SUMMARY:

• Experience and demonstrated success implementing and maintaining IT infrastructure that improved business functionality with positive impacts. Skilled Information Security Administrator with expertise in risk management unauthorized access and a wide range of vulnerabilities scanning and threats. Experience as Security Analyst, Privacy and Data Protection, RMF, Security Management & Operations, Vulnerability scanning, Security testing, Penetration testing.
• Experience in vulnerability assessment and penetration testing using various tools like Burp Suite, Dir - Buster, OWASP ZAP proxy, NMAP, Nessus, HP Fortify, IBM App Scan enterprise, Kali Linux, Metasploit
• Conducted periodic scans and on demand scan as and when new network devices are introduced, or configurations are updated in the windows servers with Qualys Guard
• Responsible for setting up configuration files in Splunk.
• Huge knowledge of managing information assurance evaluation tests.
• Performed vulnerability scans using HP Web Inspect, IBM App Scan, Qualys Guard, Retina, Nessus, Burp Suite, and Metasploit auxiliary modules.
• Sound knowledge and industry experience in Vulnerability Assessment and Penetration.
• Testing on web-based application; Mobile based application and Infrastructure penetration testing.
• Conducted penetration testing and security tests and formulated scripts to test systems.
• Worked extensively on Splunk Enterprise and Splunk Cloud, having

  experience in Installation, developing Splunk alerts and Dashboards for analyzing application related data as per the business requirement.

• Assist developers in remediating issues with Security Assessments with respect to OWASP standards.
• Providing fixes & filtering false findings for the vulnerabilities reported in the scan reports. Adding new vulnerabilities to the Vulnerability Database for various platforms with proper exploits.
• Responsible for setting up configuration files in Splunk.
• Good team player with excellent analytical, inter-personal, communication & written skills, problem-solving and trouble-shooting capabilities. Highly motivated and can adapt to work in any new environment.
• Wide knowledge in Vulnerability Assessment and Penetration Testing (V.A.P.T.) Experience on web applications.
• Remarkable experience in Manual and Automation web application Penetration Testing.
• Good understanding of attack scenarios and common vulnerabilities.
• Ability to analyze test results and suggest mitigations for security problems.
• Handled documentation and reporting.
• Experience in Create and Manage Splunk DB connects Identities, Database Connections, Database Inputs, Outputs, lookups, access controls.
• Hands on experience on different Vulnerability Assessment and Penetration Testing (V.A.P.T.) tools.
• Knowledge in analyzing False positive and False negative report, and Manual Verification.

PROFESSIONAL EXPERIENCE:

Confidential, GA

Cyber Security Analyst

• Use LogRhythm tool to identify threats and patterns for security incident response.
• Tune LogRhythm AI Engine rules to create better alerting, establish security baselines for con gurations to tune out unnecessary alerts.
• Identify, analyze and document network signals, malware behaviors and threat reports related to trends and developments in adversary tactics, techniques and procedures (TTPs).
• Build/improve tools for analyzing malware, identifying threats and tracking adversaries.
• Provide clear, actionable and structured intelligence to product and security teams. Assist in ensuring corporate and production systems are safeguarded.
• Own the analysis efforts of one or more threat actors, and serve as a subject matter expert on how those actors might affect Google and our users.
• Identify personal and team priorities, and work on assignments with minimal supervision while maintaining quality and deadlines.
• Monitor threats and alerts affecting customer networks and triage responses to remediate the alerts.
• Create vulnerability reports using CVEs and devise plans to patch or x affected devices.
• Monitoring and analyzing network traffic, Intrusion Detection Systems (IDS), security events and logs.
• Prioritizing and differentiating between potential intrusion attempts and false alarms.
• Creating and tracking security investigations for resolution.
• Composing security alert notifications and other communications.
• Advising incident responders in the steps to take to investigate and resolve computer security incidents.

Confidential, Catonsville, MD

Cyber Security Analyst

• Monitored system logs, SIEM tools and network traffic for unusual or suspicious activity. Interpret such activity and make recommendations for resolution.
• Excellent communication skills. Ability to work with the most to least computer literates.
• Performing regular penetration testing and vulnerabilityassessment/remediation using Nessus, IBM app scan and Metasploit.
• Detected/Analyzed and reported out DLP Suspicious Incidents for end-users.
• Responsible for troubleshooting various indexing issues by analyzing Splunk logs such as splunkd.log, metrics.log ingested as internal index.
• Administer and maintain end user accounts, permissions, and access rights.
• Developed and maintain documentation for security systems and procedures.
• Monitored the security and information technology infrastructure, including hardware, software, and to protect the confidentiality, integrity and availability of systems.
• Managing Palo alto appliance for IPS, URL filtering, Anti-Virus, DLP, Malware, Denial of service and vulnerability protection
• Experience in setting up dashboards for senior management and production support- required to use Splunk.
• Implementing New Policy and Modifying exciting Policy's to reduce the false Positives

  In DLP.

• Daily activities included installation, upgrades, troubleshooting, configuration, migrating user profiles and data, maintaining third party software applications, servers and workstations.
• Managed and facilitated information security related projects.
• Conducting periodic vulnerability scans of systems, wireless and network devices.
• Meeting respective Business OU to fetch also find existing documents and rewrite the

  New content and Phrases in existing Rules in DLP

• Created Dashboard on custom Visualization to use the custom app of Splunk
• Responded to computer security incidents and coordinate efforts to provide timely updates to multiple business units during response.
• Meeting respective Business OU to fetch also find existing documents and rewrite the

  New content and Phrases in existing Rules in DLP

• Performed regular penetration and vulnerability assessment and review using Qualys, Nmap, Nessus, Metasploit and other tools.

Confidential, Bethesda, MD

Jr. Cyber Security Analyst

• Performed Vulnerability assessment on multiple web applications
• Information gathering, scanning using security testing tools.
• Responsible for Data Loss Prevention (DLP) configurations, monitoring activity, Air Defense configurations and threat detections
• Identifying the vulnerability and documenting it and helping the developer to remediate the vulnerabilities.
• Analyze the performance and Security impact for IOS vulnerabilities for network

  devices and give recommendations

• Re-scan the application for Confirmatory Assessment.
• Conduct Black box security testing.
• Maintained and managed assigned systems, Splunk related issues and administrators.
• Meeting respective Business OU to fetch also find existing documents and rewrite the

  New content and Phrases in existing Rules in DLP

• Conduct Manual and automated security testing of applications.
• Generating reports based on vulnerability assessments and presenting them to client.
• Retesting after vulnerability mitigation.
• Developed workflows and procedures for email monitoring in support of the Data Loss Prevention (DLP) program.

Data Entry Clerk

Confidential

• Handle the tasks of medical coding and medical billing.
• Perform responsibilities of accounting and entering financial data of insurance and clients on MS Excel.
• Responsible for providing administrative support by handling patients, Insurance queries and concerns.
• Compiled statistical information for special reports.
• Created monthly reports for record and closed terminated records. Verified and logged in deadlines for responding to daily inquiries.
• Verified that information in the computer system was up to date and accurate.
• Responsible for preparing and entering patient medical report in the system.