SUMMARY

• ImplementingITIL and compliance (PCI, GLBA, SOX) related initiatives and manage heterogeneous security projects for over 44 countries.
• Providing Threat Management Tier 3/Tier 4 support
• Security Incident and Event Management systems (SIEM) RSA EnVision, ArcSight, Intellitectics, RSA Security AnalyticsinFinancial Services, Entertainment,Telecom and Healthcare sectors
• Developed correlation rules for potentials threats, unauthorized access control, Advance Persistent Threat (targeted attack), Incident Handling, and to monitor, manage and report on privileged user activities.
• Architecting and deploying enterprise - wide patch management, and centralized monitoring system(WSUS, SIEM)
• Industry recognizedMCSE, MCSA, MCP, CCNA and Security+ s and vendor specific SIEM

PROFESSIONAL EXPERIENCE

Confidential

Security Architect

Responsibilities:

• Infrastructure Security contains a design document that contains Internet security, Access Control, LAN/WAN security, Datacenter security and End User computing security solutions.
• Responsible for designing and architecting a security solution for the financial and other sectors that include dedicated cloud computing.
• Design and architect Security Incident and Event Monitoring (SIEM) on a dedicated and public cloud environment and understanding of concepts of Big Data.
• Provided security solutions to clients that include consulting, contacting vendors, producing selection, preparing the bill of material, and placing the order.
• Draft conceptual and logical architecture specifications, with a focus towards established process, at both enterprise and project levels.
• Gather the requirements of PCI; perform PCI assessment and PCI audit.
• Managed and created reports, dashboard, alerts using ArcSight, RSA security Analytics (SIEM), in Medicare healthcare and financial sectors.
• Performed QA for SOX Controls based on CIB IT SOX testing framework including privileged users’ access management and Break Glass account management.
• Wrote a white paper data security specific such as log monitoring, distributed denial of services attack

Confidential, Livingston, NJ

IT Security Architect

Responsibilities:

• Involved in designing and architecting latest version (4.5) of RSA enVision for NGDC (New Generation datacenter).
• Developed and tested security alarms and alarm logic based on various data sources that feed the Security Information Management platform.
• Ensured effectiveness of logging and reporting including logical networks, firewall, IDS, Windows, UNIX, Bluecoat, and internal application logs etc.
• Created correlation rule to monitor, applications, database, security devices such as DLP, FW, antivirus, IPS/IDS and manage and reporting on privileged user activities.
• Project coordination and management.

Confidential, Florham Park, NJ

IT Security Consultant

Responsibilities:

• Performed data analysis using the Threat Management platform, Security Incident and Event Management (SIEM) tools and database queries using ArcSight, Intellitectics, and proprietary Daytona.
• Served as a Subject Matter Expert (SME) and provide Tier 3/Tier 4 support in Threat Management
• Developed and test security alarms and alarm logic based on various data sources that feed the Security Information Management platform.
• Implement enterprise wide event correlation including rules development, reporting and alerting for near real time.
• Created reports and correlation rules to monitor events from applications and databases and devices.
• Developed alarming strategy for new feeds to the Threat Management platform.
• Created and configured Zoning, Categorization, assets.
• Developed tools (queries, reports, etc.) to simplify the analysis function and support the work done by analysts, Situational Awareness Teams and Global Response Teams.
• Identified improvement of alarming strategy for existing feeds.
• Respond to requests from CSO (chief security office) management for ad-hoc analysis and assist with analysis of cases created in the SIEM platform - including interpretation of events and identification of false positives

Confidential, NYC, NY

Sr. Security Analyst-Consultant

Responsibilities:

• Managed, installed and upgraded all aspects of the SIEM RSA EnVision system, which included report generation to shape up security and compliance (GLBA Gramm-Leach-Bliley, SOX etc.) in posture.
• Implementation of enterprise-wide event correlation for near real time, including log file aggregation, creating rules for correlation, and reports and alerts.
• Worked on Support Security Event Monitoring project, which included network technology, and collected log information from various sources and departments to validate data and for Security Event Monitoring / Incident Management. Conducted research to set up direction and strategy.
• Drafted conceptual and logical architecture specifications, with a focus towards established process, at both enterprise and project levels.
• Designed, analyzed and implemented real time alerts, correlation rules and reports for the proprietary system of DTCC, which was not supported by the RSA EnVision SIEM system.
• Maintained incidents logs, and track/follows up on problems. Ensured effectiveness of logging, including logical networks, firewall, IDS etc.
• Contributed in defining time tables and SIEM project plans. Assisted in definition of milestones and progress tracking.

Confidential, NYC, NY

Security/System/Network Consultant

Responsibilities:

• Independently designed and implemented the Windows Updates patch management system, WSUS enterprise-wide, including all of Confidential ’s international locations.
• Key member in the initiation of ITIL Projects, which included problem/incident management to ensure compliance with PCI, SOX and Confidential policies. Also coordinated ITIL Projects with local and international teams.
• Key member in designing and implementing processes that monitor enterprise-wide security to keep core business processes secure.
• Key member in designing and implementing ITIL framework, which included planning, execution and reporting.
• Helped auditors of Ernst & Young, KPMG etc. in auditing.
• Customized security and PCI, SOX compliance reports and alerts from the centralized logs on the Network Intelligence / EnVision SIM system.
• Monitored and created system and application level security reports for domestic and international users in more than 44 countries.
• Created reports for forensic investigation purposes.
• Monitored SOX compliance applications that include all local and international financial databases.
• Implemented enterprise-wide event correlation capability, including log file aggregation, writing rules for correlation, implementing reporting and alerting capabilities for a near real-time response.
• Maintained and upgraded Network Intelligence / EnVision SIM system.
• Key member of the change analysis/management team as a part of the ITIL implementation.
• Responsible for project management for multiple projects, such as MailFrontier, Counter Storm, Windows Security Update patch management WSUS, Host-Based Intrusion Prevention (Bit9 - Parity), BigFix Deployment Maintenance Task, Trend AntiVirus Upgrade, nCircle Vulnerability Scanning SQL Server for BlackBerry 4.0 and Exchange Server 5.5 retirement.