Integrity Monitoring (FIM)
• Windows and Linux Administration
• Vulnerability Management
• Network Firewalls
• Anti - Virus
• Network Switching & Hardware
• TCP/IP
• LogRhythm, QRadar, FortiSIEM (Accelops), Splunk/Splunk-Cloud
• Syslog, Syslog-NG, rSyslog, Data Parsers, Crowdstrike
• Confidential ASA, FortiGate Firewalls, FortiWeb
• Confidential ACS, WSA, Network Switches, Prime Infrastructure, WebSense
• Windows 2003/2008/2012/7/8/10 , RHEL, CentOS, Kali, RHEL
• Guardium, Tripwire
• Qualys, Nexpose, Nessus, Rapid7, OpenVAS, Crypto Tools
• McAfee ePO, Symantec Endpoint Protection
• EnCase, Encryption Tools, ProDiscover, Autoruns, Wireshark, Tcpdump, Ansible
• MySQL, Batch Scripts, Virtual Box, XAMPP, PHPMyAdmin

EXPERIENCE:

Confidential, Westminster, Colorado

Principal Security Engineer

Responsibilities:

• Architected Splunk Cloud SIEM deployment for Enterprise level covering 50K+ Endpoints - 65K EPS/5 Billion Logs/Day
• Worked with various log source types’ integration to Splunk and Built Event Types, Field Extractions, Data Models etc
• Working on building the on-premise infrastructure to support the Splunk Cloud SIEM
• Working with Security Operations Center (SOC) to find the existing log gaps and provide a better data analysis to increase the overall security coverage
• Trained the Security Operations Center (SOC) Analysts on the existing SIEM platforms
• Successfully completed Version upgrade projects of the existing SIEM platforms - LogRhythm and FortiSIEM
• Successfully implemented SOC Rules for all the SIEM platforms which includes Anti-Virus like Symantec/McAfee, Authentication for Windows/Linux, Malware, Database, Firewall, IPS, Server, WLAN, Web Proxy etc. that reinforce the organization from different attacks and reduce the overall security risk
• Worked with Security Operations Centre (SOC) to fine-tune the False-Positives from the existing SIEM Rules
• Performed Forensic investigations upon the request from Management and Internal Auditing Team
• Created custom reports and dashboards for various IT Teams that utilize SIEM
• Managed the Database Activity Monitor Tool as a Backup-Owner/Administrator
• Assisted in the upgrade projects for Database Activity Monitor deployment
• Performed/Assisted in installation, configuration, troubleshooting and maintenance of SIEM Agents, Log Managers/Collectors, SIEM Central Managers/Aggregators
• Worked with the IT Compliance Teams to develop, implement and update, new and existing FIM Policies
• Worked with various IT Teams and created User Roles and Accounts specific to their Job Functions
• Monitor and Troubleshoot issues with Log Managers and Collectors, to ensure that acceptable EPS is logged in.
• Identify Issues and Bugs with the SIEM deployments, and work with the SIEM Vendors to register/resolve the bugs
• Other Responsibilities include completing the regular Audit requests from the Compliance Team

Confidential, Broomfield, Colorado

Security Engineer

Responsibilities:

• Successfully completed Version upgrade projects of the existing SIEM platforms
• Successfully implemented SOC Rules for all the SIEM platforms which includes Anti-Virus like Symantec/McAfee, Authentication for Windows/Linux, Malware, Database, Firewall, IPS, Server, WLAN, Web Proxy etc. that reinforce the organization from different attacks and reduce the overall security risk
• Worked with Security Operations Centre (SOC) to fine-tune the False-Positives from the existing SIEM Rules
• Performed Forensic investigations upon the request from Management and Internal Auditing Team
• Created custom reports and dashboards for various IT Teams that utilize SIEM
• Managed the Database Activity Monitor Tool as a Backup-Owner/Administrator
• Assisted in the upgrade projects for Database Activity Monitor deployment
• Performed/Assisted in installation, configuration, troubleshooting and maintenance of SIEM Agents, Log Managers/Collectors, SIEM Central Managers/Aggregators
• Worked with the IT Compliance Teams to develop, implement and update, new and existing FIM Policies
• Worked with various IT Teams and created User Roles and Accounts specific to their Job Functions
• Monitor and Troubleshoot issues with Log Managers and Collectors, to ensure that acceptable EPS is logged in.
• Identify Issues and Bugs with the SIEM deployments, and work with the SIEM Vendors to register/resolve the bugs
• Other Responsibilities include completing the regular Audit requests from the Compliance Team

Confidential, Denver, Colorado

Student IT Technician

Responsibilities:

• Performed Pre-configuration implementation and check for the new Confidential Network Switches
• Recorded the current physical cable and network configurations in the Network Closets and created Topology diagrams that are used to create the new closet configurations for the upgrade project
• Configured 200+ Confidential Network Switches with the custom configurations and performed the necessary iOS installations and updates
• Installed 200+ Network Switches (Stacks) in the Network Closets and performed a final check before going live
• Decommissioned PDUs from the old switch deployments
• Labeled and Bundled CAT6 cables for almost 30 network closets
• Successfully installed over 300 VOIP phones in the University Buildings
• Managed and Troubleshooted the Network Switches for any issues related to Physical and Logical, and Authentication like TACACs etc.
• Worked with the Security Team to perform Vulnerability Testing on the Networks

Confidential

Security Analyst

Responsibilities:

• Worked as a Security Operations Tower Lead managing a team of 8 Security Analysts
• Managed the SIEM deployments which include installation, configuration and maintenance of Aggregators and Collectors.
• Managed the User Roles and Accounts and worked with many IT Teams to create team-specific Roles
• Continuously Monitored and Investigated Various Security Incidents from the SIEM Platforms
• Created custom reports and dashboards for various requirements and teams
• Assisted and Created Standard Operating Procedures (SOPs) for the Security Operations Team (SOC)
• Managed the Vulnerability Assessment Tools in the organization which includes planning and performing Vulnerability Scans, User Account and Role Management, Creating Custom Scans for various Compliances like PCI, SOX etc.
• Worked with Specific Application and Server Owners to remediate the identified Vulnerabilities.
• Successfully upgraded the Antivirus Server deployments and managed the Anti-Virus deployments
• Created custom AV policies specific to the Compliance requirements
• Managed the User Roles and Accounts, and the external Authentication configurations for the Anti-Virus Servers
• Managed the Web Proxy deployment inside the organization which include Policy creations, URL Filtering etc.
• Managed Network Firewalls which includes, Rule Implementations, Troubleshooting, VPN Tunnel Creations etc.
• Participated and represented Security Operations Team in the weekly and emergency Change Approval Boards.
• Worked with the IT Security Auditor in identifying the Risks and Vulnerabilities for the Project
• Conducted Quarterly Information Security Awareness seminars to associates inside the organization

Confidential

Security Analyst

Responsibilities:

• Managed the SIEM deployments which include installation, configuration and maintenance of Aggregators and Collectors.
• Managed the User Roles and Accounts and worked with many IT Teams to create team-specific Roles
• Continuously Monitored and Investigated Various Security Incidents from the SIEM Platforms
• Created custom reports and dashboards for various requirements and teams
• Assisted and Created Standard Operating Procedures (SOPs) for the Security Operations Team (SOC)
• Worked with Specific Application and Server Owners to remediate the identified Vulnerabilities.
• Successfully upgraded the Antivirus Server deployments and managed the Anti-Virus deployments
• Created custom AV policies specific to the Compliance requirements
• Managed the User Roles and Accounts, and the external Authentication configurations for the Anti-Virus Servers
• Managed the Web Proxy deployment inside the organization which include Policy creations, URL Filtering etc.
• Managed Network Firewalls which includes, Rule Implementations, Troubleshooting, VPN Tunnel Creations etc.
• Participated and represented Security Operations Team in the weekly and emergency Change Approval Boards.
• Worked with the IT Security Auditor in identifying the Risks and Vulnerabilities for the Project

Confidential

Systems Engineer

Responsibilities:

• Managed the Network Switches and Firewalls for small organization deployment
• Managed the Internal DHCP and DNS Servers for the organization
• Installed, configured and troubleshooted Operating Systems like Windows and Linux on the Servers and Workstations
• Managed the Active Directory User Accounts and their Roles/Permissions
• Managed the Access Controls for Network Drives deployed across the organization
• Performed Backup and Restore Operations for the sensitive data according to the Data Retention methods and policies
• Troubleshooted the Network, Host related issues across the organization
• Researched and deployed Open-Source Ticketing Tool that tracks the overall technical issues with the Networks and Hosts and thereby improving the overall SLA metrics
• Performed the License and Software Management for the various technologies that the engineers use inside the organization
• Performed OS Security Patch updates for both Windows and Linux based Systems
• Managed the HPC Linux Servers used for running high utilization jobs by the engineers, which include User Management, License and Hardware Management.
• Created Windows Batch scripts for the users to automate certain tasks on their workstations
• Work with the Management to determine the hardware and software requirements for the users and build the servers according to the organization’s requirements.