PROFESSIONAL EXPERIENCE

Confidential, Northville, Michigan

IT Security & Compliance Manager

Responsibilities:

• Developed security strategy and performing IT risk assessment, vulnerability assessment and working with the business to mitigate risks.
• Developed information security awareness program for all users and conducted phishing campaign to analyze vulnerabilities and reduce risks.
• Developed a strategy and working with the business to ensure compliance to GDPR and NIST controls.
• Implemented and managing vulnerability management solution using tenable security center, policy compliance, nessus scanners and nessus network monitor.
• Installed tenable SIEM lite, Splunk and configured correlation rules to detect a variety of internet attacks & probes and investigate any abnormalities
• Installed Palo Alto firewall and configured IPS, DLP, vulnerability protection and wildfire.
• Analyzing malware and other unknown threats using Traps, Autofocus - Threat intelligence service, threat connect and other threat intelligence service.
• Installed and configured Encase Enterprise 7, Examiner, SAFE and servlets.
• Performing ongoing forensics investigation on computers & mobile devices for malware, advanced persistent threats, etc.
• Performing static and dynamic malware analysis for behaviors and other malicious activity.
• Installed and configured advanced endpoint protection (TRAPS) on servers and clients to prevent exploit, malicious executable and advanced malware.
• Installed and managing RSA Authentication manager 8.2 and configured RSA authentication agents, soft tokens, hard tokens authentication and risk-based authentication on all servers & laptops globally,
• Upgraded to SEP 14 to leverage SONAR, IPS and network threat protection, etc.
• Installed and configured a secure FTP and secure email solutions.
• Performing automated and manual penetration testing using Metasploit and other tools.
• Developed and implemented information security policies, standards, procedures and performing ongoing training sessions for employees.
• Developed monthly security newsletter for employees and performing ongoing social engineering and security exercises.
• Managing MDM solution to monitor mobile devices from intrusions, etc.
• Performing ongoing information security audits on a monthly basis for ISO27001, SOX and other required audits.

Confidential

Sr. Security Analyst

Responsibilities:

• Managing PCI-DSS and ISO2 program and providing technical leadership for information security program.
• Developed security awareness program and conducted security awareness training for new hires.
• Working with operations team to implement Mcafee encryption & DLP.
• Performing regular penetration testing and vulnerability assessment/remediation using Nessus, IBM app scan and metasploit.
• Managing Palo alto appliance for IPS, URL filtering, Anti-Virus, DLP, Malware, Denial of service and vulnerability protection
• Configured Wildfire advanced malware analysis tool to identify unknown malware, zero-day threats and advanced persistent threats.
• Upgraded RSA authentication manager from 6.1 to 8.1 and setup self-service console and risk-based authentication.
• Installed splunk enterprise 6.1, Configured ES, PCI app to monitor activity for internal and external attacks.
• Created dashboards, apps, real time alerts and daily reports in splunk.
• Installed and configured Encase Enterprise 7.10, Examiner, SAFE and servlets.
• Gather and analyze forensics evidence for computer & smartphone related incidents.

Confidential

Security & Control Engineer

Responsibilities:

• Provided 2nd level operation supports to the enterprise for Two Factor Authentication, SSL, Secure email, Single Sign-on, Virtual Directory Services, Identity Management and Encryption.
• Participating in RSA authentication manager 8, VDS, IDM & SSO upgrade projects.
• Working on customized scripts to automate multiple security applications.

Confidential

Information Security Analyst

Responsibilities:

• Provide technical leadership to the enterprise for the information security program.
• Reviewed & monitored change request for unauthorized changes to systems, network devices and firewalls.
• Reviewed daily audit logs for failed log-in attempts and reviewing audit logs on a monthly basis for SAS70, SSAE-16, PCI-DSS, HIPAA and SOX audits.
• Reviewed & monitored access to network ports, protocols and services.
• Conducting periodic vulnerability scans of systems, wireless and network devices.
• Established a procedure to detect rogue wireless devices.
• Developed minimum baseline standards for UNIX, Linux and Windows servers, firewalls and SSL VPN based on NIST frameworks, PCI and HIPAA guidelines.
• Installed and configured Guardium appliance 8 to manage several Oracle databases & configured multiple reports for privilege users, etc.
• Installed S-Tap client on AIX, Linux and Windows servers.
• Performed regular penetration and vulnerability assessment and review using Qualys, NMap, Nessus, Metasploit and other tools.
• Installed and configured Qualys appliance in multiple locations.
• Performed PCI and HIPAA compliance scans as well as internal and external vulnerability scans using Qualys.
• Scheduled automated reports from Qualys and worked with the appropriate groups on remediation process.
• Installed and configured SPLUNK 4.3 to monitor events and logs on Windows, Linux, AIX Servers, firewalls and network devices.
• Configured Syslog server and developed several scripts in UNIX and Windows to maintain several applications.
• Participated in incident response team and recommended corrective actions.
• Configured Juniper SSL VPN and ensured host checker, cache cleaner and other