PROFESSIONAL SUMMARY:

• Having good experience with 6+ Years of relevant experience in Information/ Cyber security Analyst role.
• Experienced, Skilled & technically proficient with various SIEM, DLP, IDS/IPS, multiple firewall solutions, network security, and information security practices.
• Experienced in CyberArk installation and implementation of Cyber Ark 7.0 and most recent implementation of CyberArk 8.1.0. and CyberArk 9.2.1.
• Good Knowledge and experience of Risk assessment process and control frameworks including ISO/IEC 27001/2, NIST SP 800 - 37, SOC 2, NIST SP 800-53, PCI DSS, HIPAA etc.
• Implemented comprehensive GRC (Governance, risk and compliance) policy using RSAM software. Hands on experience with different vendor based GRC solutions like Continuum, RSAM, IBM GRC, etc.
• Experience with Installation and configuration ofCyberArkVault, CPM,CyberArkPVWA, AIM, OPMCyberArkPSM and PSM SSH proxy Architecture and design.
• Strong understanding of Security Incident and Event Management Solutions (SIEM) in order to implement, analyze and modify the existing SIEM solution. Good Expertise on SIEM products like IBMQRadar, Splunk, ArcSight, etc.
• Good experience working security management tool McAfee ePolicy Orchestrator (ePO) console and deploying the McAfee agents on the client side.
• Thorough understanding of OWASP Top 10 Vulnerabilities, CWE/SANS Top 25 and CIS Critical Security Controls.
• Experience in Cyber-Ark Implementation and Installation on Cyber Ark 7.0 and latest Implementation onCyberArk8.1.0. AndCyberArk9.6.
• Supported the operation of the Microsoft Active Directory (AD) 2003/2008 R2 cluster environment.
• Provided systems administration and specialized autantication support to enterprise users.
• Reviewed the security architecture of the organization to find gaps that impact the enterprise. Provided comprehensive solutions to enhance the security architecture. Expertise in Gathering and analyzing metrics, key risk indicators and maintain scorecards defined within the area of information security to ensure our information security program is performing TEMPeffectively and efficiently.
• Coordinated withCyberArksupport teams for escalation and resolution of issues in Prod & DR and Configured Event notification engine (ENE) withCyberArk.
• Investigate potential or actualsecurityviolations or incidents in an effort to identify issues and areas that require newsecuritymeasures or policy changes. Conduct proof of concepts for emerging threats and present to management staff recommendations and designs.
• Expertise in risk assessment and planning the treatment.
• Creates platforms according to FDIC security policy in order to manage all accounts inCyberArk
• Experience working in Agile and DevOps Environment. Hands on skills includes end-to-end security management (security aspects in all stages of product development) and end-to-end product development (from functional design of the system to testing and deployment).
• Hands on experience with System Administration (Installing Windows and Linux Servers, DHCP, Active Directory, DNS, Group Policies). Research new developments in ITsecurityin order to recommend, develop and implement newsecuritypolicies, standards, procedures and operating doctrines across a major global enterprise.
• Preparing RFI/RFPs for various projects; Negotiation Management and requirement gatherings for RFQs through Vendors and Stakeholders.
• Experience with IT audit processes and disciplines including third party risk management.
• Conducted Vulnerability Assessment using Qualys, Nessus and Nexpose tools to evaluate attack vectors, identify system vulnerabilities and develop remediation plans and security procedures. Addressing those Vulnerability using HP Fortify and efficient Patch Management.
• Expertise on Cryptography and encryption skills.
• Good hands on experience into Incident Response Management.
• Expertise on tools such asNessus, APPSCAN, NMAP, acunetix web vulnerability scanner, Assessing Vulnerabilities and performing patching, Assist in penetration testing to secure organization’s data.
• Performed Patch Management for system and security updates to all Network related devices and Server Operating Systems using SCCM; remotely upgraded OS, Antivirus, Software’s and patches. Had experience into McAfee DLP appliances patching and upgrades.
• Strong knowledge and experience inSymantec DLPworkflow & architecture. Good Experience into Handling DLP False positive tickets.
• Managing End Point Encryption and Infrastructure using MacAfee EPO.
• Transition and Integration of various types of devices with ArcSight ESM, ArcSight Express and Logger andQRadar.
• Assisted with planning and execution of domain integration, user account, and e-mail migration during M&A.
• Define, establish and managesecurityrisk metrics and track TEMPeffectiveness.
• Coordinate with third parties to perform penetration tests and createsecurity authorization agreements and standards.
• Good Experience into Online Malware and Phishing investigation tools.
• Conduct routine social engineering tests and clean-desk audits.
• Having knowledge on FireEye (Adding YARA rules and pushing YARA rules from the CM).

TECHNICAL SKILLS

DLP: Websense, Symantec & McAfee

Endpoint Security: McAfee Suits (VSE, HIPS & HDLP), McAfee MOVE AV, Symantec SEP.

IPS/IDS: McAfee IPS, SecureWorks IDS/IPS, SNORT

SIEM: Splunk security manager, IBM QRadar, LogRhythm

MSS: Vulnerability Assessment, Content Filter, Antispam, IDS/IPS Management

Vulnerability Management Tools: Nessus, Nmap, Nexpose, Wireshark, Fortify

Security Tools: Splunk, McAfee Vulnerability management solutions, McAfee MOVE, Nessus, Solarwinds, LogRhythm

Platforms/Applications: Continuous MonitoringVulnerabilityManagement, Web Application Scanning, Threat Protect, Policy Compliance, Cloud Agents, AssetManagement, Governance, RiskManagementand Compliance, Solarwinds, Nexpose, Rapid7EventManagement RSA Archer, Blue Coat Proxy, Splunk, NTT Security, LogRhythm

Security Software: McAfee ePolicy Orchestrator (ePO), Etheiral, NMap, Metasploit, Snort, RSA Autantication

Administration: Active Directory, Windows Server 2008.

Networking: LAN, WAN, Wi-Fi, DNS, WINS, DHCP, TCP/IP, ISCSI, Firewalls/IPS/IDS

Routing: OSPF, EIGRP, BGP, RIP-2, PBR, Route Filtering, Redistribution, Summarization, Static Routing

Switching: VLAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switching, Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging

Protocols: TCP/IP, L2TP, PPTP, IPSEC, IKE, SSL, SSH, UDP, DHCP, DNS

Operating System: Windows, Linux, Unix

Security Intelligence: WhiteHat Web Security, iDefence, NTT Security, LogRhythm

Switches: Cisco Catalyst VSS 1440 / 6513 / 6509 / 4900 / 3750-X / 2960

Routers: Cisco Routers ASR 1002 / 7606 / 7304 / 7206 / 3945 / 2951 / 2600

PROFESSIONAL EXPERIENCE

Confidential, North Brunswick, NJ

Sr. Network Security Analyst

Responsibilities:

• Involved in Security Operation, Vulnerability and Risk Assessment, alerting report generation and analysis with various security tools (Splunk, McAfee EPO, Symantec DLP, Imperva, Sourcefire (IDS/IPS), FireEye. Bluecoat Proxy, etc.
• Evaluate enterprise risks, document processes and systems in flowchart and narrative form, and design audit programs.
• Administration of Splunk (SIEM), ARCOS (Privilege Identity Management), DLP (Symantec), Symantec SEP Imperva WAF tools.
• Responsible for Privileged Account Management with CyberArk PIM suite Administration with a good understanding of the underlying business processes.
• Designed core scripts to automateSplunkMaintenance and alerting tasks.
• Design and implementvulnerabilitymanagementprogram.
• Vulnerability Management: Configured Qualys Guard Tool for Vulnerability Analysis of Devices and Applications. Monitored them constantly through the dashboard by running the reports all the time.
• Active Directory Hardening - Application ID’s located and on-boarded intoCyberArkpassword vaults
• Dell Active Roll Server - Identity and Access management
• Network installation and troubleshooting DMZ and internal networks ofCyberArkand Network
• Scanned the entire devices using the cloud agents whenever needed for employees working from home and provided the solutions to fix the vulnerabilities.
• Implemented comprehensive Governance, Risk and Compliance Software policy using RSAM software. Assisted in compiling and migration to Cloud based Electronic Health Recording (EHR) system. Assisted in implementing risk detection and mitigation measures.
• Real time threat management using Splunk,Sourcefire IDS/IPSand Unified Threat Management.
• Managed Cyber Security threats through prevention, detection, response, escalation and reporting in effort to protect Enterprise IT Assets through Computer Security Incident Response Team (CSIRT).
• Architecture Develop - Active Directory - CyberArk - Beyond Trust - Active Roll Server – Implementation plan.
• CyberArkPassword Vault completed built / upgrade ofCyberArkversion 9.9 PAM - PSM – PVWA – 2 Datacenters.
• Implemented endpoint firewall and network traffic blocking product McAfee HIPS (Host Intrusion Prevention System) restricted the traffic.
• Managing all client systems from Endpoint Security (ENS) perspective using McAfee EPO tool which includes managing Agent, VSE, pushing client tasks, managing ODS & OAS scans.
• Preparing RFI/RFPs for various projects; Gathering requirements for RFQs through Vendors and Stakeholders.
• Creating Change impact report and CC docs for approval before implementing a change.
• Hands-on experience with security devices like Firewall,IPS/IDS, Routers, Web Proxy, UTM and Endpoint solutions of all major vendors.
• CyberArksystem failovers between datacenters resolving day to day credential files fix and troubleshooting
• Strong knowledge and experience inSymantecDLPworkflow & architecture.
• DLP Profile deployment report for detecting servers and Update DLP policies – Incident Analysis.
• Check purging is done properly as per the schedule to make free space.
• Disaster recovery practice experience.
• Handling Symantec Encryption Desktop related tickets or issues.
• Create Security Test Labs including Honeypots and Virtual Machines to catch malicious hacker IP’s, domains.

Confidential, Universal City, CA

Network Analyst

Responsibilities:

• Identified vulnerabilities, recommend corrective measures and ensure the adequacy of existing informationsecuritycontrols.
• Identifying security attacks using IBM QRadar SIEM and proposing remediation or preventive actions after analysis.
• Primary responsibilities include Installation and configuration of Vault, Vault Client, Active CPM, Network load balancedCyberArkPVWA, ClusteredCyberArkPSM and PSM SSH proxy Architecture and design.
• Worked in an Agile and DevOps Environment, Performed Privacy GAP Assessments and risk mitigation for a HIPAA requirement with an end client.
• Assist in troubleshooting of errors with the Anti-Virus products, HIPS, Encryption, andSymantec DLP and also Symantec SEPM.
• Expertise in IBMQRadarSIEM Management of all components - Upgraded Tool to latest version, multiple device Integration, Creating Correlation Rules and Dashboards.
• Skilled using Appscan, Acunetix Automatic Scanner, Qualys guard,Nessus, NMAP for penetration tests and Application and infrastructure testing.
• Monitoring Critical assets likeIBMQRadar, PIM, DLP, and DAM analyzing them.
• Managed Endpoint Encryption with A Single Console.
• CyberArkwork with application owners to educate train about privilege ID use make sure all critical ids are safe.
• CyberArkprocess of opening ticket and or change control prior to changing any privilege password notify application owner.
• Upgrading the new version of SIEM based on the client need.
• Managing all client systems from McAfee Endpoint Security (ENS) perspective using EPO tool which includes managing Agent, VSE, pushing client tasks, managing ODS & OAS scans
• Analyzedsecurityincidents/vulnerabilities and presented a quarterly report to the CIO.
• Monitoring DLP from SIEM Perspective.
• CyberArkwork with Management and Identity and Access management teams to document Safe owners in SharePoint
• Monitoring Web Gateway and Email Gateway, assisted with planning and execution of domain integration, user account and e-mail migration during M&A.
• Responsible for conducting structured security certification and accreditation (C&A) activities utilizing the Risk Management Framework and in compliance with the Federal Information Security Modernization Act (FISMA) requirements.
• Gained hands on experience with Risk assessment process and compliance (PSIRT, ISO/IEC 27001/2, NIST SP 800-37, SOC 2, NIST SP 800-53, PCI, HIPAA etc.).

Confidential

Jr. Network Analyst

Responsibilities:

• Assisted in client network maintenance, TEMPeffectively performed troubleshooting end-to-end between two sites and TEMPeffectively managed network migration.
• Supervised initial network installation using CISCO networking devices.
• Installation and configuration of a new Microsoft Windows Server 2008 (DHCP, Active Directory, DNS, Group Policies).
• Assisted in and perform the day-day activities related to CyberArk including the development, testing and roll-out phase activities of the implementation.
• Designed and implemented security policies using ACL and IP Tables; configured Cisco Routers (2500 to 7200) using OSPF, EIGRP, etc.
• Installation of new computers and laptops with their proper software configuration and everything necessary for the user.
• Configuration of major features like LAN IP Configuration and DHCP Server Configuration, Live IP configuration, Services, Port forwarding and Rules, Firewall and analyzing Diagnostics and Logs.
• Set-up Virtual Private Networks with appropriate user access control as per security policies and roles.
• Racking (LAN/WAN/WLAN/MPLS/VoIP/VPN/Network Security) for multiple offices and colocation data centers.
• Preparing RFI/RFPs for various projects; Negotiation Management and requirement gatherings for RFQs through Vendors and Stakeholders.
• Ensured smooth transition for all the Security Applications, Preparing Team Metrics report and weekly/monthly Project status report presenting to the Customer.