SUMMARY

• Over all 8+years of experience as Security SIEM Engineer in various domains such as Web Application/Thick Client security testing, Vulnerability Assessment, penetration testing and generating reports using tools.
• Background/understanding of software development lifecycle and Softare Testing Life cycle..
• Excellent knowledge in CWE, OWASP Top 10
• Experience in penetration testing with Kali Linux: nmap, nessus, nexpose, wireshark,, enum4linux, password cracking, TCPDump,, metasploit
• Proficient in Linux operating system configuration, utilities and programming
• Broad knowledge of hardware, software, and networking technologies to provide a powerful combination of analysis, implementation, and support.
• Application Security Analysis for some of the major Clients using Nessus scanner & IBM AppScan
• Proficient in understanding application level vulnerabilities like XSS, SQL Injection, CSRF, authentication bypass, weak cryptography, authentication flaws etc.
• Good experience with system vulnerability detection and mitigation.
• Experience using a wide variety of security tools to include Kali - Linux, Wireshark, Snort, Nitko, IBM Appscan, Nessus, Open Vas,
• Experience in different web application security testing tools like Metasploit, Burp Suite, OWASP ZAP Proxy, Nessus, Nmap and HP Fortify.
• Good Understanding in pen testing Mobile application both Andriod and IOS.
• Sound knowledge and industry experience in Vulnerability Assessment and Penetration Testing on WEB based Applications, Mobile based application and Infrastructure penetration testing.
• Extensive experience working with Qualys Guard to conduct Network Security assessments.
• Good Understanding of compliance and regulatory requirements like PCI DSS, SOX & HIPPA.
• Worked as a key member in streamlining security processes, design and implement efficient security solutions achieving security efficiency.
• Excellent team player, enthusiastic initiator, and ability to learn the concepts effectively and efficiently.
• Conducted presentations to clients projecting the security services offered by the firm.
• Having good experience in Secure SDLC and Source Code Analysis (Manual &Tools) on WEB based Applications.

TECHNICAL SKILLS

Vulnerability Testing: Tenable Nessus, NMAP, OpenVAS, Qualys Guard

Application Security: Websense, IBM Rational AppScan, Burp Suite, Paros,HPWeb Inspect, HP Fortify, SQLmap, Nikto, Metasploit, Kali Linux.

SIEM Tools: SPLUNK, Arc Sight

Penetration Testing: Wireshark,Metasploit Framework

Languages & Databases: SQL, Python

PROFESSIONAL EXPERIENCE

Confidential, Boston, MA

Senior Security Engineer

Responsibilities:

• Identifying the critical, High, Medium, Low vulnerabilities in the applications based on OWASP Top 10 and SANS 25 and prioritizing them based on the criticality
• Manage SIEM user accounts (create, delete, modify, etc.)
• Create client-specific Watch Lists if necessary
• Attend vendor-specific meetings and conferences for business and professional development
• Create innovative solutions to automate and reduce timeframes for operational changes as well as initial installation of the platform
• Manage appliance or virtual appliance OS and SIEM software
• Conducting Web Application Vulnerability Assessment & Threat Modeling, Gap Analysis, secure code review on the applications.
• Assist developers in remediating issues with Security Assessments with respect to OWASP standards.
• Used SAST tools HP Fortify & VCG to test source code, byte code to expose weaknesses in the software before it is deployed.
• Perform DAST on the web applications using Burpsuite pro, OWASP ZAP to identify security weaknesses and provide remediations.
• Perform Manual assessments on the source code (Java, .Net & Python) to look for security weakness inside the code.
• Perform Mobile penetration testing and using Open source tools and validate results by eliminating false positives.
• Organize meetings with application teams to help them understand OWASP Top 10 Methodologies and provide remediation’s for vulnerabilities.
• Responsible for performing vulnerability assessments using tools like Nmap, Nessus & Qulays and also perform assessments on thick client applications.
• Perform Web application and source code assessments to make sure application are compliant with PCI DSS requirements.
• Participate in daily scrum meetings & security assessment meetings.

Confidential

Senior Security Engineer

Responsibilities:

• Conducted Vulnerability Assessments using IBM Appscan to evaluate attack vectors, Identify System Vulnerabilities and develop remediation plans and Security Procedures.
• Conducting Web Application Vulnerability Assessment & Threat Modelling, Gap Analysis, secure code review on the applications.
• Identifying the critical, High, Medium, Low vulnerabilities in the applications based on OWASP Top 10 and SANS 25 and prioritizing them based on the criticality.
• Utilize and Implement OWASP Top Ten issues and CWE's into Security Testing efforts
• Work with different application teams to help them understand the vulnerabilities listed and provide recommendations to fix the same.
• Perform Manual assessment on Java/.Net applications for the results from the appscan to eliminate false positives and report the High, Medium and Low issues.
• Used the tool called ComDroid to detect the mobile application communication vulnerabilities.
• Organize Kick off meetings with the application teams to understand the application security requirements, application flow, functionality, architecture and the technology.
• Scoring the vulnerabilities based on CWE / CVSS scoring system.
• Coordinating and conducting event collection, log management, event management, compliance automation, and identity monitoring activities using the ArcSight ESM and Splunk platforms
• Research, analyze and understand log sources utilized for the purpose of security monitoring, particularly security and networking devices (such as firewalls, routers, anti-virus products, proxies, and operating systems)
• Develop, implement, and execute standard procedures for the administration, content management, change management, version/patch management, and lifecycle management of the SIEM/Log Management platforms
• Support day to day event parsing and repairing of events that have missing or incorrect information, create log source extensions, and flow management
• Creates and develops correlation and detection rules, utilizing Regex, within Splunk ES to support alerting capabilities within the Threat Management Center
• Creation of technically detailed reports on the status of the SIEM to include metrics on items such as number of logging sources; log collection rate, and server performance
• Assisting in review of business solution architectures from security point of view which helps avoiding security related issues/threats at the early stage of project
• Providing KT to Development team for better understanding of Vulnerabilities.
• Other Adhoc Activities like monthly and weekly report creations. Scheduling meeting with different application teams for understanding future pipelines for applications.

Confidential

Security Engineer

Responsibilities:

• Conducted network Vulnerability Assessments using tools to evaluate attack vectors, Identify System Vulnerabilities and develop remediation plans and Security Procedures.
• Uncovered high vulnerabilities at the infrastructure level for internet facing web sites
• Conducted vulnerability scanning on both internal and external IPs using OpenVAS and reported the same.
• Network scanning using tools like NMap and Nessus, NMap tools and OpenVAS were used as part of the penetration testing, on daily basis to complete the assessments.
• Performing onsite & remote security consulting including penetration testing, application testing, web application security assessment, social engineering.
• Performed vulnerability testing using tools such as Nessus scanner and OpenVAS.
• Performing source code analysis to find the vulnerabilities at the code level and providing mitigation techniques to the developers.
• Worked closely with risk assessment team to provide them with the proof for the vulnerabilities exploited for the final report.
• Used SAST tools (Like HP Fortify and SonarQube) to test source code, byte code to expose weaknesses in the software before it is deployed.
• Providing fixes & filtering false findings for the vulnerabilities reported in the scan reports. Adding new vulnerabilities to the Vulnerability Database for various platforms with proper exploits.
• Using Network monitoring tools to ensure network connectivity and Protocol analysis tools to assess and pinpoint networking issues causing service disruption.
• Generated and presented reports on Security Vulnerabilities to both internal and external customers.
• Experience in using Kali Linux to do vulnerability assessment with tools like Nessus, and NMap.
• Responsible for exploiting the critical threats that were reported during the scanning phase.
• Reported the final findings, which includes the successful exploits and the recommendations to rectify them so as to make the network secure.

Confidential

Security Engineer

Responsibilities:

• Extensive Interaction with Onsite Coordinator in understanding the business issues, requirements, doing exhaustive analysis and providing end-to-end solutions.
• Conducting Web Application Vulnerability Assessment & Threat Modelling, Gap Analysis, secure code review on the applications.
• Utilize and Implement OWASP Top Ten issues and CWE's into Security Testing efforts.
• Responsible for Providing application security consulting SME Support to developers
• Utilize Qualysguard as primary tool to monitor tickets and vulnerabilities.
• Created and defined Nexpose vulnerability scanning rules for assessing security posture and compliance.
• Perform vulnerability scans using QualysGuard, report findings, create remediation plan
• Performed Vulnerability Assessments
• Expertise in using the DAST tools (Like IBM Appscan, HP web inspect,Accunetix and Burpsuite Pro) while the application is running to penetrate the application in various ways to identify potential vulnerabilities outside the code and in third party interfaces.
• Hands on Experience in conducting web application security scan using IBM Appscan, Burp Suite,, NMap tools were used as part of the penetration testing, on daily basis to complete the assessments.
• Providing KT to Development team for better understanding of Vulnerabilities.
• Other Adhoc Activities like monthly and weekly report creations. Scheduling meeting with different application teams for understanding future pipelines for applications.