SKILLS:

DAST, SAST, IAST tools: IBM AppScan Enterprise (ASE), Standard & Source editions, Microfocus WebInspect, QualysGuard, BurpSuite Pro, Contrast Security, Acunetix, Fortify SCA, SQLMAP.

Port/Vulnerability Scanning: Nmap/Nmap Scripting Engine (NSE), Netcat, Nessus.

Network Security Testing: Symantec DLP, End - point Protection, Checkpoint, Palo Alto, Cisco, IDS/IPS, Anti-virus, and BMC.

Password Cracking: Hydra, Rainbow Crack, BladeLogic, Remedy.0phcrack, John the Ripper, Pyrit.

Security Tools: AppDetect, AppRador, Oracle IdentityManager, Oracle Access Manager, JHijack, Metasploit Pro, ZED attack proxy, SQLMAP, Wireshark, WebScarab, Paros, Nmap, BMC BladeLogic, Nessus, Rapid7 Nexpose, Tripwire, Symantec DLP, DBProtect, ArcSight SIEM, e-DMZ Password Auto DBProtect, ArcSight SIEM, e-DMZ Password Auto Repository (PAR), Varonis.

Cloud Providers & Security: Amazon Web Services (AWS) and MS Azure, Cloud Security Alliance (CSA), Cloud Security Access Broker (CASB). Aqua Container Security, Kubernetes, Terraform.

DevSecOps: AWS Code Pipeline, CI/CD, Jenkins, GitHub, IBM AppScan automation.

Middleware: TIBCO EMS, IBM WebSphere MQ, JMS.

Databases: Oracle, MS SQL MySQL, Server, Sybase.

Operating Systems: Oracle Solaris UNIX, RedHat LINUX 4/5, Windows Server2003/2008.

Application Servers: Weblogic Server, iPlanet, Netscape Application Server and Microsoft IIS.

Programming Languages: Spring Framework, EJBs, Java, J2EE, Python, C/C++, C#.NET, Perl, Struts2, Servlets, JavaServerPages (JSPs), JMS, JavaUML. Mail API, JNDI, LDAP, JDBC, JTS, RMI, AWT, Swing, Socket Programming, IONA Orbix CORBA.

Web Technologies: XML, HTML, HTML5, XHTML, CSS3, JavaScript/ES6

PROFESSIONAL EXPERIENCE:

Confidential, Altoona, PA

Sr. Security Engineer

Responsibilities:

• Automation of security scanning process (DevSecOps) into the build environment with CI/CD pipeline using Jenkins, Maven, Gradle, GitHub tools.
• Implemented OAuth2.0, SAML and Single Sign-on (SSO) for AWS & Mobile applications for corporate applications Working knowledge of OSSTMM, OWASP Top 10 and SANS Top 25
• Conducted Vulnerability Assessment (DAST, SAST, IAST) of Web and Mobile (iOS and Android Applications, including third party applications. The tools IBM AppScan, ZAProxy, BurpSuite Pro, Checkmarx, HP Fortify have been utilized for scanning the application.
• Conducted security assessments to ensure compliance to firm’s security standards (i.e., OWASP Top 10, SANS25). Specifically, security testing has been performed to identify XML External Entity (XXE), Cross-Site Scripting, ClickJacking, and SQL Injection related attacks within the code.
• Reviewed source code (Java/J2EE/Spring/FTL/JavaScript) and developed security filters within IBM AppScan for critical applications.
• Analyzed security incidents using Splunk Enterprise Security originated from various network/application monitoring devices (e.g., Symantec DLP) and coordinated with engineering teams for tracking and problem escalation, including remediation.
• Administered maintained, and deployed Imperva web application firewall (WAF).
• Experience with ISO 27001/27002 Certification for ISMS, GRC solutions like Sarbanes Oxley (SOX) Compliance, HIPPA, PCI.
• Participated in the implementation of developing security policies and security groups for AWS Cloud infrastructure including, EC2, Security Groups, Route 53 and Virtual Private Cloud (VPC).
• Implemented Active Directory Federation Services (ADFS- SSO) in Windows-Linux client server PKI environment.
• Developed and deployed Hashicorp Sentinel “ Policy as Code” to enforce security against infrastructure between plan and apply phases of Terraform run.
• Implemented CyberArk Privileged Access Security solutions across the enterprise supporting various business lines.
• Installed, configured and deployed CyberArk Enterprise Security Vault to administer privileged passwords and also set up policies for accessing passwords within the acceptable timeframes.
• Conducted security assessment of Cryptography applications including the apps that use Hardware Security Model (HSM).
• Managed a team of analysts and service providers who support the various Identity Access Management (IAM) and Data Loss Prevention (DLP) functions.
• Developed and maintained IAM policies, standards, and practices. Helped to establish a formal review process that promoted strong collaboration among a wide range of policy, standard, and practice leaders and groups..
• Configured SafeNet ProtectDB to enable column level encryption for securing confidential customer data.
• Designed security architecture for web and mobile apps. Reviewed Solution overview Documents (SODs) to identify security anomalies in the system architecture and design, and provided recommendations to address data security and privacy concerns.
• Developed threat modeling framework (STRIDE, DREAD) for critical applications to identify potential threats during the design phase of applications.
• Implemented file system security by applying hashing techniques for protecting data stored in files on the file servers.
• Administered cryptography, certificate management and implemented dual keys to address segregation of duties issue between DBAs and security admins.
• Rolled out IBM AppScan products such as AppScan Enterprise (ASE), Standard, Source, Developer plug-ins to various development teams across the business lines.
• Worked extensively with software development teams to review the source code, triage the security vulnerabilities generated by IBM AppScan, BurpSuite, Whitehat Sentinel, HP WebInspect, HP Fortify, Checkmarx and eliminated false positives.
• Generated executive summary reports showing the security assessments results, recommendations (CWE, CVE) and risk mitigation plans and presented them to the respective business sponsors and senior management.
• Deployed AWS landing zones into AWS organization and supplied log archive, security account, shared services.
• Conducted monthly developer workshops to educate and train developers on secureSDLC, scan source code using IBM AppScan Source, triage and resolve the security vulnerabilities.
• Participated in the implementation of AWS Cloud security for applications being deployed in the Cloud. Developed WACLS and configured to rules and conditions to detect security vulnerabilities in the Cloud Front.
• Implemented Security Group Policies for Elastic Compute Cloud (EC2) instances within AWS. Developed AWS Service Roles to protect Identity Provider access.
• Worked with DevSecOps teams to automate security scanning into the build process.
• Reviewed Android and iOS mobile source code manually and recommended code fixes.
• Participated in the Proof of Concept (POC) in implementing Arxan application protection software for Mobile apps.
• Performed the penetration testing of mobile (Android and iOS) applications, specifically, APK reverse engineering, traffic analysis and manipulation, dynamic runtime analysis.
• Developed secureSDLC policies and standards for Web and Mobile apps.

Confidential, Durham, NC

Sr. Security Engineer

Responsibilities:

• Incident and Event Management System (SIEM) using HP ArcSight, Splunk Enterprise Security
• IAM solutions developed with Azure and managed Enterprise Mobility and Security ( EMS)
• Hands-on with Penetration Testing, Source Code Review, DAST, SAST, IAST and manual ethical hacking.
• Configured CyberArk Password Session Manager (PSM) to control privilege sessions for UNIX and Windows based applications and DBs. Also, the audit logs have been enabled and utilized for forensics investigations.
• Particiapted in the implementation of API Security projects including OAuth2.0 and SAML.
• Involved in the implementation of RSA Single Sign On (SSO) for the applications deployed in the Cloud and on-premise.
• Configuring and creating Vulnerability Reports in Nexpose, SIEM -Log monitoring and user behavior Investigations in LogRythm.
• Designed and implemented Endpoint Security solutions in an enterprise environment. Endpoint security systems including intrusion protection solution.
• Working experience with identity management solutions and access governance to strong authentication and public key infrastructure (PKI) and made sure PKI enables the use of encryption and digital signature services for various of applications.
• Implemented and integrated a complete cloud services framework (Iaas, Paas, SaaS) and Cloud deployment.
• Deployed Azure IaaS virtual machines (VMs) and Cloud services (PaaS role instances) into secure VNets and subnets anddesigned Network Security Groups (NSGs) to control inbound and outbound access to network interfaces (NICs), VMs and subnets.
• Expertise in using the DAST tools (IBM AppScan and BurpSuite Pro) while the application is running to penetrate the application in various ways to identify potential vulnerabilities outside the code and in third party interfaces.
• Working knowledge of OWASP Top 10 and SANS Top 25 software guidelines, Federal Financial Institutions Examination Council's (FFIEC) regulations, including Payment Card Industry (PCI-DSS), HIPAA and Sarbanes-Oxley Section404 (SOX).
• Developed secureSDLC policies and standards for Web and Mobile apps. Various industry standards have been utilized such as NIST800-53, CIS Benchmarks, OpenSAMM, and FFIEC.
• Administered Maintained, and Deployed Imperva web application firewall, Checkpoint IPS & VPN systems, and McAfee network based Data Loss Prevention (DLP) device
• Developed Security requirements for Data Loss Prevention (DLP) specifically for Data at Endpoint, Data In-transit, and Data at rest.
• Administered cryptography, certificate management and implemented dual keys to address segregation of duties issue between DBAs and security admins.
• Automated security scanning process ( DevSecOps) as part of Continuous Integration and Continuous Delivery ( CI/CD) of security reports into the build cycle
• Implemented and managed SIEM - IBM Qradar suite of products, QRadar SIEM, Qradar Vulnerability Manager (QVM), Qradar Risk Manager (QRM), Qradar Incident Forensic (QIF), Splunk.
• Participated in the implementation of AWS Cloud security for applications being deployed in the Cloud. Developed WACLS for AWS Web Application Firewalls (WAF) and configured the rules and conditions to detect security vulnerabilities in the Cloud Front.
• Participated in the implementation of AWS Cloud security for applications being deployed in the Cloud. Developed WACLS and configured rules and conditions to detect security vulnerabilities in the Cloud Front.
• Configured AWS Simple Storage Service (S3) to securely store the organization’s critical file systems. Implemented Access Control Lists (ACLs) and Bucket Policies for controlling access to the data.
• Decided on what to remediate and what to risk accept based on security requirements.
• Reviewed security vulnerability reports for applications and databases, analyzed and worked extensively with the development teams for the implementation of mitigating controls.
• Implemented IBM AppScan standard, source editions, HP WebInspect, Whitehat Sentinel, Nessus, and QualysGuard web application scanners. In addition, the security tools Metasploit and BurpSuite were utilized for manual penetration testing.
• Performed security assessments for the client-facing apps. The associated IT infrastructure such as database management systems, middleware systems, web services (SOA) were also included in the security assessments.
• Implemented Secure Software Development Life Cycle (S-SDLC) processes; developed secure coding practices for web, mobile applications, including database and middleware systems.
• Experience in Threat Modeling during Requirement gathering and Design phases.
• Security Risk Management with TCP-based networking.
• Experience with TCP/IP, Firewalls, LAN/WAN.

Confidential, Chicago, IL

Security Analyst

Responsibilities:

• Utilized Security Information and Event Management (SIEM ), Intrusion Detection & Prevention (IDS / IPS), Data Leakage Prevention (DLP), forensics, sniffers and malware analysis tools.
• Utilize tools like WebLogic, LogRythm, and TripWire to assess and validate controls per requirements and Government direction
• Discussed false positives and prepared a plan of action and milestones for mitigation Prepared incident reports for reported and unreported attacks APT hunting for Ransomware.
• Performed Root Cause Analysis for the incidents reported at Security Operations Center. Performed Security event monitoring of heterogeneous networks such as Firewalls, IDS/IPS, Cisco ASA, DLP devices using Splunk.
• Performed real-time proactive security monitoring and reporting on various Security enforcement systems, ( SIEM), Anti-virus, Internet content filtering/reporting, malware code prevention, Firewalls, IDS and IPS, Web Security, Anti-spam.
• Performed security compliance audits and identified control gaps for Firewalls, Routers, DLP, IDS/IPS, Winodws/Linux, and DB servers.
• Performed penetration testing for external facing web applications. Security areas covering DMZ architecture, threat modeling, secure coding practices (i.e., OWASP standards) and vulnerability analysis were assessed.
• Provided solution to many problems on a call with the best of my knowledge on the applications using event logs on the system/server and telemetry logs on the server, later started using Splunk for security analysis.
• Wrote scripts on servers using Python on Windows Servers, Active Directory to update servers with the latest patches and changes systems configurations at large.
• Used Remedy Information Technology Service Management (ITSM) tool for managing the incidents based on the priorities and solved issues which are in the security domain.
• Experience in performing authenticated and unauthenticated testing.
• Generated Vulnerability reports to monitor the health of the applications and reported High, Medium and low vulnerabilities in this system.
• AnalyzedattackpatternsBuildworkflowstoautomaticallyanalyzethesamples
• Determined what functionality attackers may have introduced and scan for malicious artifacts based on sandbox results Investigate endpoint attacks and replay attacks on systems.
• Analyze JavaScript, PDFs, Office documents, and packet captures for signs of malicious activity SIEM implementation and analysis by writing rules and reference sets.
• SIEM to determine attack vectors and source of incident Troubleshoot network application inbound/outbound connectivity utilizing Cisco WSA proxies and Wireshark.
• Involved on Bridges in solving High/Severe incidents reported in the application or in the environment.
• IronPort URL filtering for known bad URL content IronportMail.
• Analysis and blocking for known bad emails Analysis of pcap files using FireEye and Wireshark System audit and analysis using DOD checklist for PA series Threat and virus scanning using Malwarebytes from centralized console.
• Enforcement of policies and procedures for users, admins, and management Reverse engineering of malware using tools like malware, process hacker and so on Incident response tabletop exercise by documenting and alerting necessary personnel.

Confidential

Java/J2EE Developer

Responsibilities:

• Designed and created DAO using data modeling in the integration layer.
• Exposed all the enterprise services to the clients using SOAP and REST based web services, and tested using SOAPUI.
• Modified WSDL documents for the internal clients and deployed on WSRR.
• Involved in designing the front end applications using web technologies like HTML/HTML 5, XHTML, and CSS/CSS3.
• Designed dynamic and browser compatible pages using HTML5, CSS3, SASS, JavaScript/ES6
• Implemented request and response objects using SOAP web services and JAXB for converting WSDL to java classes.
• Configured all dependencies with spring framework and various stateful and stateless beans in the application.
• Used various spring features to deploy custom properties and static context in the application.
• Exposed Stateless session beans as restful web services using Jersey JAX-RS.
• Created virtual host and configured based on the IP configuration for all enterprise services.
• Used JSON marshaller for marshaling and unmarshalling the JSON Objects and Dom manipulations with various SAX and Dom parsers
• Worked and configured with MKS and RTC versioning tools for keep track of source code.
• Used Jenkins for continuous integration with maven built in to generate the EAR files and sanity4j code quality testing reports.
• Hands-on a service-oriented approach (SOA) using WebLogic for integration.
• Worked on HP portfolio Management software to create the PPM packages and deploy the various environments.
• Updated the WSDL in WSRR for the governance and storing, accessing and managing information.
• Setup meeting to configure and understand the Data power for security, for accessing the application.
• Used Log4j for logging for debugging, warnings, errors etc.
• Created log back file based on time based triggering policy and application based triggering policy.
• Used HPQC for defect tracking and working on the defects and created Triage process (Microsoft Visio) to track the defects in the application.
• Migrated MKS Source control to RTC and created JENKINS builds for all enterprise services.
• Worked closely with the infrastructure team to create the performance environment for enterprise services.