- Over 8+ years of experience in cyber security with extensive knowledge in threat intelligence and analysis, encryption, cryptography, threat modeling, security issues, business practices, RBAC, SSO, Splunk, SIEM, security controls, secure coding, data center migration, SaaS, PaaS, IaaS, identity management and authentication, systems, API Gateways, NERC - CIP, SLA, SIEM, PCI, GLBA, SOX, key factor, network application security, web protocols, Linux/Unix tools and architecture, internet security issues, DevOps automation, VMware, Windows administration, threat landscape and Windows administration.
- Advanced skillset Cloud IAM services Ping Identity, PKI, thread modeling, Azure authentication systems and cyber security arenas like, IDS/ IPS, incident response, common attack patterns, exploitation techniques, social engineering, detailed research in fraud prevention, active directory, multi forest design, threat actors.
- Acquired knowledge in Automation and DevSecOps, identifying on-board/off-board gap impacting Access Management and resolving by updating organizational procedure shortfalls, conducting system security assessments based on NIST, Generating security documentation, including: security assessment reports; system security plans; contingency plans; and disaster recovery plans.
- Experience in public cloud technologies, providing security support and evaluation to development teams in order to integrate information assurance/security throughout the System Life Cycle Development of major and minor application releases.
- Participated in two security audits conducted by the Confidential and performed hard drive forensics.
- Sustained focus on customer service, quality, ownership and communication.
- Worked as Cybersecurity Engineer with experience in network security firewalls, POAMS’, data architecture, web services and APIs, SOC2 reports, cyber forensics, mitigation plans, risk management, patching, threat detection, AWS Cloud Computing, Mail protection and cloud security.
Tools: Amped5, Forensic toolkit, Autopsy, Wireshark, Nmap, Encrypted disk detector, Network and Security auditing tool, Network miner, Ping ID, Nikto, Nexpose, Metasploit, Azure authentication, AWS Cognito, hash my files, Forevid, RSA Archer, IBM App Scan, Red Owl, Securonix, Terraform, ServiceNow, SCCM, Burpsuite, Nexus, GCP, Bluecoat Proxy, FW Technologies.
Platforms: MacOS, Linux, Unix, Windows
Network Protocols: Cisco Switches, TCP/IP model, Adhoc, SSH, Nexus Switches, SDWAN, Snort, Port scanners, rootkit detectors, SSL, TCP/UDP, OSI, HTTPS, BGP, VLAN, TLS, WAN, SONET, ARP and IPSec.
Other Skills: Outlook, excel, word, Acrobat Pro, Docker, Cryptography, Network security, Kubernetes, routers, bridges, switches, Tableau, SIEM, Splunk, AWS, Firewall, Active Directory, Troubleshooting in Networks and System, VLAN, LAN/WAN, MPLS, STP, IDS and IPS.
Programming: C, C++, C#, Python, Groovy Script, XML, HTML, Java, R, SQL, PHP, Perl
Data Security Engineer
- Assisted with implementation and/or administering DLP systems such as Symantec.
- Implemented and administered Cloud - based DLP systems such as BigID or GCP native DLP controls.
- Unstructured data discovery and classification.
- Provided implementation and operational support for data protection tools such as network and email DLP and data discovery tools.
- Assisted with native Cloud DLP concepts in GCP and GRC tools like RSA Archer.
- Troubleshooted and tuned DLP policies.
- Helped the Intel team to deploy existing security tools within the FedRAMP GCP environment to optimize the architecture and capabilities within GCP.
- Helped with continuous integration and continuous delivery tooling and practices.
- Managed Infrastructure as code via tools such as Terraform or CloudFormation.
- Worked on analytical and troubleshooting tasks.
Cyber Security Intern
Confidential, Saint Louis, MO
- Most of the company’s data and confidential documents is on the cloud and need security.
- Basic responsibilities included: managing network security, troubleshooting security issues and identifying risks.
- Assisted in planning the company’s cybersecurity risk management framework, laws, and policies.
- Ensured the cloud security is maintained throughout and data is secure.
- Conducting risk management assessments based on NIST .
- Worked on Windows and MacOS.
- Identified risks and requirements associated with projects.
- Deployed strategies for present and future business requirements.
- Helped in identifying and resolving any kind of technical issues.
- Worked on security exceptions, risk acceptance and build a safe security architecture.
- Skilled in working on security technologies, providing network security and Internet Protocols.
Cyber Security Engineer
- Working on forensic tools, creating reports, conducting investigations, crime scene investigations and troubleshooting network and security.
- Generated security documentation, including: security assessment reports; system security plans; contingency plans; and disaster recovery plans.
- Provided security support and evaluation to development teams in order to integrate information assurance/security throughout the System Life Cycle Development of major and minor application releases.
- Organized application of major security initiative for Staff Network.
- Executed Update Mitigation Plan for Staff Network.
- Managed and conducted a site wide inventory project for 200 laptop computers and experience with ITIL compliant Service Desk tool.
- Performed random security inspections for a site containing 1500 employees.
- Worked on live cybercrime projects, helped in data acquisitions and incident response.
- Configured PCs and laptops; install, repair, and conduct preventative maintenance on computers, hardware, and peripheral components like disk drives, printers, keyboard and monitors.
- Configured Android and iPhone devices in Microsoft Exchange based networks with MDM solutions.
- Learnt to perform Risk assessment, Threat detection, and Intrusion Detection and Prevention.
- Worked on troubleshooting networks and systems, Active Directory, Wireshark, Firewalls, LAN/WAN.
- Work with Customer Care agents to gather information related to customer fraud inquiries .
- Assist in researching and tracking identified industry fraud trends.
Cloud and Security Associate
- Basic job responsibilities included providing cloud solutions, security solutions, information security consulting and cyber security services that span the entire information security space. Defining strategy and identifying threats to deploying the right technology and ensuring operational readiness.
- Assisted with providing solutions in Confidential Team Technologies National and International Branches located in Hyderabad, Australia and USA.
- Conducted Application Migration to the Cloud.
- Provided Public, Private and Hybrid Cloud Management Services.
- COTS Software Deployment to the Cloud.
- Used Cloud VMs for Development, Testing and Training.
- Experienced in High-Performance Computing.
- Gained Knowledge in Cloud Readiness and Application Enablement.
- Security Program Strategy to align information security policy and strategy with business goals.
- Threat and Vulnerability Management to uncover and remediate flaws and vulnerabilities in your security systems.
- Enterprise Risk and Compliance to better understand risk through an IT risk assessment and make informed decisions about managing it.
- Security Architecture and Implementation to help you make decisions about the right technology, architecture and projects to ensure enterprise and network security.
- Enterprise Incident Management to improve response to unauthorized intrusion attacks.
- Identity and Access Management (IAM) to design, implement and test IAM systems that better enable business.
- Education and Awareness to promote behavior that can improve security and reduce risk.
- Understood and analyzed performance requirements and interfaces.
- Converted requirements to business and technical specifications.
- Analyzed information to determine, recommend and plan computer specifications and layouts.
- Analyzed program requirements and operation procedures to improve existing systems as per program objectives and provided post-implementation support.