SUMMARY

• Cyber Security Engineer with 6 years of experience in domains including but not limited to Risk and Compliance, Policy Standards, Identity Access Provisioning, Security Incidents, Vulnerability Assessments and Security Architecture
• Experience with industry recognized Identity tools like RSA Identity Governance and Lifecycle, GRC tools such as RSA Archer and Guardium, and other tools such as QRadar, Splunk and Nessus Tenable
• Hands on experience with Incident Handling,Documentation,log analysis and Security Frameworks application
• Understanding ofprogramming languages such as C#, ASP.NET, Python, Perl, visual basic
• Assess and evaluate technical landscape of solutions, research and apply effective security controls and mitigation plans
• Experience with Security frameworks such as NIST, HIPAA, PCI - DSS, SOX, ISO 27000
• Experience with identity and access management, LDAP, Active Directory, SSO, SAML and multi - factor authentication
• Solid Knowledge of Linux, RHEL, CentOS, Windows, Unix Operating systems
• Identification of assets, threat vectors and security events by technical analysis and risk assessments
• Strong understanding of enterprise, network, system/endpoint, and application-level security issues and risks
• Security Consulting specialist across Planning, Architecture, Design, Implementation, Deployment and Documentation
• Excellent experience with Cloud security concepts and architecture such as AWS, including services and concepts
• Excellent Project Management, impeccable communication and research skills; flexible to work in anyenvironment
• Assist in the creation of end-to-end technology strategies for threats, regulatory compliance in alignment to business
• Served projects as both a Leader and contributor, possess excellent cross functional & leadership communication skills

TECHNICAL SKILLS

Identity Tools: RSA Identity Governance, RSA SecurID

GRC Tools: RSA Archer, IBM Guardium

IPS/IDS: McAfee IPS, HP Tipping Point, Cisco IDS, SecureWorks IDS/IPS

SIEM: ArcSight, Splunk, IBM QRadar

Vulnerability Management Tools: Nessus, Nmap, Nexpose, Wireshark

Security Tools: Splunk ES, McAfee Vulnerability management, Burp suite, Qualys, SolarWinds, ForeScout

Areas of Expertise: Information Security and Regulatory Compliance, Vendor Risk Management, Security Policy, Network Security, POA and M, Security Architecture, IAM, Security Mitigating controls, Control Frameworks, NIST, PCI DSS, SOX

PROFESSIONAL EXPERIENCE

Confidential

Cyber Security Engineer

Responsibilities:

• Managed lifecycle of 60% RSA Archer Risk Exceptions, developed metrics dashboards and facilitated leadership risk acceptance
• Overhauled vendor risk assessment process using RSA Archer bulk uploads and digital forms, saved 80% vendor onboarding time
• Facilitated security assessment and gap analysis for SaaS vendors by NIST parameter mapping, closed 20% cloud security findings
• Conducted design and effectiveness testing of compensating IT controls for 3 major IT systems, reconciled audit cost-time by 50%
• Interfaced with auditors and process owners to identify security findings, integrated 32% applications with MFA & Single Sign On
• Maintained the relevant GRC Policy documents and developed Archer applications utilizing components and importing information
• Worked with teams as advisor on account implementations in the Delta AWS environment, articulated technical content and designs
• Automated and centralized the risk management workflows by mapping business processes with vulnerabilities, saving time by 20%
• Centralized the ‘risk exception request’ intake process, consolidated exception lifecycle & improved risk acceptance duration by 40%
• Maintained documents, evidence, process security questions, flowcharts and state process models for over 300 Risk Exceptions
• Prepared unauthorized database activity reports &presented risk ratings to leadership; increased critical incidents visibility by 25%
• Designed AWS PCI scoping and segmentation architecture across multiple services; documented controls & ensured NIST adherence
• Performed network monitoring on cloud applications, prepared cloud KPI reports and consolidated 25% vulnerable user activity
• Reviewed user accounts and access monthly to ensure PCI compliance in SailPoint IIQ, for 22% enterprise PCI applications
• Trained 3 new hires on HP Fortify application scans and helped prepare the NIST Risk Management Framework (RMF) documentation

Confidential

Cyber Security Engineer

Responsibilities:

• Use SIEM tools (Splunk/LogRhythm) to identify threats and patterns for security incident response.
• Tune SIEM AI Engine rules to create better alerting, establish security baselines for configurations to tune out unnecessary alerts.
• Performed risk assessments to help create optimal prevention and management plans.
• Analyze and troubleshoot logs in a timely manner.
• To deploy systems to incident investigation, remediation and PIR procedures for all DLP/ILMS cases.
• Developed security strategy and performing IT risk assessment, vulnerability assessment and working with the business to mitigate risks.
• Implemented Splunk arrangements in exceptionally accessible, repetitive, conveyed figuring situations.
• Provide 2nd level support to resolve escalation producers.
• Tracking reports for unauthorized websites and push the cases for escalations.
• Monitor threats and alerts affecting customer networks and triage responses to remediate the alerts.
• Create vulnerability reports using CVEs and devise plans to patch or fix affected devices.
• Monitoring and analyzing network traffic, Intrusion Detection Systems (IDS), security events and logs.
• Implemented and managing vulnerability management solution using tenable security centre, policy compliance, Nessus scanners and Nessus network monitor.
• Writing Splunk Queries, Expertise in searching, monitoring, analyzing and visualizing Splunk logs.
• Prioritizing and differentiating between potential intrusion attempts and false alarms.
• Creating and tracking security investigations for resolution.
• Tracking reports for unauthorized websites and push the cases for escalations.
• Installed Palo Alto firewall and configured IPS, DLP, vulnerability protection and wildfire.
• Designing, optimizing and executing Splunk-based enterprise solutions.
• Composing security alert notifications and other communications.
• Advising incident responders in the steps to take to investigate and resolve computer security incidents.
• Performing automated and manual penetration testing using Metasploit another tools.
• Hands on experience in customizing Splunk dashboards, visualizations, configurations using customized Splunk queries.

Confidential

Senior Analyst, Risk Consulting

Responsibilities:

• Optimized underperforming risk functions by driving process and program management maturity; enhanced security posture by 60%
• Developed AWS Security group strategy and basic design, enabled and configured CloudTrail logs for VPCs across 5 portfolio accounts;
• Investigated offenses and fine-tuned SIEM rules, identified 200 false positives resulting in improved incident response by 33%
• Deployed and administered SIEM tools (Splunk, QRadar), Tenable Nessus and other vulnerability scanning tools for major clients
• Performed risk assessment for client's IT department utilizing NIST SP 800-30, evaluated and prepared asset-based risk score reports
• Implemented SOX process methodology, security controls, policies and audit reporting across 5000+ users and 4 database servers

Confidential

Analyst, Risk Consulting

Responsibilities:

• Operationalized GRC platform enabling establishment of the first InfoSec KRIs, decreased internal process approval time by 12 hours
• Installed and configured AWS Inspector, created targets, templates and assessment runs on EC2 instances; notified vulnerabilities
• Identified 200 target customers for a key client resulting in about 70% conversion in license sales and overall IT asset management
• Monitored network traffic and detected flooding attacks using anomaly techniques; improved root cause analysis by 15%
• Mapped requirements into effective security controls across 5 security domains, enhanced authentication and access design by 50%