SUMMARY

• Eight years’ experience in the field of IT and Infrastructure as a Security Engineer across multiple industries.
• Competent at managing responsibilities in a high - volume atmosphere.
• Experience in understanding business needs and align them to the company’s Security Strategy.
• Certified Lead ISO27001 Auditor
• Developed Standard Operating Procedures (SOPs) for incident response handling.
• Outstanding experience in conveying complicated technical jargon to non-technical staff.
• Work closely with the Project Managers and Solution architects to ensure the Security regulations are fulfilled during the implementation of new products/software
• Research emerging technologies and build Proof-of Concepts to recommend advancements for business stakeholders and customers.
• Deep understanding of the businesses, clients and their requirements to be able to provide a better solution for their needs.
• Experienced in identifying risks or issues with the technology/design, which may result in the outcome of the project or its deliverables.
• Expert in security Services like AWS, GCP, Microsoft Azure and OpenStack.
• Experience with CI/CD pipelines as well as SCM’s such as Git, SVN and DevOps.
• Ensuring non-functional requirements are met with the solution delivery or remediations.
• Competent in Disaster Recovery and IT Continuity planning as part of Information Security Framework.

TECHNICAL SKILLS

Methodologies: Hands-on experience in working with OSINT, OWASP.

Security Controls: Well versed with Access Controls, OAuth, SSO, MFA, PKI and VAPT.

SIEM and Network Technologies: Experienced in Implementing Palo Alto Systems

PROFESSIONAL EXPERIENCE

Confidential

Information Security Analyst

Responsibilities:

• Maintain and improve Information Security Processes across Hansen and its clients globally with clients in USA, Europe, Australia and the UK
• Utilize the risk-based approach to evaluate and implement security solutions.
• Management of Vulnerability Assessments and Penetration testing.
• Perform Internal Penetration tests for Hansen Wintel and Unix environments
• Monitor network and email traffic using Symantec MSOC, Splunk, Proof-Point, Zscaler.
• Perform log analysis on the Antivirus reports and amend necessary changes.
• Setup Honeypots to gather threat intelligence and use it to safeguard the environment
• Implement SOC2, GDPR and ISO27002 principles according to the client location
• Audit Active Directory change logs and approve enterprise change requests.
• Assist in Security and Risk Analysis throughout the SDLC and as required.
• Monitor Inbound and outbound traffic through log monitors and take necessary actions on the anomalies.
• Manage and Initiate security driven projects and create proof of concepts for implementations.
• Research Emerging Threats - stay on top of emerging threats and vulnerabilities in IT security.
• Conduct research, and attend conferences, professional association meetings and technical symposia to gain awareness of the latest information security technological developments.
• Analyse security breaches to determine their root cause.
• Communicate Security Issues to Management - work with stakeholders at all levels of the organization to communicate the state of information security, inform of possible risks, and suggest ways to improve security.

Technologies: Symantec Managed Security (MSOC), Zscaler, Proof-point, Palo Alto Panorama, Ivanti EPM, Firemon, Neupart, Symantec Endpoint Security, Splunk Phantom, Rapid7, Velocloud SD-WAN.

Confidential

Information Security Analyst

Responsibilities:

• Analysed organization’s security posture through existing Security Monitoring tool and provided recommendations for improved measures.
• Collaborate with Systems and Network team to improve security on the network and system front respectively.
• Perform third-party audits on the vendor systems before they are integrated into the hospital environment.
• Functioned as a liaison with internal and external software developers to review code on critical projects.
• Implemented Crowd strike to the organization pcs and third-party computers.
• Write IT Security Policies and share the knowledge with the peers and end users.
• Manage the upgrade of EOL systems and software and provide alternatives if the upgrades or software does not meet the HIPAA standards.
• Aid and administer operational security technologies such as anti-virus, DLP, firewalls, IPS and vulnerability scanning etc.
• Improve and challenge existing processes and procedures in a very agile and fast-paced information security environment.
• Investigate incidents using SIEM technology, packet captures, reports, data visualization, and pattern analysis.
• Monitor User Login Activity and find anomalies if the user logs in from outside their designated country.
• Effectively implementing and monitoring mail filtering, endpoint security, log collection, IPS, WAF and other technical controls, to mitigate threats, and respond to indicators of compromise.

Technologies: Splunk, Crowd strike, Symantec Endpoint Protection, Microsoft Azure, Symantec Identity Cloud, Mimecast, Proofpoint, Rapid7

Confidential

Senior System Engineer

Responsibilities:

• Acting Team Lead Since September 2016
• Have taken up Project Co-Ordinator Role within 2 months of the employment
• Assist in Day to Day operations of the Security Team working Closely with the CISO, Security Engineer based interstate to perform L1 and L2 tasks by monitoring PCs and User activity via Crowd strike, Splunk and Intalock Systems software.
• Managed Wi-Fi Upgrade projects for four hospitals from scratch
• Managed Brownfields projects for Hospital Expansions and ground up to set ups of newly acquired businesses.
• SME for in-house patient administration systems Medtech, Meditech, TrakCare.
• Provide L3 Support to the C Level users across Australia
• Help in building custom operating systems to cater the needs of various stakeholders
• Install and Implement Load Balancers for the third-party applications.
• Contribute to the continuous development of the State IT Teams posture nationally by supporting inexperienced staff members in their development.
• Perform user, folder and gpo clean up tasks every quarter for compliance

Technologies: ServiceNow, Microsoft Forefront, Microsoft SCCM, SCOM, Windows 7,8,10, Citrix, SolarWinds, HPE, Aruba, Arista, Pure Storage, Hyper-V, VMware

Confidential

System Engineer

Responsibilities:

• Provided Win 10,8.1,8 and 7 support to the users across 3 clients widespread in around Australia and New Zealand.
• Provide Level 2, 3 and Citrix support to FINDEX, Crowe Horvath, Star Track, Connect East
• Manage SOE and MOE’s of the client operating systems for clients and internal operating systems.
• Manage Windows updates and Security patches to the client fleet around 1500 computers.
• Manage or Lead 15 Field Technician who provide ad-hoc services to remote locations across Australia.
• Extract Warranty, AV and Online Status reports and update the SDM’s with the same.
• Perform Server and AV patches as required and requested by the Clients.
• Certify new devices and models to be able to image accordingly to the SOE requirements.

Technologies: Microsoft SCCM, SCOM, Windows 7,8,10, Citrix, SolarWinds, HPE, Aruba, Arista, Pure Storage, Hyper-V, VMware, Hp OpenView, Cisco, Apple, Dell, Hp Device Manager, AutoCAD.

Confidential

Desktop Support Engineer

Responsibilities:

• Working for Health Industry helped me to understand the importance of working efficiently and in-sync with other departments
• Provided Microsoft Windows XP, 7 and Office 2007, 10 to the users across the organization.
• First-hand experience in setting up KIOSKS and Computer on Wheels (Cow) to reduce the time taken to serve a patient.
• Packaged and deployed updates and hotfixes via SCCM.
• Coordinate the day to day operations and activities of the Service Delivery team including planning and maintenance of rosters
• Participate in continuous improvement of service delivery processes, procedures and guidelines and provide advice to immediate manager on ways to improve service processes and levels.
• Assisted with incident management as required.
• Prepared stakeholder communication for major incidents, problems, changes and releases.
• Assisted with the Change Advisory Board (CAB) process and documentation.
• Assisted to process payroll timecards within the Kronos (HRIMS) system as required.
• Conducted staff performance reviews and monitor and keep up to date mandatory training for staff as required.
• Provided operational and administrative support for a range of service management processes including service level management, customer support and relations
• Assisted with incident and communication management
• Assisted with problem management.

Technologies: Microsoft SCCM, SCOM, Windows 7,8,10, Citrix, SolarWinds, Hyper-V, VMware, Hp OpenView, Cisco, Apple, Dell, Hp Device Manager, AutoCAD, Lenovo Thin Clients, Lexmark Hospital Grade Equipment.