- Information security professional over 10 years of experience in Security testing (VA&PT), Security control assessments, Risk assessments, SIEM, IT security compliance and SOC operations
- Proficient in areas of Web application and network security assessments, security compliance review and audits, developing security artifacts and security incident investigations.
- Develop Security artifacts for Audits
- Penetration Testing, Vulnerability Assessments, Compliance Assessments
- Access Management
- Risk Assessments
- IT Audit and Compliance
- NIST, IRS 1075, SSA security guidelines, HIPPA, ISO 27001, PCI DSS
- Application Security
- Infrastructure Security
- Security Operations
- Physical Security Audits
Sr. Information Security Professional
Technical Environments: Burp suite, Veracode, SonarQube, Jenkins
- Responsible to complete and deliver SA&A security documents to CMS and SCA evaluators. Maintain SA&A packages, and meet the requirements in the CMS Information Security (IS) Authorization To Operate (ATO) Package Guide.
- Responsible to develop and update System security Plan (SSP), information Security Risk Assessments (ISRA), Contingency Plan (CP), Privacy Impact Assessments, and Security operations standard operating procedures (SOPs).
- Perform Security Impact Analysis (SIA) for each system release in order to determine the security impacts to the system due to the proposed changes.
- Conduct Static, Dynamic and Manual application security testing for the CMS systems that Gouthami works for and provide recommendations to the project teams to remediate the findings.
- Expertise to execute manual security test scenarios in order to uncover the security findings using manual techniques that automated tools may not found.
- Work with the developers and architects closely with the proposed security solutions and assist them in following OWASP secure coding best practices.
- Customize the Burp Suite, VeraCode security tools as necessary in order to reduce the false positives without impacting the performance.
- Responsible to coordinate and develop Contingency Plan test exercises annually for the systems Gouthami is responsible for.
- Develop and maintain Plans of Actions and Milestones corrective actions to reflect the remediation status of SCA findings.
- Lead and manage the response to security incidents involving assets or personnel and present the incident reports to CMS.
- Collaborate with the SCA auditors and CMS to finalize the draft security assessment plan, deliver documentation, and perform interviews / testing setup and logistics for SCA on CICDIM projects.
- Coordinate with project managers in planning and executing the ESS/project schedules.
Security & Compliance Analyst
- Responsible to establish the tool capability for security assessments and conduct the compliance and vulnerability assessments for infrastructure servers and devices using QualysGuard on a periodic basis.
- Experience in preparations for ISO27001 surveillance audit and internal audits and working with the divisions in gathering the evidences required for the external audit.
- Responsible to coordinate with various stakeholder to discuss vulnerabilities through recommending and monitoring of remediation activities
- Responsible to configure QualysGuard compliance module, configure custom policies and configure custom reports in the solution with the tool in accordance with CIS benchmark and Confidential baseline standards.
- Perform Confidential firewall assessments to identify the gaps in compliance to meet the Fund information security standards.
- Involved in developing control test procedures to standardize the fund - wide compliance process includes ISO27001, external financial audit and internal compliance as part of InfoSec compliance program
- Responsible to ensure the compliance status of Confidential critical business infrastructure servers and applications in accordance with the company standards.
- Review the Confidential baseline standards and provide the recommendations and gaps in the requirements as necessary
Information Security Consultant
Technical Environments: Metsploit Pro, Nessus, HP fortify, Burp suite, wireshark, Cenzic Appscanner, Splunk Enterprise Security, Java, SOAP, REST
- Experience in conducting penetration testing for web applications and servers using Burp Suite and Metasploit Pro, and document the results to the senior management.
- Conduct security testing for ESB SOAP and REST internal web services, external federal interfaces and DC applications using Cenzic Hailstorm Appscanner.
- Conduct vulnerability assessments for servers and network devices using Nessus to ensure the compliance and security configurations are in accordance with CIS benchmark.
- Review application source code using HP fortify to identify the vulnerabilities introduced during development phase.
- Define and conduct manual security test cases for web application, Oracle IAM and provide the necessary recommendations to the development teams.
- Develop security testing strategy document for web application, servers, databases and network devices.
- Responsible to write correlation rules in Splunk ES for servers, client applications and network devices to identify the anomalies and to track administrator activities.
- Create dashboards in Splunk ES to view the security posture of client systems, applications, databases and network devices.
- Responsible to review and update company security policies in accordance with NIST, IRS1075, SSA security requirements and HIPPA guideline.
- Develop the information security procedures to comply with the company policies, regulatory standards.
- Responsible to work on System security plan document that include security categorization, architecture, security and privacy control implementation details.
- Responsible to produce IRS, SSA, HIPPA dataflow diagrams to send/receive client data with external agencies for eligibility and verification purpose.
- Conduct internal security reviews for company information systems to validate the security controls with respect to NIST publications, company policies and procedures.
Information Security Analyst
- Conduct security testing for various web services using SOAP UI and performing penetration testing for web applications using BurpSuite and provide necessary recommendations
- Work with DevOps teams to ensure the security solutions are built into applications to meet security control objectives.
- Responsible to perform threat modeling for application using Microsoft Threat modelling tool to identify assets, application entry points and privileged boundaries. Determine and rank the threat categories using STRIDE methodology.
- Perform source code reviews for SOAP UI and Java applications with respect to OWASP guidelines.
- Responsible to provision the policies, configure certificates, managing private keys and passwords for web services using layer7 policy manager
- Managing identities, password policy, and external JDBC and email listeners in layer 7 gateway.
- Good understanding of Splunk architecture, installing add-ons and configuring high level and security domain dashboards.
- Creating Splunk alerts, reports to prevent, detect and report internal and external suspicious activities and coordinate with the respective teams to remediate them
- Configuring threat intelligence sources with splunk ES to identify security-relevant threats.
- Configuring assets and identities in splunk ES and write correlation searches to monitor user activities and data source anomalies.
- Demonstrated experience in monitoring security notable events such as brute force attacks, malware events, threat activities, vulnerabilities, network intrusions using dashboards and alerts.
- Generating the splunk ad-hoc reports to support the compliance and audit requirements.
Technical Environments: Splunk enterprise security, Layer7 policy manager, SoapUI, BurpSuite, nmap, Active Directory, IBM ISIM, wireshark, Python, Vbscript, PHP, MySQL, JBOSS, Java
IT Security Analyst
- Application Security code review: Worked with application development teams for implementation of best security practices within the SDLC. Performed security reviews on new and legacy applications
- Conduct vulnerability assessments for various networks and applications through the use of automated tools and manual techniques
- Perform web application security assessments using Metasploit framework
- Responsible to perform site assessments in order to verify the compliance to the company standards.
- Review of internal security controls as part of ISO27001 ISMS.
- Conduct trainings to the client to make them understand the mapping of the vulnerabilities found to the business risk they could have
- Responsible to perform ISO27001 surveillance audits, coordination with Control Owners, develop and review information security processes and procedures as part of ISMS
- Responsible to conduct periodical InfoSec awareness across organization locations and clients.
- Participated in the establishment of technical priorities, standards, and procedures. Also responsible for managing the quality assurance, training, and knowledge management
- Responsible for security policy and procedures (global security standard) were implemented effectively that company has set for its internal Infrastructure as well as for Client's
- Participated Patch management, Vulnerability and Antivirus compliance and technology policy and procedure development.
Security Tools: Metasploit Framework, Nmap, Netcat, Wireshark, eye Retina, Modem Scan, Netstumbler, Qualys, Perl, Nessus, Kismet
IT security Analyst
- Conduct third party security risk assessments as per client business requirements and new proposals. Coordinate risk mitigation plans with the service lines and document the results and present to the senior management.
- Analyzing non-standard, vulnerable software and tools prior to use inside the enterprise network. Developed security program to automate device and technology standards internal audit reviews for network devices, servers.
- Review the network design connectivity requests, firewall port change requests and providing the necessary security recommendations. Conduct system acceptance test on the devices and providing the required best practices to mitigate the security risks.
- Perform vulnerability assessments for VLANs, modem and Wi-Fi networks and report the non-compliance and provide the comprehensive report with action items.
- Responsible to perform datacenter, workstation, server and network devices security compliance audits in accordance with organization information security policies and technical standards.
- In-depth security log analytical abilities for variety of platforms including windows, Unix, IDS/IPS, Realsecure, Checkpoint firewall, Cisco pix, Tripwire, Symantec, Mainframe, Apache, tandem, Web Seal, Web Sphere, Guardium, CA ACX
- Configuring event log sources include network devices, servers, applications with RSA envision to send logs
- Perform post incident root cause analysis and provide RCA document the client.
- Define correlation rules in SIEM to detect suspicious, abnormal and malicious activities that include TCP/UDP port probes, P2P detections, malwares detections, rules on administrator/system activities to comply with PCI DSS requirement 10.
- Develop and customize new parsers for RSA envision Tandem, CA-ACX, Cisco PIX as part of UDS support in RSA envision and fix unknown and undefined messages
- Troubleshoot security incidents and providing root cause analysis for the critical security incidents and service availability issues. Developed auto scripts to update blacklist IPs and BotIPs in RSA envision.
- Health check of integrated devices with RSA that includes log collection interruption and network related issues
- Ability to investigate the scans in production and non-production environment and providing a detailed analysis to the client.
- Integrating Web Applications integrated with Tivoli Access Manager for stronger authentication and authorization of the end users.
Security tools and Technologies: SIEM RSA envision, Checkpoint Firewall, Juniper Firewall, IBM ISS, End-point security tools, Event Explorer, MacAfee foundstone scanner, websense,, Bash, Shell, Tivoli Access Manager, Sun Identity Manager, Radiant One virtual directory