SUMMARY

• Experience in vulnerability assessment and penetration testing using various tools like Burp Suite, Dir - Buster, OWASP ZAP proxy, NMAP, Nessus, HP Fortify, IBM App Scan enterprise, Kali Linux, Metasploit
• Conducted periodic scans and on demand scan as and when new network devices are introduced or configurations are updated in the windows servers with Qualys Guard
• Responsible for setting up configuration files in Splunk.
• Huge knowledge of managing information assurance evaluation tests.
• Performed vulnerability scans using HP Web Inspect, IBM App Scan, Qualys Guard, Retina, Nessus, Burp Suite, and Metasploit auxiliary modules.
• Sound knowledge and industry experience in Vulnerability Assessment and Penetration.
• Testing on web based application; Mobile based application and Infrastructure penetration testing.
• Conducted penetration testing and security tests and formulated scripts to test systems.
• Worked extensively on Splunk Enterprise and Splunk Cloud, having experience in Installation, developing Splunk alerts and Dashboards for analyzing application related data as per the business requirement.
• Assist developers in remediating issues with Security Assessments with respect to OWASP standards.
• Providing fixes & filtering false findings for the vulnerabilities reported in the scan reports.
• Adding new vulnerabilities to the Vulnerability Database for various platforms with proper exploits.
• Responsible for setting up configuration files in Splunk.
• Good team player with excellent analytical, inter-personal, communication & written skills, problem-solving and trouble-shooting capabilities.
• Highly motivated and can adapt to work in any new environment.
• Wide knowledge in Vulnerability Assessment and Penetration Testing (V.A.P.T.) Experience on web applications.
• Remarkable experience in Manual and Automation web application Penetration Testing.
• Good understanding of attack scenarios and common vulnerabilities.
• Ability to analyze test results and suggest mitigations for security problems.
• Handled documentation and reporting.
• Experience in Create and Manage Splunk DB connects Identities, Database Connections, Database Inputs, Outputs, lookups, access controls.
• Hands on experience on different Vulnerability Assessment and Penetration Testing (V.A.P.T.) tools.
• Knowledge in analyzing False positive and False negative report, and Manual Verification.

PROFESSIONAL EXPERIENCE

Confidential, GA

Cyber Security Analyst

Responsibilities:

• Use SIEM tools (Splunk/LogRhythm) to identify threats and patterns for security incident response.
• Tune SIEM AI Engine rules to create better alerting, establish security baselines for con gurations to tune out unnecessary alerts.
• Performed risk assessments to help create optimal prevention and management plans.
• Analyze and troubleshoot logs in a timely manner.
• To deploy systems to incident investigation, remediation and PIR procedures for all DLP/ILMS cases.
• Developed security strategy and performing IT risk assessment, vulnerability assessment and working with the business to mitigate risks.
• Implemented Splunk arrangements in exceptionally accessible, repetitive, conveyed figuring situations.
• Provide 2rd level support to resolve escalation producers.
• Tracking reports for unauthorized websites and push the cases for escalations. End Point DLP:
• Monitor threats and alerts affecting customer networks and triage responses to remediate the alerts.
• Create vulnerability reports using CVEs and devise plans to patch or x affected devices.
• Monitoring and analyzing network traffic, Intrusion Detection Systems (IDS), security events and logs.
• Implemented and managing vulnerability management solution using tenable security center, policy compliance, Nessus scanners and Nessus network monitor.
• Writing Splunk Queries, Expertise in searching, monitoring, analyzing and visualizing Splunk logs.
• Prioritizing and differentiating between potential intrusion attempts and false alarms.
• Creating and tracking security investigations for resolution.
• Tracking reports for unauthorized websites and push the cases for escalations.End Point DLP:
• Installed Palo Alto firewall and configured IPS, DLP, vulnerability protection and wildfire.
• Designing, optimizing and executing Splunk-based enterprise solutions.
• Composing security alert notifications and other communications.
• Advising incident responders in the steps to take to investigate and resolve computer security incidents.
• Performing automated and manual penetration testing using Meta split and other tools.
• Hands on experience in customizing Splunk dashboards, visualizations, configurations using customized Splunk queries.

Confidential, St. Louis, MO

Cyber Security Analyst

Responsibilities:

• Monitored system logs, SIEM tools and network traffic for unusual or suspicious activity.
• Interpret such activity and make recommendations for resolution.
• Excellent communication skills.
• Ability to work with the most to least computer literates.
• Performing regular penetration testing and vulnerabilityassessment/remediation using Nessus, IBM app scan and meta sploit.
• Detected/Analyzed and reported out DLP Suspicious Incidents for end-users.
• Responsible for troubleshooting various indexing issues by analyzing splunk logs such as splunkd.log, metrics.log ingested as internal index.
• Administer and maintain end user accounts, permissions, and access rights.
• Developed and maintain documentation for security systems and procedures.
• Monitored the security and information technology infrastructure, including hardware, software, and to protect the confidentiality, integrity and availability of systems.
• Managing Palo alto appliance for IPS, URL filtering, Anti-Virus, DLP, Malware, Denial of service and vulnerability protection
• Experience in setting up dashboards for senior management and production support- required to use splunk.
• Implementing New Policy and Modifying exciting Policy's to reduce the false PositivesIn DLP.
• Daily activities included installation, upgrades, troubleshooting, configuration, migrating user profiles and data, maintaining third party software applications, servers and workstations.
• Managed and facilitated information security related projects.
• Conducting periodic vulnerability scans of systems, wireless and network devices.
• Meeting respective Business OU to fetch also find existing documents and rewrite the New content and Phrases in existing Rules in DLP
• Created Dashboard on custom Visualization to use the custom app of Splunk
• Responded to computer security incidents and coordinate efforts to provide timely updates to multiple business units during response.
• Meeting respective Business OU to fetch also find existing documents and rewrite the New content and Phrases in existing Rules in DLP
• Performed regular penetration and vulnerability assessment and review using Qualys, NMap, Nessus, Metasploit and other tools.

Confidential

Jr. Cyber Security Analyst

Responsibilities:

• Performed Vulnerability assessment on multiple web applications
• Good Understanding of Splunk architecture, Knowledge about various components (indexer, forwarder, search head, deployment server)
• Information gathering, scanning using security testing tools.
• Responsible for Data Loss Prevention (DLP) configurations, monitoring activity, Air Defense configurations and threat detections
• Identifying the vulnerability and documenting it and helping the developer to remediate the vulnerabilities.
• Analyze the performance and Security impact for IOS vulnerabilities for network devices and give recommendations
• Re-scan the application for Confirmatory Assessment.
• Conduct Black box security testing.
• Maintained and managed assigned systems, Splunk related issues and administrators.
• Meeting respective Business OU to fetch also find existing documents and rewrite the New content and Phrases in existing Rules in DLP
• Conduct Manual and automated security testing of applications.
• Generating reports based on vulnerability assessments and presenting them to client.
• Retesting after vulnerability mitigation.
• Developed workflows and procedures for email monitoring in support of the Data Loss Prevention (DLP) program.
• Good Understanding of Splunk architecture, Knowledge about various components (indexer, forwarder, search head, deployment server)