TECHNICAL SKILLS

Dynamic and Static Analysis Security Testing: IBM AppScan Enterprise (ASE), Standard & Source editions, Checkmarx, HP WebInspect, Whitehat Sentinel, QualysGuard, BurpSuite Pro, Veracode, Acunetix, HP Fortify SCA, SQLMAP

Security Penetration/ Testing Tools: AppDetect, AppRador, Oracle Identity Manager, Oracle Access Manager, Hijack, Varonis, BeyondTrust PowerBroker Password Safe, Metasploit Pro, ZED attack proxy, SQLMAP, Wireshark, WebScarab, Paros, Nmap, BMC BladeLogic, Nessus, Rapid7 Nexpose, Tripwire, Symantec Vontu, DBProtect, ArcSight SIEM, e - DMZ Password Auto Repository (PAR), Varonis, Amazon Web Services (AWS) Cloud security.

Operating Systems: Oracle Solaris UNIX, RedHat LINUX 4/5, Windows Server2003/2008.

Cloud Security: AWS Web Application Firewalls (WAF), Security Groups for Route 53 and Virtual Private Cloud (VPC), IAM Roles with EC2

Networking: Symantc DLP, Checkpoint, LAN, WAN, Palo Alto, Cisco, IDS/IPS, Anti-virus

Java & J2EE Technology: Spring Framework, EJBs, Struts2, Servlets, JavaServerPages (JSPs), JMS, Java Mail API, JNDI, LDAP, JDBC, JTS, RMI, AWT, Swing, Socket Programming, IONA Orbix CORBA.

Application Servers: Weblogic Server, iPlanet, Netscape Application Server and Microsoft IIS.

Languages: Java, Python, C/C++, C#.NET, Perl, UML.

Scripting: AngularJS, XML, XSLT, XPath, XQuery, HTML/JavaScript/JQuery, AJAX.

Middleware: TIBCO EMS, IBM WebSphere MQ, JMS

Databases: Oracle, MS SQL Server, Sybase.

Web Services: RESTFul/SOAP, SOA, UDDI, WSDL.

Web Servers: Apache Tomcat, Netscape Enterprise Server3.5, Jboss and JRun.

PROFESSIONAL EXPERIENCE

Confidential, Columbus, OH

Sr. Security Engineer

Responsibilities:

• Penetration testing based on OWASP Top 10 and SANS25. Analyze the results of penetrations tests, design reviews, source code reviews and other security tests.
• Decide on what to remediate and what to risk accept based on security requirements. Highly analytical computer security analyst with success both defending and attacking large - scale enterprise networks.
• Experience using a wide variety of security tools to include Kali-Linux, Metasploit, HP WebInspect, HP Fortify, Burp Suite Pro, Wireshark, L0phtcrack, Snort, Nmap, Nmap-NSE, Cain and Abel, Nitko, Dirbuster, IBM AppScan, OWASP ZAProxy, Nessus, Open Vas, W3AF, BeEF, Etthercap, Maltego, Wi-Fi-Security, SIFT, SOAP UI, FOCA, Havij, Yersinia, Recon-ng, Aircracking suite
• Involved in implementing and validating the security principles of minimum attack surface area, least privilege, secure defaults, avoiding security by obscurity, keep security simple, Fixing security issues correctly. Strong knowledge in Manual and Automated Security testing for Web Applications.
• Administered encryption, certificate management, key generation and implemented dual keys to address segregation of duties issue between DBAs and security admins.
• Knowledge of OWASP Top 10 and SANS Top 25 software guidelines, Federal Financial Institutions Examination Council's (FFIEC) regulations, including Payment Card Industry (PCI-DSS), HIPAA and Sarbanes-Oxley Section404 (SOX).
• Analyzed the results of penetrations tests, design reviews, source code reviews and other security tests.
• Performed Continuous Integration (CI) and Continuous Delivery (CD) of SAST scan automation using IBM AppScan Source for Automation.
• Configured AWS Simple Storage Service (S3) to securely store the organization’s critical file systems. Implemented Access Control Lists (ACLs) and Bucket Policies for controlling access to the data.
• Implemented Security Group Policies for Elastic Compute Cloud (EC2) instances within AWS. Developed AWS Service Roles to protect Identity Provider access.
• Participated in the implementation of Virtual Private Cloud (VPC). Implemented multiple layers of security, including security groups, network access control lists, to control access to Amazon EC2 instances in each subnet.
• Decide on what to remediate and what to risk accept based on security requirements.
• SOX Compliance Audit experience on controls like User access management, Change Management, Incident Management.
• Performed the penetration testing of mobile (Android and iOS) applications, specifically, APK reverse engineering, traffic analysis and manipulation, dynamic runtime analysis.
• Experience in Threat Modeling during Requirement gathering and Design phases.
• Experience with Security Risk Management with TCP-based networking.
• Experience with TCP/IP, Firewalls, LAN/WAN. Experience in implementing Security.
• Incident and Event Management System (SIEM) using HP ArcSight, Splunk.

Confidential, New York, NY

Sr. Security Engineer

Responsibilities:

• Experience using a wide variety of security tools to include Kali-Linux, Metasploit, HPWebInspect, HPFortify, BurpSuitePro, Wireshark, L0phtcrack, Snort, Nmap, Nmap-NSE, Cainand Abel, Nitko, Dirbuster, IBMAppScan, OWASPZAProxy, Nessus, Open Vas, W3AF, BeEF, Etthercap, Maltego, Wi-Fi-Security, SIFT, SOAP UI, FOCA, Havij, Yersinia, Recon-ng, Aircracking suite
• Decided on what to remediate and what to risk accept based on security requirements.
• Performed pen testing of both internal and external networks as per PCI-DSS standards. The pen testing scope included O/S (Windows and Linux) and external facing web apps and database servers that store credit card information.
• Reviewed security vulnerability reports for applications and databases, analyzed and worked extensively with the development teams for the implementation of mitigating controls.
• Implemented IBM AppScan standard, source editions, HP WebInspect, Whitehat Sentinel, Nessus, and QualysGuard web application scanners. In addition, the security tools Metasploit and BurpSuite were utilized for manual penetration testing.
• Participated in the implementation of AWS Cloud security for applications being deployed in the Cloud. Developed WACLS and configured rules and conditions to detect security vulnerabilities in the Cloud Front.
• Participated in the implementation of developing security policies and security groups for AWS Cloud infrastructure including, EC2, Security Groups, Route 53 and Virtual Private Cloud (VPC).
• Performed security assessments for the client-facing apps. The associated IT infrastructure such as database management systems, middleware systems, web services (SOA) were also included in the security assessments.
• Involved in the implementation of RSA Single Sign On (SSO) for the applications deployed in the Cloud and on-premise.
• Implemented Secure Software Development Life Cycle (S-SDLC) processes; developed secure coding practices for web, mobile applications, including database and middleware systems.
• Experience in Threat Modeling during Requirement gathering and Design phases.
• Security Risk Management with TCP-based networking.
• Experience with TCP/IP, Firewalls, LAN/WAN.
• Incident and Event Management System (SIEM) using HP ArcSight, Splunk.

Confidential, Chicago, IL

Security Analyst

Responsibilities:

• Discussed false positives and prepared a plan of action and milestones for mitigation Prepared incident reports for reported and unreported attacks APT hunting for Ransomware.
• Performed Root Cause Analysis for the incidents reported at Security Operations Center. Performed Security event monitoring of heterogeneous networks such as Firewalls, IDS/IPS, Cisco ASA, DLP devices using Splunk.
• Performed security compliance audits and identified control gaps for Firewalls, Routers, DLP, IDS/IPS, Winodws/Linux, and DB servers.
• Performed penetration testing for external facing web applications. Security areas covering DMZ architecture, threat modeling, secure coding practices (i.e., OWASP standards) and vulnerability analysis were assessed.
• Provided solution to many problems on a call with the best of my knowledge on the applications using event logs on the system/server and telemetry logs on the server, later started using Splunk for health monitoring, analysis, and reporting.
• Wrote scripts on servers using Python on Windows Servers 2008 to update servers with the latest patches and changes systems configurations at large.
• Used Remedy Information Technology Service Management (ITSM) tool for managing the incidents based on the priorities and solved issues which are in the security domain.
• Experience in performing authenticated and unauthenticated testing.
• Generated Vulnerability reports to monitor the health of the applications and reported High, Medium and low vulnerabilities in this system.
• AnalyzedattackpatternsBuildworkflowstoautomaticallyanalyzethesamples
• Determined what functionality attackers may have introduced and scan for malicious artifacts based on sandbox results Investigate endpoint attacks and replay attacks on systems.
• Analyze JavaScript, PDFs, Office documents, and packet captures for signs of malicious activity SIEM implementation and analysis by writing rules and reference sets.
• SIEM to determine attack vectors and source of incident Troubleshoot network application inbound/outbound connectivity utilizing Cisco WSA proxies and Wireshark.
• Involved on Bridges in solving High/Severe incidents reported in the application or in the environment.
• IronPort URL filtering for known bad URL content IronportMail.
• Analysis and blocking for known bad emails Analysis of pcap files using FireEye and Wireshark System audit and analysis using DOD checklist for PA series Threat and virus scanning using Malwarebytes from centralized console.
• Enforcement of policies and procedures for users, admins, and management Reverse engineering of malware using tools like malware, process hacker and so on Incident response tabletop exercise by documenting and alerting necessary personnel.

Confidential

Java/J2EE Developer

Responsibilities:

• Designed and created DAO using data modeling in the integration layer.
• Exposed all the enterprise services to the clients using SOAP and REST based web services, and tested using SOAPUI.
• Modified WSDL documents for the internal clients and deployed on WSRR.
• Implemented request and response objects using SOAP web services and JAXB for converting WSDL to java classes.
• Configured all dependencies with spring framework and various stateful and stateless beans in the application.
• Used various spring features to deploy custom properties and static context in the application.
• Exposed Stateless session beans as restful web services using Jersey JAX-RS.
• Created virtual host and configured based on the IP configuration for all enterprise services.
• Used JSON marshaller for marshaling and unmarshalling the JSON Objects and Dom manipulations with various SAX and Dom parsers
• Worked and configured with MKS and RTC versioning tools for keep track of source code.
• Used Jenkins for continuous integration with maven built in to generate the EAR files and sanity4j code quality testing reports.
• Hands-on a service-oriented approach (SOA) using WebLogic for integration.
• Worked on HP portfolio Management software to create the PPM packages and deploy the various environments.
• Updated the WSDL in WSRR for the governance and storing, accessing and managing information.
• Setup meeting to configure and understand the Data power for security, for accessing the application.
• Used Log4j for logging for debugging, warnings, errors etc.
• Created log back file based on time based triggering policy and application based triggering policy.
• Used HPQC for defect tracking and working on the defects and created Triage process (Microsoft Visio) to track the defects in the application.
• Migrated MKS Source control to RTC and created JENKINS builds for all enterprise services.
• Worked closely with the infrastructure team to create the performance environment for enterprise services.