PROFESSIONAL SUMMARY:

• Information Security Analyst/Engineer with experience in analyzing security incidents, Vulnerability and Penetration testing, Network Monitoring, Information Security & Network security functions.
• Experience with industry recognized SIEM (Security Information and Event Management) solutions such as NITRO, Splunk, Forcepoint and many other tools.
• Hands on experience with security consulting and research
• Hands on experience with HP Arcsight, IBM QRadar, Rapid7, Forcepoint
• Hands on Experience with RSA Authentication
• Solid understanding of working with NIST framework
• Hands on experience with Incident Handling, Documentation and log analysis
• Experience and better understanding of scripting languages, command shells and regular expressions such as Python, Perl, visual basic
• Assess and evaluate business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement
• Hands on Experience with Security frameworks such as NIST, HIPAA, PCI - DSS
• Excellent consulting and partnership skills in a large organization
• Experience on the technical delivery side of Governance Risk and Compliance (GRC) projects
• Troubleshoot issues and perform many tasks related to technologies such as RSA Authentication
• Hands on Experience with Rapid7 Nexpose, Metasploit and ForcePoint
• Experience with identity and access management solutions such as LDAP, Active Directory, XAML, SAML and multi factor authentication
• Worked withSymantecDLPAdministration andCASBCloudsecurity
• Worked in SOC department to analyse security incidents and log analysis
• Implementation of a GRC utility (from POC, through evaluation, selection, and implementation)
• Solid understanding and implementation of Firepower and identity service engine for big organizations
• Experience with 802.1x implementation and support
• Solid Knowledge of Linux, RHEL, CentOS, Windows, Unix Operating systems
• Identify the threat vectors and security events by analyzing signatures
• Perform Risk Assessment, Gap analysis & create Risk Mitigation plan.
• Experience configuring and deploying McAfee modules and products like McAfee ePO, McAfee VSE, McAfee HIPS, McAfee Endpoint Encryption, McAfee Network DLP, McAfee DLP Endpoint, McAfee SIEM.
• Oversee Vulnerability assessment /penetration testing of scoped systems and applications to identify system vulnerabilities.
• Working knowledge in installation and configuringSAMLFederatedsecurityservices and web services for enterprise applications.
• Excellent knowledge of FISMA, HIPAA and NIST Compliance usage, rules and regulations
• Hands on experience with creating Regular expressions for any signatures
• Use Splunk Security Manager to identify threats and assigned category.
• Solid Understanding of IBM QRadar, Palo alto NGFW
• Provided technical security proposals, security presentation, installing and configuring Checkpoint and Palo Alto firewalls, VPN networks and redesigning customer security architectures
• Researched, designed, and replaced aging Checkpoint firewall with new next generation Palo Alto appliances serving as firewalls and URL and application inspection
• Familiar with SSAE 16, ISO27002, Safe Harbor, Privacy Shield, General Data Protection Regulation (GDPR)
• Experience in setting up SSO Environment for PingFederate, and PingAccess. PF as Auth server and PA as Resource server protecting API
• Performed upgradation of Palo Alto firewall from old platforms to new platforms 6.1.5 to 6.1.10
• Configured Palo Alto Next-Generation Firewall mainly VSYS according to client topology
• Specialist in Consulting of different security solutions for all phases of solution cycle: Planning, Architecture, Design, Implementation, Deployment, Troubleshooting & Support, Handover and Documentation.
• Experienced in Python Scripting.
• Strong understanding of DLP Architecture, Rules and Policies and its implementation
• Hands on experience in administering and managing network and server infrastructure technologies and devices including firewalls, routers, switches, servers etc.
• Knowledge & Experience of OWASP top 10 vulnerabilities experience inNetwork security design, proposal, solutions development and solutions architecture
• Excellent Project Management skills and adaptable to work in any work environment
• Assist in the creation of an end-to-end technology strategy for SIEM to address current and future security concerns, emerging threats, regulatory compliance and alignment with technology and the business
• Strong understanding of communication protocols (SSL, TLS, IPSec)
• Provide support in security architecture, design, developing, monitoring and supporting enterprise infrastructure environment
• Excellent security management experience
• Have solid auditing experience
• Preparing for CISSP certification and will get it in November

SPECIALIZATION:

Governance, Risk & Compliance: GRC Archer, Risk Assessment, Compliance Tracking, Audits- ISO 27002, SSAE 16 PCI, GDPR, NIST, FISMANetwork Security: NIPS/NIDS, Firewall, VPN (IPSec, SSL), DLPEndpoint Security / Information Security: Antivirus, HIPS, Encryption, HDLP, Malware Analysis, Advance Threat Protection

Content Protection: Email Security, Web Security, Application Security

SIEM Tools: McAfee SIEM, Splunk SIEM, HP ArcSight

TECHNICAL SKILLS:

Platforms/Applications:

Continuous Monitoring: Vulnerability Management, Web Application Scanning, ThreatProtect, Policy Compliance, Cloud Agents, Asset Management, Governance, Risk Management and Compliance, Solarwinds, Nexpose, Forcepoint, Rapid7

Networking Protocols: FTP, SNMP, Telnet, HTTP, SSH, DNS, DHCP, DHCPv6, ICMP, ICMPv6, SMB

Event Management: RSA Archer, Blue Coat Proxy, Splunk, NTT Security, LogRhythm, HP Arcsight

PenTest Tools: Metasploit, NMAP, Wireshark and Kali

Security Software: Nessus, Ethereal, NMap, Metasploit, Snort, RSA Authentication

Frameworks: ISO27001, PCI-DSS, SSAE 16, FedRAMP, SOC 2, UEBA, ISAE 3000,HIPAA, NIST.

Security Intelligence: WhiteHat Web Security, iDefence, NTT Security, LogRhythm

SIEM: Splunk, Solarwinds, ArcSight, Nitro, IBM QRadar, Forcepoint, Rapid7 Nexpose

Switches: Cisco Catalyst VSS 1 50- X / 2960

Routers: Cisco Routers ASR / 2600

Firewalls: Check Point, ISA 2004/2006, Palo Alto PA 3000/5000

Networking: Conversant in LAN, WAN, Wi-Fi, FTP, SNMP, Telnet, HTTP, SSH, DNS, DHCP, DHCPv6, ICMP, ICMPv6, SMB, WINS, TCP/IP, ISCSI, Fiber, Firewalls/IPS/IDS

Routing: OSPF, EIGRP, BGP, RIP-2, PBR, Route Filtering, Redistribution, Summarization, Static Routing

Switching: VLAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switching, Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging

Protocols: TCP/IP, L2TP, PPTP, IPSEC, IKE, SSL, SSH, UDP, DHCP, DNS

Hardware: Dell, HP, CISCO, IBM, SUN, CheckPoint, SonicWall, Barracuda Appliances, SOPHOS email appliances

VPN: ASA 5520, Cisco Concentrator 3030, Nortel Contivity Extranet 1500

NMS: NAM, Sniffer, Solarwinds NPM, Cisco Secure ACS 5.2, CiscoWorks

Operating Systems: Windows, Unix, MS-DOS, RHEL, CentOS, Kali Linux

PROFESSIONAL EXPERIENCE:

Confidential, Windsor, Connecticut

IT Security Engineer

Responsibilities:

• Daily assessment of Vulnerabilities identified by Dell Secureworks Firewall and IDS/IPS System through RegEX
• McAfeeePolicy Orchestrator,McAfeeVirusScan Enterprise, MCP and HIPSMonitoring and troubleshooting of security threat event, intrusion detection, Virus/Malware outbreaks.
• Infrastructure upgrade and policies migration forSymantecDLPfrom version 12 to 15.
• Configured and scheduled Qualys Scanner inQRadarto perform scan on regular intervals.
• Configuration ofMcAfeeAntivirus products on end-points (Clients/Servers).
• Hands on Experience with Metasploit exploit techniques
• Solid understanding of RSA authentication and Rapid 7 technologies and ForcePoint
• Architect/Design a new SSO infrastructure for external access using thePingIdentitycomponents.
• Configured and manageHitachiPasswordManagement and Identity Management tool
• CASBadministration to provide cloud applicationsecurityleveraging Shadow IT and creating and documenting the process of vetting cloud applications safe to use to the company and adding data protection.
• Architect for Rapid7 Nexpose Vulnerability Management System and continue with scanning and reporting
• Static Code analysis using HPFortifyto identify the vulnerabilities in the applications.
• Frame works used ISO 27001 ISMS, PCI DSS, SSAE16, OWASP, SANS
• Owned setup and deployment of Rapid7 InsightVM/Nexpose and all scanning appliances, documentation, process, reports, etc.
• Worked on SOC department which runs 24*7 days and able to analyse all security incidents
• Conducted network penetration tests and implemented vulnerability assessments
• Have solid experience working with FireEye HX, NX, EX, AX series
• Worked with GRC technology and have better understanding on it
• Performed centric threat analysis on advanced SIEM technologies: ArcSight, Splunk ES, AlienVault,QRadar.
• Worked with Embedded system technologies to remediate attacks on them
• Participated in courses for password cracking and attack technologies
• Solid understanding of OWASP top Vulnerabilities and other software security best practices
• Familiarity with security andtesting tools such as Burp Suite, Nmap, Zenmap, OpenVAS, Nessus
• Advise thePCIDSSDirector, Business Unit liaisons, andSecurityPrograms Project manager.
• SymantecEndPoint infrastructure administration and support and assist the analyst with malware investigations and cleanup. create and manage documentation necessary to accelerate the RFP response process.
• Deploy and AdministerSymantecEndpoint Protection (SEP) Antivirus across the enterprise
• Resolve Incidents while investigate & troubleshoot root causes when escalated
• Hands on experience with AWS and Azure cloud management
• Used remediation techniques for all collected vulnerabilities and if it is very high severe vulnerability then ticket escalate to the higher authority
• Responsibility for the planning and controlled execution of releases into the managed environment
• Performed vulnerability scanning on web applications and databases to identify security threats and vulnerabilities.
• Conduct FISMA complaint security control assessments to ascertain the adequacy of management, operational, technical and privacy controls.
• Architect, implement and monitor Rapid7's InsightVM vulnerability scanner and InsightIDR SIEM solution.
• Performed user provisioning in Identity Provider (IdP) site Service Provider(SP) site usingSAMLfor SSO
• Conducted system security assessments based on FISMA, NIST and HIPPA/PCI DSS Compliance.
• Excellent knowledge of Compliance documentation (FISMA, NIST, HIPPA etc.)
• Perform Risk Assessment and drive the closures of identified risks.
• Vulnerability Management: Configured Qualys, Nessus Guard Tool for Vulnerability Analysis of Devices and Applications. Monitored them constantly through the dashboard by running the reports all the time.
• Conducting security workshops and presentations for the clients.

Confidential, Estero, FL

Cyber security Analyst

Responsibilities:

• Configure, upgrade and fine tune the DLP policies to meet the changing needs & improve Security Metrics
• Responsible for Monitoring and enforcing information security program and policies
• Responsible for developing information security risk identification, classification, triaging and mitigation
• Worked with the enterprise architecture team, Security Governance, and Policy team
• Good understanding of administering and implementing SIEM, DLP, Web sense, Advance malware detection program, vulnerability assessment, and prevention,
• Acted as the key escalation point for all technical issues and requests with regards toHitachiand Identity Access Management.
• Run vulnerability scans using Rapid7 Nexpose to compile list of necessary patches
• Configuring IdP initiated and SP initiatedSAMLprofiles with different bindings like POST, Artifact, Redirect as per the custom business andsecurityrequirements.
• Maintaining Microsoft Active Directory, routers, switches, and Symantec backup
• Set up Pingaccess to backend apps to work alongside pingfederate for seamless integration
• Perform the upgrade forSymantecDLPfrom 12.5 to 14.5 for the back-end infrastructure and Endpoint agents.
• Performed penetration testing on internal website usingOWASPtop 10 Vulnerabilities.
• EntrustPKI andSecuritymanagement, penetration testing and website protection with mitigation and remediation of Intrusion Prevention Systems (IDS/IPS).
• Executed thePCIDataSecurityStandards (PCIDSS) assessments for all controls, including communication of key milestones, gap remediation consulting/tracking, and guidance on compensating controls
• Leading a project to deploy Revers Proxy and SMTP Proxy from SymantecCASB.
• Worked with all Metasploit Exploitation techniques
• Conducting security workshops and presentations for the clients.
• Duties involves participation in managing technologies, evaluating new technologies, continuous improvement of SLA, customer meetings, implementing new solutions as asked by customer.
• Performing Vulnerability Assessments and taking the required counter actions and measurements to ensure the security of the IT infrastructure / systems.
• Analysis and documentation of network & information security requirements and define security policy for enterprise client and business critical servers.

Confidential

Security Engineer

Responsibilities:

• Assessed and built a data protection program through data classification skills and a clear understanding of privacy standards and regulations
• Data Loss Prevention suit, Symantec DLP Product - Implementation and deployment as the champion team
• Generate vulnerability reports, executive summaries, and mitigation plans using Rapid7 Nexpose.
• Deployment of Data loss prevention across the network - Data in motion, Data in Use & data at Rest servers
• Reviewed encryption logs andDLPlogs to regulate use base technological risk violations
• Gained experience with Symantec DLP Software: DLP Cloud Prevent for Microsoft Office 365, DLP Cloud Storage, Cloud File Sync and Share, and security product capabilities
• Conducted risk and vulnerability assessments on systems and applications via Rapid7 Nexpose and Acunetix
• DesignSAML2.0 and MFA utilizing Microsoft AD FS & Microsoft Azure, as well as managing Microsoft GPO.
• Deployed in the cloud and on-premises using Amazon Web Services (AWS) and Single- Server support
• Analyzed Symantec DLP events and reports
• IntegratedPingAccess withPingFederate System to get authenticated byPingFederate and Authorized byPingAccess Servers using the Access Control Lists.
• Lead and perform the annual SOX Audits andPCIassessments
• Performed tuning of Symantec DLP to reduce false positives and improving detection rates
• Network Access Control - Implementing a secure solution to identify network devices and profiling the Network devices to allow or disallow access based on the device type
• Signature Updates Deployment on the Management Components and all the Individual IPS/IDS devices
• Intrusion Prevention System - IDS/IPS Implementation and Upgrade for SiteProtector
• Analyzed the Network Attack, blocks, detects and regular Health Checkups in the real environment
• Prepared the Knowledge Transfer document of Process and Technical specifications guide for the Transition/Internal purpose
• Implement, maintain, and administrate IT vulnerability management with Qualys and Rapid7/Nexpose.
• Contributed to providing Secure environments for our clients regarding pci compliance. Specifically thru event log monitoring by hand as wellas utilizingpythonto compile large swathes of data for comparison.
• Data Loss Prevention suit, Symantec DLP Product - Implementation and deployment as the champion team
• Deployment of Data loss prevention across the network - Data in motion, Data in Use & data at Rest servers
• Gained experience with Symantec DLP Software: DLP Cloud Prevent for Microsoft Office 365, DLP Cloud Storage, Cloud File Sync and Share, and security product capabilities
• Deployed in the cloud and on-premises using Amazon Web Services (AWS) and Single- Server support
• Performed tuning of Symantec DLP to reduce false positives and improving detection rates
• Network Access Control - Implementing a secure solution to identify network devices and profiling the Network devices to allow or disallow access based on the device type
• Signature Updates Deployment on the Management Components and all the Individual IPS/IDS devices
• Intrusion Prevention System - IDS/IPS Implementation and Upgrade for SiteProtector
• Refined IPS Policy and Creating Rules according to the Security Standard
• Analyzed the Network Attack, blocks, detects and regular Health Checkups in the real environment
• Prepared the Knowledge Transfer document of Process and Technical specifications guide for the Transition/Internal purpose
• Experience in configuring and troubleshooting BGP, EIGRP