PROFESSIONAL SUMMARY:

• Experienced in Vulnerability management and remediation.
• Scanning the network and provide the scan reports to operational teams.
• Mitigate vulnerabilities identified in Security scans.
• Worked on McAfee VSE product for Stop worms, spyware, and viruses, get high - performance security, Lessen damage from outbreaks.
• Having Strong understanding of DLP Architecture.
• Manage and perform Nessus and Nmap scans before all production releases and analyze vulnerabilities and report to all stakeholders.
• Performs vulnerability assessments and penetration testing using automated tools on web applications.
• Knowledge of VMware server automation and configuring Active Directory domain using Scripting languages like PowerShell Scripts, VBScript, and Power CLI.
• Hands on experience in IAM requirement analysis, implementation of Access Gateways and SAML, Oauth, Open ID based integrations.
• Experience in planning, developing, implementing, monitoring and updating security programs, and advanced technical information security solutions, and sound knowledge in SOX and PCI compliance requirements and understanding of NIST and ISO standards
• Experience with industry recognized SIEM (Security Information and Event Management) solutions such as SNORT, Splunk, Log Rhythm and many other tools.
• Worked on McAfee HIPS product for Get the broadest IPS coverage, Safeguard against malicious threats, Get automatic security updates, Protection around the clock.
• Identifying the critical, High, Medium, Low vulnerabilities in the applications based on OWASP Top 10 and prioritizing them based on the criticality.
• Good experience to provide remediation consultation to organizations and system owners, ensuring vulnerabilities are remediated IAW DISA/NIST and Cyber Threat Intelligence research
• Experience in deploying SAML based highly available solutions using PingFederate and other security products, can create and process the SAML to get tokens which can be processed by other Web Access Management Products.
• Experience in Windows server 2003, 2008, 2012, 2016 Microsoft Active Directory, Microsoft Group Policy deployment to ensure standard computer settings, software distribution and security policy enforcement.
• Upgraded OPSS schema and developed a DB Security Store for IAM.
• Modernize assessment tools by researching emerging technologies and outlining their procurement to increase productivity and effectiveness
• Having good understanding and Knowledge for implementation for ISO 27001, NIST 800-series, DIACAP, and FISMA guidance/governance
• Performed Symantec DLP environments management and support configuration as well as data security environments used in testing and configuring client sites prior to installation.
• Expert in installing SPLUNK logging application for distributed environment.
• Experience in Automated and Manual Penetration Testing, Contractor Assessments, Source Code Review, Controls Assessment. Software Development of Custom Compliance Modules, Attacks, and Exploitation for Nessus and Metasploit.
• Experience with industry recognized SIEM (Security Information and Event Management) solutions such as SNORT, Splunk, Log Rhythm and many other tools.
• Extensive experience with Active Directory Domain Services (ADDS), Domain Name System (DNS), Windows Internet Naming Service (WINS), and Microsoft Exchange/Office 365.
• Expert in Windows server 2003, 2008, 2012, 2016 Microsoft Active Directory, Microsoft Group Policy deployment to ensure standard computer settings, software distribution and security policy enforcement.
• Experience in Active Directory, GPOs, DNS, DHCP, TCP/IP, WINS, IIS (Web Server), FTP, Terminal Server, WSUS, Microsoft Clustering and Exchange Server.
• Led Cyber Security development team responsible for SSO authentication to 100+ applications. Security,
• Implementing, configuring, Migrating and supporting Windows, Creating and managing User Accounts & Groups in Active Directory.
• Antivirus McAfee Virus Scan Enterprise, Symantec, Endpoint Protection Suite
• Conducts vulnerability scans and penetration tests to meet PCI requirements.
• Experience in supporting, operation and troubleshooting the problems.
• Written nmap scanner and multithreaded python program to brute-force an ftp server using password file.

TECHNICAL SKILLS:

Tools: Kali Linux, Tableau, Lotus Notes, ERP - SAP, Visio, Qlikview, Oracle, Identity and access management

Security Web Applications: TCP/IP OWASP, Nessus, Grabber, Zed Attack, Skipfish Hydra, Firewall, IDS, IPS

Languages and Database: SQL, C++, Visual Basic, Java script, JSON, Python, Bro, ASP.NET MVC, Powershell, PowerBI, STIX

Networking & Frameworks: DNS, DHCP,SSO, SAML, NAT, PCI-DSS

Continuous Monitoring: Vulnerability Management, Web Application Scanning, ThreatProtect, Cloud Agents, Asset Management, Sourcefire, Nexpose, Forcepoint, Rapid7

Event Management: RSA Archer, Blue Coat Proxy, Splunk, NetWitness, LogRhythm, HP Arcsight

PenTest Tools: Metasploit, NMAP, Wireshark and Kali

Security Software: Nessus, Ethereal, NMap, Metasploit, Snort, RSA Authentication

Frameworks: NIST SP, ISO 27001/31000 , HIPPA, HITRUST CSF, PCI DSS

EXPERIENCE:

Confidential, Indianapolis, IN

Sr. information Security Engineer

Responsibilities:

• Executed daily vulnerability assessments, threat assessment, and mitigation and reporting activities to safeguard information assets and ensure protection has been put in place on the systems.
• Actively monitored and responded to activity impacting various enterprise endpoints facilitating network communication and data handling (McAfee End Point Security, DLP, Splunk)
• Gather testing tools and methodologies and perform step by step Penetration testing by enumerating information.
• Cyber Security RPLRS Requirements Management, Vulnerability Assessment, Identity Access Management (IAM).
• Sound knowledge in Metasploit Framework and Social Engineering.
• Involved in standardizing Splunk forwarder deployment, configuration and maintenance across UNIX and Windows platforms.
• Conduct Malware analysis and investigate behavioral characteristics of each incident utilizing IDS monitoring tools.
• Setup centralized Authentication through LDAP Server Configuration for Identity Access Management (IAM).
• Expertise in administering and supporting Windows Server 2003/2008R2/2012 Active Directory, DNS, DHCP, LDAP SharePoint, Microsoft Exchange 2003/2010.
• Responsible for the SSO rollout to each department in CMH Manage SSO user authentication G2Appliance
• Experienced with McAfee ePO, Nitro, Web gateway, DLP, Bluecoat websense, ForcePoint, Proofpoint, Trend Micro, Nexpose (Rapid7) and Splunk Enterprise SIEM security tools to monitor network environment.
• Expertise in development of Information Security Programs based on frameworks such as NIST, NIST, NIST, ISO 27002, COBIT 5.0, FFIEC, GLBA, SOX, PCI & PII with IT Risk drivers KPI's and KRI's to ensure Financial regulatory compliance and data security.
• Strong working knowledge of Identity and Access Management technologies - User Management, Password Management, Account Management, Entitlement Management, Role Management, Web Access Management, Federation, Directory Services.
• Conduct internal and external security audits based on standard cybersecurity frameworks from ISO 27002, COBIT, NIST, OWASP and Cloud Security Alliance
• Built proof of concept (POC) for Localization to use AWS for some transcoding workloads. AWS services used were EC2, S3, Lambda, Elastic Transcoder. Second phase would be to add Captions and Digital Rights Management (DRM).
• Active Directory AD integration with VCenter Server, vCAC, vCloud Director vCD, vRO.
• Work with various cyber and infrastructure groups to solve complex problems with RSA and SSO issues at Savannah River Site.
• Assessment guidance/standards used; NIST SP, NIST, NIST, ISO27002, ISO27005, to ensure regulatory compliance and proper assessment of risk.
• Develop documentation for new/existing policies and procedures in accordance with Risk Management Framework (RMF), NIST SP requirements.
• Monitor and investigate SOC incidents and alerts with McAfee EPO
• Use Splunk Enterprise Security to configure correlation search, key indicators and risk scoring framework.
• Performed Inter-Forest migration of users, workstations, and servers to Active Directory 2012 using Microsoft's Active Directory Migration Tool (ADMT) v3.2.
• Web access management, Deployed & Migrate WebSenses Web Secure Gateway appliances
• Configuring and administrating DNS, DHCP, web servers and other Active Directory Services.
• Compliance analysis of Identity Access Management (IAM) as part of NERC Standard CIP-004.
• Performed wireless pen testing using Aircrack-ng and analyzed the network using Wireshark. Found network vulnerabilities using Nexpose and analyzed web application using HP Fortify.
• Experience on vulnerability assessment and penetration testing using various tools like BurpSuite, DirBuster, OWASP ZAP Proxy, NMap, Kali Linux, and Metasploit.
• Experienced in working with Splunk authentication and permissions and having significant experience in supporting large scale Splunk deployments
• Responsibility for policy configuration for all the McAfee components and the same is deployed to the clients.
• Performed risk analysis using State approved risk analysis methodology based on NIST SP and ISO IEC 17799 methodologies.
• Responsible production support of Active directory (AD), GPO, Domain users, Users and groups and given appropriate permissions, shares and privilege to access LAN and Domain environment.
• Proficient in Penetration testing based on OWASP Top 10 vulnerabilities like XSS, SQL injection, CSRF, Source code review assessment.
• Managed security incidents resulting from Splunk and third-party alerts, including investigation and remediation.
• Administer and maintain the corporate DLP environments while structuring and documenting the corporate DLP infrastructure environments.
• Managed security incidents resulting from Splunk and third-party alerts, including investigation and remediation.
• Performed Symantec DLP environments management and support configuration as well as data security environments used in testing and configuring client sites prior to installation.
• Experience on vulnerability assessment and penetration testing using various DAST & SAST tools like BurpSuite, DirBuster, NMap, Nessus, IBM App Scan, Kali Linux etc .
• Used McAfee ePolicy Orchestrator to monitor and identify potential intrusions and attacks for the Security Operations Center (SOC).
• Managed security incidents resulting from Splunk and third-party alerts, including investigation and remediation.
• Expertise in development of Information Security Programs based on frameworks such as NIST, NIST, NIST, ISO 27002, COBIT 5.0, FFIEC, GLBA, SOX, PCI & PII with IT Risk drivers KPI's and KRI's to ensure Financial regulatory compliance and data security.
• Conduct network Vulnerability Assessments using tools to evaluate attack vectors, Identify System Vulnerabilities and develop remediation plans and Security Procedures.
• Internal, External, White box, Black box, Grey box penetration testing.
• Sound knowledge in Metasploit Framework and Social Engineering.

Confidential, Dayton, OH

Information Security analysT/Cyber security analyst

Responsibilities:

• Designing architecture, implementation and Troubleshooting Cyber Security solutions like Mcafee, HP ARCSIGHT SIEM, IBM QRadar and Splunk Solution
• Conducted onsite penetration tests from an insider threat perspective.
• Migration of Data Center and Perimeter Security technologies to Cloud security Technologies
• Designing architecture, implementation and Troubleshooting Vulnerability Assessment and Penetration testing solutions using Nessus, Nmap and Qualys.
• Performed host, network, and web application penetration tests.
• Maintain McAfee ePO environment in optimum performance and compliance standards.
• Use Splunk Enterprise Security to configure correlation search, key indicators and risk scoring framework.
• Conducting IAM and IEM security assessments; Implementation and Review of ISO Controls
• Performed troubleshooting of DNS, DHCP, IIS and Active directory and maintained Web Servers by installingIIS 6, FTP Sites and creating Virtual Directories in IIS 6.
• Working extensively on various streams of Identity and Access Management (IAM) such as account management, web access management, password management and user provisioning using LANDesk, RSA and Active Directory (AD).
• Monitor, analyze and 0respond to network incidents and events. Participate in disaster recovery implementation and testing under NIST framework, HIPPA, & HITECH standards.
• Documentation regarding DLP administration, scanning, reporting, and remediation.
• Analysis of Offenses created based on vulnerability management tools such as: Rapid7
• Developed Black Box Security test environments & conducted tests as part of team for precautionary measures.
• Created the annual IT Business Plan and managed many new technology projects including SOA, IAM, and Open Source
• Configure constrained delegation in Active Directory for Kerberos enabled applications
• Developed approaches for industry-specific threat analyses, application-specific penetration tests and the generation of vulnerability reports.
• Responsibility for policy configuration for all the McAfee components and the same is deployed to the clients.
• Use Splunk Enterprise Security to configure correlation search, key indicators and risk scoring framework.
• Installed and configured new SSO software for DWPF. Worked closely with networking and server groups to successfully complete project on time.
• Performed risk assessments to ensure corporate compliance.
• Symantec DLP and RSA DLP architecture and implementation for enterprise level companies.
• Developed detailed remediation reports and recommendations for compliance and security improvements across industries based on changing threats.
• Review and updated System Security Plan (NIST SP ), Risk Assessment (NIST SP ), and Security Assessment Report (NIST SP A).
• Troubleshooting issues related to McAfee ePO servers (5.x), VSE 8.x and HIPS.
• Performed Vulnerability Assessments and Data Classification and their impacts.
• Use Splunk Enterprise Security to configure correlation search, key indicators and risk scoring framework.
• Led implementation & integration of PAM/IAM solutions with multiple platforms including Windows, Linux, Database and third-party tools.
• Experience in Set up Client environments and created connections in Cold Fusion Admin Server.* Performed troubleshooting of DNS, DHCP, IIS and Active directory and maintained Web Servers by installing IIS 6, FTP Sites and creating Virtual Directories in IIS 6.
• Web Access Management Specialist, Management of the perimeter protection of web applications and web services. (80k identities, 100 applications, 500 roles);
• Performed application security and penetration testing using IBM Appscan.
• Use Splunk Enterprise Security to configure correlation search, key indicators and risk scoring framework.
• Managing Security tools DLP, SIEM, Vulnerability scanner and Penetrations test.
• Perform automated and manual security assessments to identify configuration and patch related vulnerabilities using commercial and open source tools.
• Configuration, troubleshooting, and management of Websense Data Security (DLP).
• Monitoring McAfee dashboard for updated DAT versions in all the client.

Confidential

IT Security Analyst

Responsibilities:

• Testing, troubleshooting, level II support, documentation, and technical expertise are services provided.
• Risk Assessment using Cyber Security Frame works like NIST, OCTAVE, GLBA
• Assisted Lead Auditors in Audit data collection and Documentation.
• Created checklists and collected audit data for compliance with SOX and PCI s
• Installed, configured, and updated Linux machines, with Red Hat and CentOS. Won two quarterly s for my willingness and ability to work outside my specialty and assist other departments.
• Launched and led a successful two-year Identity and Access Management (IAM) program which automated brittle manual processes resulting in a high integrity, secure digital and physical access
• Created custom SSO pages and secured with second factor of authentication using X509 and SSL of all end points of SSO Solution
• Technical consultant focused on enterprise digital security solutions for Web Access Management, the Identity Lifecycle and Privileged Identities
• Resolved security vulnerabilities by analyzing and recommending improvements in communications and network security at the component level
• Manage enterprise security systems, identifying key security risks, reporting risks to management with recommendations for corrective action utilizing NIST frameworks.
• Ensured business continuity by designing, implementing and testing disaster recovery systems
• Converted user accounts to LDAP from local on AIX and RHEL worked with IAM team.
• Created checklists and collected audit data for compliance with SOX and PCI s
• Developed, implemented and verified security policy and access management compliance
• Monitored system performance and prevented resource exhaustion using ssh, sar, vmstat, iostat, netstat and nmon.
• Developed Cyber Security Standards on NIST Frameworks and insured their proper implementation to reduce the risk of vulnerability to IT assets.
• Managed, monitored and tested individual and group user access privileges and security
• Reviewed LAD configuration and Managed daily activities to include user support and system administration tasks
• Analyze Pre-Implementation network documents for Firewall requests, SEC- ACls and AppSense requests.
• Given Information Security oversight and guidance to businesses needing 3rd party connectivity as it relates to company's Information Security Standards and IS Policies.
• Liaise with business and multiple technology teams (i.e.CATE Network Engineering; Proxy OPs and Integration; Perimeter Security Ops; System Based Computing; Remote Access Services and Business Information Security Officers; Appsense Implementers); to facilitate cross functional solutions as it relates to 3rd party connectivity aligning with Company's Information Security Standards.
• Investigated alleged non-compliance issues and audited and monitored key activities.
• Used Security tool like AlgoSec Firewall Analyzer, NetFlow, IDS, and IPS for analysis.