Security Analyst Resume
Dallas, TX
SUMMARY:
- Over all 5 years of experience in IT industry specialized in security operations center (soc)
- Involved in Software development Life cycle (SDLC) to ensure security controls are in place.
- Experience in Threat Modelling during requirement gathering and design phases. And got significant exposure to Log analysis, network security.
- Got Significant Experience in Handling WAF Security tool Imperva and web application attacks
- Involved in retrieve from data lost prevention DLP.
- Having strong knowledge on working with SIEM solution like Qualys
- Responsible for implementing and responding DLP events.
- Identification of Injection, Business logic, Authentication, Session Management, etc.Related flaws in applications and encasing attack scenarios and associated risk to business.
- Got significant experience in security technologies such as web security, cloud services, identity/ access management, web application firewalls (WAF), intrusion detections etc,
- Worked on other application security related projects, such as helping customers build security into their software development lifecycles (SDLC)configuring and tuning web application firewalls (WAF)Performed application security design reviews.
- Capable ofidentifying flaws like Injection, XSS, Insecure direct object reference, Security Misconfiguration, Sensitive data exposure, Functional level access control, CSRF, Invalidated redirects
- Got significant experience in working with cloud based infrastructure with security monitoring like log events, Sybase and UNIX, and Hyperion platforms.
- Performed the gap analysis to identify scenarios like privilege escalation.
- Experience on vulnerability assessment and penetration testing using various tools like BurpSuite, DirBuster, OWASP ZAP Proxy,
- Got significant expertise designing development and management of Active directory
- Assisted in design development and management of Active Directory Architecture on overall enterprise applications.
- Implemented procedures for development and maintenance of solutions for a Active directory requirements
- Work on setting up RedSeal infrastructure, tuning, configuration and optimization; the tool will help in identifying network level security gaps, identify internal and external network level security threats, assist largely in compliances, auditing and risk assessment.
- Got significant experience in force point /Websence
- Got significant experience in using two most popular security tools methodologies Static Application security testing (SAST) and Dynamic Application security Testing (DAST)
- Hands on experience in dealing with spam filtering specially with toolset of zix,proofpint
- Simulate how an attacker would exploit the vulnerabilities identified during the dynamic analysis phase.
- Hands on experience in Palo Alto web content filtering.
- Got significant experience in review secure code and manual code
- Performed end point encryption Background/understanding of software development lifecycle
- Excellent communication skills with proven abilities in resolving complex networking, hardware & software related issues.
- Web Application security assessment in accordance with the OWASP standards
- Vulnerability Assessment includes analysis of bugs in various applications spread across N - tier on various domains by using both manual and Automation tools.
- Knowledge in Windows/Linux operating system configuration, utilities and programming
- Broad knowledge of hardware, software, and networking technologies to provide a powerful combination of analysis, implementation, and support.
- Experience in different web application security testing tools like Acunetix, Metasploit, Burp Suite, SQLmap, OWASP ZAP Proxy and HP Fortify.
- Excellent team player, enthusiastic initiator, and ability to learn the fundamental concepts effectively and efficiently.
- Proficient in Linux operating system configuration, utilities and programming
- Broad knowledge of hardware, software, and networking technologies to provide a powerful
- Good experience in Web technologies like HTTP, HTML, CSS, Forms, Database Connectivity.
TECHNICAL SKILLS:
Networking Concepts: OSI Model, TCP/IP, UDP, IPV4, IPv6, Subnetting VPN, IDS/IPS
Project Management: MS Project (Server), Creative Pro Office, JIRA, SAP
Operating System: Windows XP, Windows 7, UNIX, Perl, Python, and PowerShell JIRA
Languages: C++, J2EE, Java
Application: Microsoft Word, Microsoft Excel, Microsoft PowerPoint, Microsoft Access,Visual Studio, Share Point, Rational Suite, Micro Strategy, MS Visio, Igrafx
Security Database: MS SQL Server,Cisco, SIEM, intrusion prevention system (IPS),firewalls, host antivirus. Ms office 365, Linux, UNIX, Windows Server Hardening
PROFESSIONAL EXPERIENCE:
Confidential. Dallas, TX
Security AnalystResponsibilities:
- Monitored SSL Traffic worked on assisting in protecting web facing applications owned by different applications owners across entire AIG network.
- On board multiple number of applications To Imperva Security( WAF) from entire Business units (BU) including Fort worth, Livingston, japan, & Uk AIG web site applications. To Imperva Secure Sphere security tool to monitor SSL traffic and protect applications from external web applications attacks through WAF
- Monitor the security of critical systems (e.g., e-mail servers, database servers, web servers, etc) and changes to highly sensitive computer security controls to ensure appropriate system administrative actions investigate and report on noted irregularities.
- Worked on multiple number of web applications Across global Business AIG Units including FTW, Livingston, Japan, & Uk applications .
- Configuring and Deploying and applying Various rules. To Imperva Secure sphere in Simulation and Blocking mode to generate Valid alerts on port 443.
- Monitoring and deploying SSL cerficates and private keys and updating and uploading to Security tool Imperva secure sphere console, and validating it correctly make sure that these applications are generating alerts from port 443 .
- Monitoring SSL traffic with Security console Imperva to check its generating valid alerts or not and make sure these applications have a proper SSL certificate and private keys.
- Worked with different applications owners across all regions in global AIG network to monitor web applications attacks and contacting them for uploading and securing applications..
- Worked on 24/7 alternate shifts to monitor and remediate complex incidents reported by users to remediate and trouble shoot vulnerabilities as soon as possible
- Got significant experience in dealing with three primary security concepts of CIA Triad
- Confidentiality, integrity and availability.
- Familiarity in working with TCP/IP, IPv4, IPv6 protocols in an environment which provides multithreading, multi tenancy and high availability support at network layer. Have filed for two patents in storage domain.
- Involved in monitoring ROAR and SAS server deployment settings patch Bridge related to Blade logic server automation
- Worked on trouble shoot complex issues with team related to Blade logic server deployment settings.
- Worked on Creating emergency, standard and expedited change request get approval for Rollback and reboot server settings.
- Extensively worked on Running Blade logic and encase forensic tool Jobs related to various operating systems like Linux, Unix, Wintel and windows Server Hardening
- Scheduling regular meetings/calls during the various phases of the security assessment cycle.
- Got significant experience in working with cloud based infrastructure with security monitoring like log events, Sybase and UNIX,and Hyperion platforms
- Performed vulnerability testing, application security, database security and penetration testing against various technologies like Ajax, Flash and Web services.
- Identification of Injection, Business logic, Authentication, Session Management, etc. related flaws in applications and encasing attack scenarios and associated risk to business.
- Performing the Code review and logging the respective defects in HP ALM along with follow up & closure of the same
- Post Code review, perform the Vulnerability Assessment on the respective application and follow the same process mentioned above
- Conduct routine social engineering tests and clean-desk audits.
- Investigate potential or actual security violations or incidents in an effort to identify issues and areas that require new security measures or policy changes.
Environment: My SQL,Cisco, McAfee,SIEM, Blade logic console BMC, Encase Deployment, windows Server Deployments
Confidential, Chicago, IL
Security Analyst
Responsibilities:
- Got significant knowledge inSymantecData Loss Prevention (DLP), Vulnerability Management, Hacker tools, network penetration testing, IDS, IPS, Network infrastructure, Cloud computing, Gateway Security, Endpoint security, and Wireless.
- Worked on SIEM tool Qualys, veracode and barracuda platforms for prioritizing and mitigating vulnerability assessment
- Has experience with tier 1 support of McAfee ePO, Symantec Endpoint Protection, IPS, Microsoft Forefront, and Sophos.
- Has experience in Data Loss Prevention - Supervised internal Data Protection team members, Maintained, troubleshoot.
- Support of enterprise network security and engineering systems including IDS/IPS, and Firewalls. .
- Experience on vulnerability assessment and penetration testing using various tools like BurpSuite, DirBuster, OWASP ZAP Proxy, NMap, Nessus, and Checkmarx.
- Got significant experience in dealing with three primary security concepts of CIA confidentiality, integrity and availability.
- Got significant experience in testing, Symantec Data Insight, Vormetric and Integrator Rights Management and evaluator of cloud security applications, and Cloud Access Security Broker(CASB).
- Responsible for Support/Troubleshooting/Deployment, both in SW & HW, Linux, Windows, Computer and Information Security, Telecommunications Management, Trend Micro
- Deployed custom scripts to pull additional attributes from the prevent DLP for incident reports.
- Worked closely with global information security to monitor incidents generated from policies in Prevent (DIM).
- Proactively created presentations on challenges and solutions for current DLP implementation.
- Created and modified over 100 DLP policies for country exceptions, TLS domains, employee directory feed updates, country specific personally identifiable information (PII), credit card, employee data and social security numbers.
- Deployed custom scripts to pull additional attributes from the prevent DLP for incident reports.
- Updated DLP Preventiptables and mail modules. Performed tests on new policies and created backup plans.
Confidential
Application Security Analyst
Responsibilities:
- Black box pen testing on internet and intranet facing applications.
- OWASP Top 10 Issues identifications like SQL injection, CSRF, XSS
- Preparation risk register for the various projects in the client.
- Explanation of the security requirements to the design team in initial stages of SDLC to minimize the efforts to rework on issues identified during penetration tests.
- Perform threat modelling of the applications to identify the threats.
- Identify issues in the web applications in various categories like Cryptography, Exception Management.
- Verify if the application has implemented the basic security mechanisms like Job rotation, Privilege escalations, Lease Privilege and Defense in depth.
- Using various add on in Mozilla to assess the application like Wappalyzer, Flagfox, Live HTTP Header, Tamper data.
- Identified issues in session management, input validations, output encoding, logging, exceptions, cookie attributes, encryption and privilege escalations.
Environment: MYSQL, Cisco, McAfee, SIEM, SQL injection