OBJECTIVE :

• I am an experienced Information security professional with detailed knowledge of enterprise security tools, technologies and best practices. I love working with people to create, deploy and sell solutions protecting enterprise networks, systems and information assets for organizations.

SUMMARY

• Over 9 year experience in Information Security and threat analysis.
• Facilitating implementations of information security policies, account security policies and standards for logical and physical security.
• Performing Risk Assessment, Gap analysis & create Risk Mitigation plan and perform Internal & External Audits.
• Providing onsite Symantec DLP technical service and support to a Large Enterprise customer base.
• Providing Technical help to customers on various issues of Symantec Endpoint Protection.
• Implementation of Symantec Endpoint Protection
• Expert in Implementing & managing Symantec tools like Data Loss Prevention (DLP) and Secure Web Gateway ( ProxySG ).
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
• Deliver niche technology projects such as DLP and forensics to catch and prevent fraud, manage overall operational aspect of DLP.
• Oversee Vulnerability assessment /penetration testing of scoped systems and applications to identify system vulnerabilities.
• Responsible for conceptualizing and driving BCP as a culture, within the organization.
• Ensure IS policies are updated & reviewed.
• Specialist in consulting of different security solutions for all phases of solution cycle: Planning, Architecture, Design, Implementation, Deployment, Troubleshooting & Support, Handover and Documentation.
• Manage relationships in all areas of IT and the lines of business.
• Subject matter expert (SME) for DLP, Firewall, VPN, Archer, Vulnerability Management solutions, IDS/IPS/WIPS, SIEM and Endpoint Security.
• SOC Operations, IT Compliance and Internal Audit with the help of ISO 27001 and PCI.
• Risk assessment, IS Audits and security control gap analysis from information & network security perspective.
• Strong analytical ability and Client relationship management.
• Working knowledge of OWASP Top 10 and SANS Top 25 software guidelines, including Payment Card Industry (PCI - DSS), Sarbanes-Oxley Section404 (SOX), NIST (800-53).
• Ability to handle multiple tasks and work independently as well as in a team.
• An efficient team player in challenging and creative environment with excellent capacity to adapt new technologies and skills.
• Experience with security assessment of PCIDSS, HIPAA, SOX compliances.
• Protected confidentiality, integrity and availability of information and information systems of organization.
• Performed security monitoring of clients, servers, applications and network infrastructure
• Performed internal audits to ensure compliance requirements are met.

TECHNICAL SKILLS

IDS/IPS/Anti-Virus Software: McAfee Total Protection, Symantec Endpoint Protection, Sophos Mobile Security

SIEM: RSA Envision, Arcsight, Splunk security manager, IBM QRadar

Programming/Scripting Languages: Python, SQL, MS SQL, FullStack, JavaScript

Operating Systems: Kali Linux, Windows XP/Vista/7/8.1/10/Server 2008 R2 Datacenter, Mac OS X, Ubuntu

IP Services: DHCP,NAT,VLAN,DNS,FTP,TFTP,LAN/WAN

DLP: McAfee and Symantec

Security tools: Nmap, Nessus, Wireshark, Metasploit, Burp Suite, OWASP ZAP, OWASP WebScarab, Nikto, w3af, Spiderfoot, Wifite, Aircracking Suite, Cain & Abel

Cyber Security: Secure Programming Techniques, Ethical Hacking, Vulnerability Management, Network Security, Advanced Software Engineering, Networking Apps Windows NT, Computer Networks, Principles of Data Communication, Digital Forensics, Securing the Cloud, Intro to Cyber Security, Introduction to Programming Using Scripting

PROFESSIONAL EXPERIENCE

Confidential, Houston, TX

Senior Information security engineer

Responsibilities:

• Monitoring Security incidents using SIEM tool Arcsight and Splunk.
• Worked with Symantec DLP version 14.6 and 15.0. and assessed and built a data protection program through data classification skills and a clear understanding of privacy standards and regulation.
• Strong knowledge and experience in Symantec DLP workflow & architecture
• Maintained and covered remedy end user vulnerabilities using Symantec Endpoint Protection (SEP).
• Participated in Network Data Loss Prevention and data classification suing Endpoint Security (ENS) integration, setup and configuration; Symantec endpoint sever protection.
• DLP Profile deployment report for detecting servers and Update DLP policies - Incident Analysis.
• Worked on Symantec's next generation Cloud Platform; the Cloud Services foundation for Symantec 4.0 - built on the OpenStack platform and eco-system.
• Performed System Administration Tasks for Symantec Data Centre Security (DCS).
• Configured and deployed Symantec HIDS on Windows Server 2008 and 2012 and desktops.
• Experienced with Symantec DLP Policies (DLP templates) compliance and regulation standards such as SOX, PCI, and HIPAA.
• Verified that the Windows Virus Definitions on the SEPM are within 24hours from those reported by Symantec.
• Worked on Symantec DLP Product Versions Report, Client Online Status by Group Report.
• Provided real time intrusion detection host based monitoring services using Symantec DLP and EndPoint.
• Worked on Data Loss Prevention suit, Symantec DLP Product - Implementation and deployment as the Confidential team.
• Gained experience with Symantec DLP Software: DLP Cloud Prevent for Microsoft Office 365, DLP.
• Performed tuning of Symantec DLP to reduce false positives and improving detection rates.
• Performed System Administration Tasks for Symantec Data Centre Security (DCS).
• Provided onsite Symantec DLP technical service and support to a large enterprise customer base.
• Designed and implemented vulnerability management program.
• Analysed the existing data of Risk and compliance of the company and comparing it to the ISO 27001/2 standards for completing the gap analysis
• Responded to client requests and conducted third-party and internal risk assessments, gap analysis, evidence collections, and tracked remediation action plans.
• Established an on-going risk assessment program and conducted gap analysis based upon NIST 800-30 to comply with statutory law (i.e. HIPAA/HITECH) and information security requirements (i.e., PCI DSS).
• Managed Cyber Security threats through prevention, detection, response, escalation and reporting in effort to protect Enterprise IT Assets through Computer Security Incident Response Team (CSIRT).
• Collaborated and implemented Information & Data Governance committees and sub-committees across the county

Senior Security Engineer

Confidential, Houston, TX

Responsibilities:

• Performed the Gap analysis on the earlier systems, generated a detailed Requirements document describing new
• Designed and implemented McAfee Data Loss Prevention (DLP) across all end-points. Created policies and keyword dictionary to safeguards intellectual property and ensures compliance by protecting sensitive data.
• Good understanding of administering and implementing SIEM, DLP, Web sense, Advance malware detection program, vulnerability assessment, and prevention,
• Responsible for IBM Qradar SIEM monitoring and configuration aligned to internal PCI and SOX controls
• Strong knowledge and experience in creating web based presentation for the client using HTML5, JSP, Servlets, Ajax, JQuery, EXT.JS, JSTL and JavaScript.
• Strong knowledge and experience in Symantec DLP workflow & architecture. Good Experience into Handling DLP False positive tickets.
• Migration from 8 loggers to 4 loggers by implementing load balancing and sending data to ARC MC.
• Analysed of old SmartConnectors and loggers to generate inventory for migration.
• Verified that the Windows Virus Definitions on the SEPM are within 24hours from those reported by Symantec.
• Worked on migrating project from McAfee DLP to Symantec DLP Product Versions Report, Client Online Status by Group Report.
• Assisted in the implementation, setup, and management of Symantec DLP (Data Loss Prevention).
• Provided real time intrusion detection host based monitoring services using Symantec DLP and EndPoint.
• Worked on Data Loss Prevention suit, Symantec DLP Product - Implementation and deployment.
• Gained experience with Symantec DLP Software: DLP Cloud Prevent for Microsoft Office 365, DLP.
• Performed tuning of Symantec DLP to reduce false positives and improving detection rates.
• Performed System Administration Tasks for Symantec Data Centre Security (DCS).
• Provided onsite Symantec DLP technical service and support to a large enterprise customer base.
• Experienced in supporting Symantec Endpoint Protection 12.1 workstation clients in an enterprise environment. Installation, configuration, and day-to-day management of Symantec Endpoint Protection
• Extensive Experience with McAfee DLP architecture and implementation for enterprise level.
• Identified confidential and sensitive data (PII, PCI) using IDU data classification framework and generated reports for management review and recertification.
• Worked on SOC department which runs 24*7 days and able to analyse all security incidents
• Conducted network penetration tests and implemented vulnerability assessments
• Responsible for DLP Policy creation, testing and implementation to protect client data. information leakage
• Created Standard operating procedures for DLP SMTP(Email), HTTP/s(WEB), SharePoint Incident investigation, third party domain whitelisting, DLP Access provisioning and Incident Response
• Investigation
• Automated DLP Incident metrics using McAfee. Developed monthly, weekly metrics and dashboards
• Performed regular review and recertification of DLP Policies, TLS Domain whitelisting, SOP for enhancement with BU Risk.
• Performed risk assessments as a part of Data Governance Risk and Security practices project. Evaluated the data flow, identified the controls and prepared the test procedures.
• Assisted in troubleshooting of errors with the Anti-Virus products, HIPS, Encryption, and Symantec DLP.
• Worked with client side designing and validations using HTML, DHTML, CSS, Java Script, AJAX, JSP, XML, JSF and Swing.
• Conducted gap analysis on missing systems and in capabilities between existing systems
• Provided Identity Access management, data governance, secure file migration, classification and labelling, Access rights restriction, Security awareness training, and Security monitoring.
• Monitored Critical assets like IBM QRadar, PIM, DLP, and DAM analysing them.
• Managed Endpoint Encryption with A Single Console.
• Gained hands on experience with Risk assessment process and compliance (PSIRT, ISO/IEC 27001/2, NIST SP 800-37, SOC 2, NIST SP 800-53, PCI, HIPAA etc.).
• Monitoring security vulnerability information from vendors and third parties.

Information Security Engineer

Confidential, NJ

Responsibilities:

• Assisted in client network maintenance, effectively performed troubleshooting end-to-end between two sites and effectively managed network migration.
• Worked with Symantec DLP and assessed and built a data protection program through data classification skills and a clear understanding of privacy standards and regulation.
• Strong knowledge and experience in Symantec DLP workflow & architecture
• Maintained and covered remedy end user vulnerabilities using Symantec Endpoint Protection (SEP).
• Participated in Network Data Loss Prevention and data classification suing Endpoint Security (ENS) integration, setup and configuration; Symantec endpoint sever protection.
• DLP Profile deployment report for detecting servers and Update DLP policies - Incident Analysis.
• Worked on Symantec's next generation Cloud Platform; the Cloud Services foundation for Symantec 4.0 - built on the OpenStack platform and eco-system.
• Performed System Administration Tasks for Symantec Data Centre Security (DCS).
• Configured and deployed Symantec HIDS on Windows Server 2008 and 2012 and desktops.
• Experienced with Symantec DLP Policies (DLP templates) compliance and regulation standards such as SOX, PCI, and HIPAA.
• Supervised initial network installation using CISCO networking devices.
• Researched and recommended application to be decommissioned
• Performed tuning of Symantec DLP to reduce false positives and improving detection rates
• Responsible for supporting customers with Symantec products including Ghost Solution Suite, Deployment Solution, and Symantec Endpoint Protection.
• Performing DLP inventory scans
• Created DLP role-based access controls, DLP device policies, DLP application file access protection Locate and assimilate new information to provide context for security events.
• Identifying and evaluating new marketing opportunities to increase the website traffic and online production
• Evaluate, deploy and manage information security system solutions such as strong authentication, key management, IPS, SIEM, antimalware, vulnerability scanners, MDM and others.
• Proficient in understanding application level vulnerabilities like XSS, SQL Injection, CSRF, authentication bypass, cryptographic attacks, authentication flaws etc.
• Developed and delivered IT Services Management (ITSM) solutions based on ITIL best practices that focused on the people, process, and technology perspectives of providing business solutions.
• Skilled using Burp Suite, IBM APP Scan, Acunetix Automatic Scanner, NMAP, Havij, Dirbuster, Qualysguard, Nessus, SQL-Map for web application penetration tests and infrastructure testing.
• Performing onsite & remote security consulting including penetration testing, application testing, web application security assessment, onsite internet security assessment, social engineering, wireless assessment, and IDS/IPS hardware deployment.
• Installed, operated and supported MacAfee EPO, CA-Etrust console, Symantec Endpoint Protection Manager Console, SOPHOS, TrendMicro. Antispam Brightmail, Symantec Mail Security, Cisco IronPort.
• Change Management to highly sensitive Computer Security Controls to ensure appropriate system administrative actions, investigate and report on noted irregularities.
• Conduct network Vulnerability Assessments using tools to evaluate attack vectors, Identify System Vulnerabilities and develop remediation plans and Security Procedures.
• Identifying the critical, High, Medium, Low vulnerabilities in the applications based on OWASP Top 10 and SANS 25 and prioritizing them based on the criticality.
• Monitored network activity within the Department of Education for intrusion and malware incidents using SourceFire, Bluecoat, Symantec Policy, Symantec end point protection.
• The experience has enabled me to find and address security issues effectively, implement new technologies and efficiently resolve security problems. With having strong Network Communications, Systems & Application Security (software) background looking forward for implementing, creating, managing and maintaining information security frameworks for large scale challenging environments.

Security Analyst

Confidential

Responsibilities:

• Responsible for Threat Intelligence, basic malware analysis, security incident handling.
• Installing and configuring of McAfee ESM and IBM OpenPages and components and integration of various data sources in McAfee Nitro.
• Experience with migrating from OSPF to BGP WAN Routing protocols and administered Vulnerability assessment using Nexpose and Appspider on various applications and systems.
• Engaged in security agent Endpoint testing on Mac and Windows systems, global firewall requests, Rapid7 Nexpose administration, Splunk Cloud (data mining and custom data queries).
• Installation and Configuration of Cisco Catalyst switches 6509, 3750 & 3550 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design Document and followed the change process as per IT policy. It also includes the configuration of port channel between core switches and server distribution switches
• Administered and maintained the corporate DLP environments while structuring and documented the corporate DLP infrastructure environments and monitored current usage of RiskVision as the SOC case management system.
• Monitoring various event sources for possible intrusion, determine the severity and create correlation rules to detect thereat in SIEM.
• Administered enterprise-level Vulnerability Management solution using Rapid7 Nexpose to replace an existing legacy solution.
• Generated vulnerability reports, executive summaries, and mitigation plans using Rapid7 Nexpose.
• Assisted Splunk engineers by developing creating playbooks and SOPs to ensure a smooth transition to a new SIEM
• Worked on Symantec HIDS/ HIPS CSP solution for FIM (File Integrity Monitoring) and prevention policies including detailed policy creation/ application and Alert configuration
• Worked on transaction projects to implement of SIEM solutions to various stake holders.
• Performed System Administration Tasks for Symantec Data Centre Security
• Conducted onsite penetration tests from an insider threat perspective and responded to computer security incidents by collecting, analyzing, preserving digital evidence and ensure that incidents are recorded and tracked in accordance with NIST 800-61 and organizational SOC requirements.
• Malware Analysis tools: sys internals tool set, VMware, Wireshark, NMap.