- An Architect/Lead Security Engineer having around 11 years of total IT experience with 4+ years of Java/J2EE/C++ development experience followed by over 7 years of Security Engineering experience in Web, mobile and Cloud applications.
- Areas of Core strength are application security architecture, risk assessments, security design, threat modeling, secure coding, SAST/DAST/IAST, AWS Cloud security, security automation (CI/CD pipeline).
- Hands - on experience in conducting pen testing of both web, mobile and cloud applications.
- Well versed with OWASP Top 10 and SANS25, having strong experience in Cryptography and have Excellent communication skills.
- Currently working directly with various software development teams, engineering teams, system administrators in reviewing the source code, identifying security vulnerabilities, triage and providing guidance to the development teams to remediate the vulnerabilities.
Password Cracking: Hydra, Rainbow Crack, 0phcrack, John the Ripper, Pyrit.
Security Tools/Frameworks: Metasploit Pro, AppDetect, AppRador, Oracle IdentityManager, Oracle Access Manager, JHijack, OAuth 2.0, SAML2.0, SQLMAP, Wireshark, WebScarab, Paros, Nmap, BMC BladeLogic, Tenable Nessus, Rapid7 Nexpose, Tripwire, Symantec DLP, DBProtect, HP ArcSight SIEM, DBProtect, e-DMZ Password Auto Repository (PAR), Varonis. Splunk ( SIEM)
DAST, SAST, IAST Security: IBM AppScan Enterprise, Veracode, Standard & Source editions, HP WebInspect, Fortify SCA, Checkmarx, QualysGuard, BurpSuite Pro, Acunetix, OWASP Zaproxy, Contrast Security IAST.
Network Security: Symantec DLP, Checkpoint, Palo Alto, Netcat, Tenable Nesses Security Center, Openvas, Cisco IDS/IPS, Symantec Endpoint Protection, Anti-virus.
Cloud Security: Amazon Web Services and MS Azure
Middleware: TIBCO EMS, IBM WebSphere MQ, JMS
Continuous Integration (CI) and Continuous Delivery (CI/CD) Pipeline: Jenkins, Maven, ANT, Gradle, RTC, GitHub, Aqua Container Security
Databases: Oracle, MS SQL Server, DB2, MySQ, MongoDB.
Operating Systems: Oracle Solaris UNIX, RedHat Linux, Kali Linux, Ubuntu
Servers: Weblogic Server, Linux, Windows Server 2008/2012, Netscape Application Server
Languages: Java, Python, C/C++, C#.NET, Perl, Struts2, Spring Framework, Servlets, JavaServerPages (JSPs), JMS, Java, UML. Mail API, JNDI, LDAP, JDBC, JTS, RMI, AWT, Swing, Socket Programming, IONA Orbix CORBA.
Confidential, New York, NYC
Lead Security Engineer/Architect
- Completed proof-of-concept thin-client web framework for enterprise intelligence applications with web developer under extreme deadline.
- Developed Application Security program (DAST, SAST, IAST) at the enterprise level to identify, report and remediate security vulnerabilities from applications deployed in DEV, PRE-PROD and PROD environments.
- Designed, documented and executed maintenance procedures, including system upgrades, patch management (security patches) and system backups.
- Implemented rules for securing/hardening of IDS/IPS and MPS.
- Specifically, security testing has been performed to identify XML External Entity (XXE), Cross-Site Scripting, ClickJacking, and SQL Injection related attacks within the code.
- Developed threat modeling framework (STRIDE, DREAD) for critical applications to identify potential threats during the design phase of applications.
- Implemented file system security by applying hashing techniques for protecting data stored in files on the file servers.
- Administered PKI, cryptography, certificate management and implemented dual keys to address segregation of duties issue between DBAs and security admins.
- Participated in the development of IT risk assessments for enterprise applications.
- Implemented DevSecOps for the entire application security scanning including, automatic scanning, application of security policies, upload the results to the enterprise portal.
- Automated the build and release management process including monitoring and tracking changes between releases using Continuous Integration tool Jenkins
- Setup Jenkins as CI/CD for integrating build tools into the development life cycle.
- Implemented, and automated security controls, governance processes, and compliance validation
- Troubleshooted and resolved web application issues escalated from customer support and other departments with a 100% success rate.
- Participated in the implementation of Tanium platform. Deployed and configured Tanium Asset, Patch, EDR and Vulnerability Configuration modules
- Participated in the implementation of Tanium platform. Deployed and configured Tanium Asset, Patch, EDR and Vulnerability Configuration modules, generated reports and applied remediation to meet the compliance
- Worked on Imperva SecureSphere Web Application Firewalls (WAF), AWS Cloud Security, Symantec SOC Cloud Access Security Broker (CASB), Twistlock (Prisma Cloud) Container Security.
- Strong AWS platform experience with Route53, CloudWatch, S3, ELB/ALB, Lambda, EC2 and Subnets.
- HTTP Streaming, ABR Formats, VOD Content, CDN Assisted VOD Platform, Edge Caches, MID Caches, Origin, Content Routing, Traffic Ops, Traffic Monitoring, InfluxDB, Stats Server, Content Health Monitor, Delivery Services, Content Federation, Persistent Storage for partitions, Ram Cache, Apache Traffic Server, Make Doc’s documentation server
- All aspects of CDN Engineering, design, build, deploy, support and train peers
- Ansible Automation for CDN framework
- Monitored security events, investigate the root cause to identify their impact and develop prevention strategy for remediating the security issues. Responded to security events and worked with the respective teams for resolution.
- Configured GemaltoProtectDB to enable column level encryption for securing confidential customer data.Designed security architecture for web and mobile apps.
- Reviewed Solution overview Documents (SODs) to identify security anomalies in the system architecture and design and provided recommendations to address data security and privacy concerns.
- Conducted security assessments to ensure compliance to firm's security standards (i.e., OWASPTop10, SANS25) including OWASP API Security Top 10.
- The NIST framework has been utilized for IT risk assessments.
- Rolled out IBM AppScan products such as AppScan Enterprise (ASE), Standard, Source, Checkmarx, Developer plug-ins to various development teams across the business lines.
- Implemented Identity and Access Management (IAM) solutions across the organization for various business applications.
- Participate in development of roadmaps and participate in the standards process for Identity and Access Management (IAM) solutions
- Execute and track security process related activities including User ID management
- Manage operations within the IAM environment at the client, including application patching and upgrades and certificate management
- Establishes and maintains good working relationships with all IAM customers
- Prepared technical architecture proposals for enhancements and integration of existing third-party software systems.
- Generated executive summary reports showing the security assessments results, recommendations (CWE, CVE) and risk mitigation plans and presented them to the respective business sponsors and senior management.
- Conducted monthly developer workshops to educate and train developers on secureSDLC, scan source code using IBM AppScan Source, triage and resolve the security vulnerabilities.
- Working knowledge of AWS Cloud Security in implementing IAAS, PAAS and SAAS based applications.
- Instrumental in architecting, implementing and administrating a Security and Information Event Management (SIEM) solution (Splunk ES, Exabeam UBA).
- Implemented Continuous Integration (CI) and Continuous Delivery (CD) pipelines for automating the security scanning process. Developed build scripts as part of DevSecOps to automate CI/CD. The tools such as Jenkins, Maven, ANT, Gradle have been utilized.
- Implemented Multifactor Authentication (MFA) for AWS root accounts, including password rotation policies.
- Performed the configuration of security solutions like RSA two factor authentication, Single Sign on (SSO), Symantec DLP and log aggregation and analysis using HP ArcSight SIEM.
- Set up Access Keys and Secret Assess Keys for newly created users.
- Developed WACLS for AWS Web Application Firewalls (WAF) and configured the rules and conditions to detect security vulnerabilities in the Cloud Front.
- Performed vulnerability testing using tools such as Tenable Nessus Security CenterandQualysguard.
- Integrated Qualys with third party Privileged Access Management (PAM), password vaults.
- Developed Security requirements for Intrusion Detection and Data Loss Prevention (DLP) specifically for Data at Endpoint protection, Data In-transit, and Data at rest.
- Skilled using Burp Suite, Acunetix Automatic Scanner, NMAP, Dirbuster, Qualysguard, Nessus, SQLMap for web application penetration tests and infrastructure testing.
- Proficient in understanding application level vulnerabilities like XSS, SQL Injection, CSRF, authentication bypass, cryptographic attacks, authentication flaws etc.
Confidential - Jersey City, NJ
Sr. Security Engineer
- Expertise in using the DAST tools (Like IBM AppScan and Burpsuite Pro) while the application is running to penetrate the application in various ways to identify potential vulnerabilities outside the code and in third party interfaces.
- Analyzed security incidents originated from various network/application monitoring devices (e.g., Symantec DLP) and coordinated with Engineering teams for tracking and problem escalation, including remediation.
- Performed the penetration testing of mobile (Android and iOS) applications, specifically, APK reverse engineering, traffic analysis and manipulation, dynamic runtime analysis.
- Developed secureSDLC policies and standards for Web and Mobile apps.
- Working knowledge of SSO implementation for the applications deployed in AWS cloud platform.
- Strong AWS platform experience with Route53, CloudWatch, S3, ELB/ALB, Lambda, EC2 and Subnets.
- Work with the project teams on implementing the defined business Roles within Access & Identity Management (AIM) solution
- Reviewed Qualys scan reports, performed the triaging to eliminate false positives
- Provided Technical Support to the team and worked with various information technologies like network devices, operating systems, endpoint security systems such as intrusion protection, antivirus solutions, and information security technologies.
- Implemented security controlsin accordance to NIST, CIS Benchmarks, FFIEC, ISO 27001 Frameworks.
- Worked with DevOps tools such as Jenkins, Maven, ANT, GITHub, Python for CI/CD integration.
- Defined and deployed monitoring, metrics, and logging systems.
- Implemented systems that are highly available, scalable, and self-healing on the web, mobile and cloud platforms. Designed, managed, and maintained tools to automate operational processes
- Developed Information Assurance (IA) designs to meet specific operational needs and environmental factors
- Participated in the implementation of AWS Cloud security for applications being deployed in the Cloud.
- Configured Qualys scanner and performed both authenticated and unauthenticated scans
- Enabled continuous monitoring for the hosts using Qualys VM/VMDR.
- Developed WACLS and configured to rules and conditions to detect security vulnerabilities in the AWS Cloud Front.
- Implemented OAuth2.0 andSAML authorization frameworks for granting permissions by third party Identify Providers.
- Experience with SaaS applications in configuring and deploying to the cloud platform Worked with DevOps teams to automate security scanning into the build process.
- Worked extensively with software development teams to review the source code, triage the security vulnerabilities generated by IBM/HCLAppScan, BurpSuite, MicrofocusWebInspect, Fortify, Checkmarx and eliminated false positives.
- Reviewed Android and iOS mobile source code manually and recommended code fixes.
- Participated in the Proof of Concept (POC) in implementing Arxan application protection software for Mobile apps.
- Performed Root Cause Analysis for the incidents reported at Security Operations Center.
- Performed Security event monitoring of heterogeneous networks such as Firewalls, IDS/IPS, CiscoASA, DLP devices using Splunk SIEM.
- Solved many problems on call with my knowledge on the applications using event logs on the system / server and telemetry logs on the server, later started using Splunk for health monitoring, analysis and reporting.
- Used Remedy Information Technology Service Management (ITSM) tool for managing the incidents based on the priorities and solved issues which are in security domain.
- Generated Vulnerability reports to monitor health of the applications and reported High, Medium and low vulnerabilities in these systems.
- Troubleshoot network application inbound/outbound connectivity utilizing BluCoatproxies and Wireshark.
- Actively involved on Bridges in solving High / Severe incidents reported in the application or in environment. Reported all my findings on the incident status to the higher management, clients in timely fashion.
- Held Responsibility for Securing and Maintaining 14 legacy applications, 10 geographically separated application servers and around 200 Citrix Servers along with a small team.