SUMMARY

• Over 9+ years of diverse IT experience with expertise in Information security Threat and Vulnerability Management, Mobile Device Management, Email Security, End Point Protection, Security Information and Event Management (SIEM), compliance and Risk Management, Network Engineering, Project Management, Datacenter Operations.
• Effective in liaising with key business partners and executive leaders along with IT security teams in creating holistic security solutions and comprehensive controls to protect the security of the organization.
• Design and develop Enterprise Architecture decision document, implementation design and patterns.
• Experience with information security compliance, enterprise risk management, data loss prevention, network security, active directory data exchange and workstation auditing.
• Expert in conducting GAP analysis to determine the sufficiency of security measures.
• Proven track record of driving effective secure configuration baselines (SCB) liaising with IT asset owners.
• Specialized in application fault analysis and security incident assessments.
• Proficient in budget portfolio management programs for ongoing products, applications & infrastructure upgrades
• Exceled in identifying secure alignments and implementation requirements for Windows Bit locker.
• Developed IT strategies, policies and procedures consistent with the businesses strategies and vision while effectively protecting: data integrity, security and limiting liability.

PROFESSIONAL EXPERIENCE

Confidential

INFORMATION SECURITY ENGINEER

Responsibilities:

• Manage and Lead SOC team count of 10 members in area of field. Analyzes of malware/exploits and/or network traffic through forensics, observation of network traffic and using other tools and resources to determine if existence of persistent threat and plan remediation based on defined Incident Response Practices and Procedures.
• End to End management of Client’s Infrastructure Vulnerability Management Life Cycle.
• Triage anomalous security events. Assists in performing intelligence research for attack attribution and work with SEIM team for improving Security Log Management and event correlation enhancements.
• Communicate Security advisories across multiple infra teams basing on threat intelligence and External Vendor and Government Security Advisories.
• Mange Operational readiness and enhancement of Multitude Security Applications deployed in Environment.
• Implemented FIM (File Integrity Monitoring) solution on Client’s requirement.
• Deployed Symantec Data Center Security ground up.
• Manage and Maintain evidences for Internal PCI audits basing on communicated requirements.
• Organize routine standups and training meetings with the team to identify any blockers in operational efficiency and train the team on new assignments followed by SOP audits.
• Acted as single point of contact for managing engagements with customers, becoming their trusted technical advisor, and a subject - matter expert for security needs

Environment: QualysGuard (Vulnerability Management, Web Application Security), LogRhythm SIEM, Symantec End point Protection, Palo Alto Networks (IDS and IPS), Symantec Data Center Security, Symantec Web Security Service, Symantec and Windows Managed PKI, Symantec DLP, Zscaler Cloud Proxy

Confidential

Information security engineer

Responsibilities:

• Configuration and monitoring of Rapid7 Nexpose, Symantec -End Point Protection Antivirus, Email gateways - EOP (Exchange online protection), Air-Watch MDM, Cylance, Palo Alto Networks, Bit-Locker, PGP part of daily operations.
• Perform Vulnerability Assessment using Nexpose and fix different vulnerabilities.
• Assess, document vulnerabilities discovered that may impact the company and further lead the team on remediation. Also drive infra teams to Install and patch applications when necessary.
• Assess severity levels of security threats (e.g., incidents, vulnerabilities, malicious code) and coordinate the appropriate notifications or escalations in a timely manner to manager, Information security.
• Design and implement operationally ready, best practices for daily security operations to mitigate security threats and risks that may impact the business.
• As a team Implemented DMARC for Gap.com domain to prevent email spoofing.
• As a team implemented advanced threat protection on Exchange online protection environment.
• Lead Level 2 and Level 3 Airwatch MDM support operations.
• Work with vendors and internal teams as needed to ensure any outstanding issue is resolved in a timely manner.
• Participate as tier 3 technical security expert when coordination of incident response activities is required during each Security Incident Response event.

Confidential

Information security engineer

Responsibilities:

• Analyze security-relevant log data from SIEM for correlation and attack pattern recognition - IBM Qradar and Splunk. Also monitor security events and offenses using SIEM - and work on threat remediation by remote access or by escalation matrix to different infra and app teams.
• Identify potential network threat scenarios
• Perform hands-on testing and investigation of network threat scenarios
• Configuring Intrusion Detection systems and introduction prevention systems including PAN.
• Perform Risk Management.
• Developed and documented security related processes and procedures to help secure, mature and/or enhance the security of the environment.
• Malicious Email analysis.
• Learn and utilize open-source and proprietary security applications.

Environment: Rapid 7 Nexpose, IBM Qradar, Splunk, Airwatch MDM, Symantec End point, Cylance, Exchange Online Protection, DMARC, Palo Alto Networks (IDS and IPS), Bit-Locker Data Encryption, Casper, Log Logic, Damballa, QualysGuard, Mobile Application Security - Data Theorem.

Confidential

Business Systems analyst

Responsibilities:

• Gathered and articulated Business Requirements from User Interviews and Synthesis those requirements into technical specifications.
• Analyzed Business Requirements and created Use Cases, Use Case Diagrams, Navigation Flow, Business Flow
• Diagrams and Work Flow Diagrams for applications and created Activity Diagrams / State Chart Diagrams using MS Visio and created conceptual model
• Acted as the Scrum Master. Conducted sprints, created the sprint backlog, product backlog, burndown charts.
• Conducted walk through sessions for Business Requirement Document (BRD) and Use Cases to discuss certain issues with stake holders, Architectures and Design & development teams and also did GAP Analysis.
• Conducted Joint Requirements planning sessions (JRP) as a facilitator to gather requirements from the Business
• User and conducted many Joint Application Development (JAD) and Joint Application Management (JAM) and conducted many Rapid application development (RAD) sessions.
• Supported the Data Warehouse team by gathering requirements, performed Data Profiling, Data Validation.