SUMMARY:

• An experienced IT Security professional looking for jobs in Information Security field.
• Strongly focused and knowledgeable IT professional, with a wide breadth of software installation and maintenance knowledge
• Management of system security and file system security policies and analyzing systems to determine ways of improving performance
• Expert communicator of complex technological concepts to professional and non - professional audiences. Leader of independent workshops in network security and implementation in the broader professional community.
• Very strong Experience of working on SIEM tools to secure organization network in managing and troubleshooting with SDN technology for design and deployment of BlueCoat Proxy and Checkpoint firewalls.
• Have a hands on experience for performed Vulnerability assessment & penetration testing of Web applications, Embedded Devices.
• Expertise on Code vulnerability scanning and analysis
• Building, Deployment, Configuration, Management of SPLUNK Cloud instances in a distributed environment which spread across different application environments belonging to multiple lines of business.
• Strong understanding of DLP Architecture, Rules and Policies and its implementation
• Worked on Engineer designing, integrating and deploying the latest data protection technologies, including data loss prevention (DLP), data encryption, and data classification technologies. Analyzed business needs to drive solutions that will provide increased efficiency.
• Experience configuring and deploying McAfee modules and products like McAfee ePO, McAfee VSE, McAfee HIPS, McAfee Endpoint Encryption, McAfee Network DLP, McAfee DLP Endpoint, McAfee SIEM.
• Worked using McAfee best practice standards for OWASP top 10 CIS CSC, DLP, Data classification, and Encryption standards for Contractors and employee's.
• Experienced in Implementing & managing Symantec Data Loss Prevention.
• Experienced in creating, testing and implementing DLP Policy/Rules to ensure client data confidentiality.
• Utilized Security Information and Event Management (SIEM), Intrusion Detection & Prevention (IDS / IPS), Data Leakage Prevention (DLP), forensics, sniffers and malware analysis tools.
• Advanced Knowledge in IPSEC VPN design connection and protocols, IPSEC tunnel configuration, encryption and integrity protocols.
• Extensively worked on Secure code remediation and mitigation
• Have a good expertise in Conducting Penetration and Exploitation event.
• Worked on documentation and discuss security findings with information technology teams.
• Created written reports, detailing assessment findings and recommendations.
• Analyst in charge of vulnerability assessment, remediation, patch management, classified message incident response and category events.
• Generate weekly technical and executive level reports detailing current vulnerability climate of commercial of the shelf (CoTS), Department of Defense software applications, and operating systems installed on workstations and servers.

TECHNICAL SKILLS:

Antivirus: McAfee Virus Scan Enterprise, Symantec, Endpoint Protection Suite

DLP: Websense, Symantec & McAfee

End Point Security: McAfee Suits (VSE, HIPS & HDLP), McAfee MOVE AV, Safeboot

IPS/IDS: McAfee IPS, HP Tipping Point, Cisco IDS, SecureWorks IDS/IPS

SIEM: RSA Envision, Arcsight, Splunk security manager, IBM Qradar Worked on Configuration management tool Puppet for continuous delivery. Experience in working with Modules, Classes, and Manifests in Puppet.

MSS: Vulnerability Assessment, Content Filter, Antispam, IDS/IPS MAnagement

Vulnerability Management Tools: Foundstone, QualysGuard, Nessus, Nmap, Nexpose, Wireshark

Security Tools: Splunk ES, McAfee Vulnerability management solutions, Burpsuite, OpenVAS, Nessus, Qualys, Solarwinds, ForeScout

PROFESSIONAL EXPERIENCE:

Data Security Engineer

Confidential

• Participated in the installation, configuration and implementation of the Zscaler. Created security policies, Data engines and Data dictionaries.
• Performed installation and configuration management of security systems and applications, including policy assessment of network security appliances and host-based security systems.
• Performed tuning of MacAfee DLP to reduce false positives and improving detection rates
• Perform Security related tasks, including the day-to-day administration of the different information security tools and devices, fine tuning configuration of the devices to reduce false positives and improve effectiveness in security event monitoring.
• Experienced with Symantec DLP Policies (DLP templates) compliance and regulation standards such as SOX, PCI, and HIPAA.
• Verified that the Windows Virus Definitions on the SEPM are within 24hours from those reported by Symantec.
• Worked on Symantec DLP Product Versions Report, Client Online Status by Group Report.
• Provided real time intrusion detection host based monitoring services using Symantec DLP and EndPoint.
• Worked on Data Loss Prevention suit, Symantec DLP Product - Implementation and deployment as the Confidential team.
• Gained experience with Symantec DLP Software: DLP Cloud Prevent for Microsoft Office 365, DLP.
• Performed tuning of Symantec DLP to reduce false positives and improving detection rates.
• Performed System Administration Tasks for Symantec Data Centre Security (DCS).
• Provided onsite Symantec DLP technical service and support to a large enterprise customer base.
• Performed ongoing tuning and alerting on technologies which may include but are not limited to: Data Loss Prevention (DLP), Host Intrusion Prevention (HIPS), CASB Cloud Security, Web/Email Malware protection and Security Incident Event Management (SIEM)
• Ensured that Security tools are performing optimally and security events are detected in time for remediation.
• Implemented security measures to protect the enterprise as well as prevent data loss and respond to Security incidents.
• Performed security analysis of traffic patterns and adjust policy and procedures. Responsibilities also include performing technical and non-technical risk assessments on our systems and make recommendations to identify and improve Security Risk.
• Determined appropriate levels of security configuration, controls and monitoring.
• Developed program quality metrics as both program performance indicators and enterprise risk indicators

Information Security/Application operational Analyst

Confidential, Irving, TX

• Planning and managing the delivery of Application Security tests (both automatic and manual), and source code reviews on high risk web applications
• Perform Web Application Vulnerability scanning
• Hands on experience with Palo alto firewall and Trend Micro endpoint solution.
• Designed and implemented McAfee Data Loss Prevention (DLP) across all end-points. Created policies and keyword dictionary to safeguards intellectual property and ensures compliance by protecting sensitive data.
• Review comprehensive logs about security risk detections, events, and updates.
• Work on protection policies and identify clients at a higher risk of infection or attack.
• Deploy and manage Trend Micro Office Scan globally. Define/manage global security policies via Trend Micro Control Manager.
• Good understanding of administering and implementing SIEM, DLP, Web sense, Advance malware detection program, vulnerability assessment, and prevention,
• Responsible for maintaining availability, reporting and communication of the SIEM between it, its event sources and the endpoints.
• Good understanding of administering and implementing CASB Cloud Security, SIEM, DLP, Web sense, Advance malware detection program, vulnerability assessment(Nessus), and prevention,
• Analyze threat alerts and automatic warnings from Trend Micro Office Scan, identify threats and respond to the incidents.
• Design Cybersecurity awareness and training programs
• Worked on Various tools like Splunk and SIEM to check the logs, Wireshark for packet

  capture, WinScP for file transfer, NMAP for network scanner etc.

• Created Dashboards, report, scheduled searches, and alerts, SIEM searches and alerts Metrics.
• Perform cross platform audits of Active Directory (AD) objects and user permissions. Manage Group Policy Objects (GPOs) throughout the Active Directory (AD) enterprise.
• Create/modify user accounts, security groups, and distribution list to protect company proprietary information on Active Directory.
• Handle user account transfers from one field site to another moving client data to different servers, to ensure user accessibility.
• Maintain Microsoft Exchange e-mail accounts and public folder access through Microsoft Exchange System Manager.
• Use Track-It to track ticket progress and enter updates to have on going record of case activity till resolution is reached and ticket closed. Create, modify and maintain software packages to meet specific customer requirements and be able to create jobs to deploy
• Worked on security tools and software such as Rapid 7 Nexpose, WhiteHat, Qualys, Splunk, Solar winds, Source fire, SIEM
• Utilized Security Information and Event Management (SIEM), Intrusion Detection & Prevention (IDS / IPS), Data Leakage Prevention (DLP), forensics, sniffers and malware analysis tools.
• Provide complex and unique technical troubleshooting assistance to customers across all business units.

Network Analyst

Confidential, New York, NY

• Facilitates the efforts of the patch management team by providing detailed analysis of current high-vulnerability applications in need of remediation or updates.
• Responsible for DLP Policy creation, testing and implementation to protect client data. information leakage
• Created Standard operating procedures for DLP SMTP(Email), HTTP/s(WEB), SharePoint Incident investigation, third party domain whitelisting, DLP Access provisioning and Incident Response
• Investigation
• Automated DLP Incident metrics using splunk. Developed monthly, weekly metrics and dashboards using splunk proficient in writing splunk queries, dashboards and log analysis
• Performed regular review and recertification of DLP Policies, TLS Domain whitelisting, SOP for enhancement with BU Risk.
• Run internal and external Network Vulnerability scans at least quarterly after any significant change in network such as a new system component, installations, changes in network topology, firewall rule modifications and product upgrades.
• Write, Review and Recommend Secure Security options to comply with organizational standards.
• Worked with Desktop and Server engineer on managing applications and security.
• Implement methodologies for penetration testing with testing on application layer, inside and outside of the Network.
• Analyzed Symantec DLP events and reports
• Performed tuning of Symantec DLP to reduce false positives and improving detection rates
• Review, update, and publish documentation management procedures
• Consolidate inventory repositories to a central location and format
• Monitoring various event sources for possible intrusion, determine the severity and create correlation rules to detect thereat in SIEM.
• Conduct inventory of network and server hardware
• Create standard installation procedures for new sites and systems
• Incident reporting and management for various incident/security alerts triggered by SIEM tool. Log monitoring and Incident analysis for various devices.
• Update training materials and perform training sessions for small groups of people
• Assist infrastructure management team and infrastructure project manager with project related tasks
• Attend and report status in weekly team meetings
• Worked on SIEM for detecting malwares and threat analysis on web based URL filtering.

Desktop Support Engineer

Confidential, Irving, TX

• Help reset employee's passwords, troubleshoot computers, install new computers and appliances
• Prepares users by designing and conducting training programs; providing references and support.
• Register costumer orders, answer store phone calls, help employees with computer log in
• Configure new phones and install applications on the phone
• Recommend security enhancements to management or senior IT staff
• Help computer users when they need to install or learn about new security products and procedures
• Provide accurate information on the company network and services Perform new laptop configuration, setup and deployment
• Troubleshoot and resolve issues arising from existing laptops
• Configure and install WYSE clients
• Monitor incoming support requests and create and assign tickets in the Help Desk software system
• Assist with RF configuration and deployment
• Work on assigned support tickets and answer end user support questions
• Update and maintain an asset tracking spreadsheet
• Assist with label printer maintenance