TECHNICAL SKILLS

Databases: SQL Server, MYSQL, DB2, & Oracle

Protocols/Services: TCP/IP, DHCP, DNS, WINS, MPLS, NNTP, POP3, TELNET, IPSec, IKE, AH, ESP, SMTP, RIP, OSPF, BGP, MPLS, IPSEC, FTP, HTTP, XMPP and HTTPS

Programming languages: C, C++, C#, ASSEMBLY, ASP, .Net, HTML, Visual Basic, Java and Perl Script.

Platforms: Cisco PIX, ASA, FWSM Firewall, Cisco Routers and Switches, Check Point Firewall and Fortinet Fortigate Firewall, Juniper Netscreen, Juniper SSG, ISG Firewall, Windows XP Professional, Windows NT Enterprise Server, Windows 2000, Windows Server 2003 and 2008, Exchange Server, IIS, Apache, Unix, Oracle, Weblogic, Novel and Linux.

PROFESSIONAL EXPERIENCE

Confidential

Senior Security Engineer/Analyst

Responsibilities:

• Deployed, implemented, configured and managed Cisco FWSM and ASA Firewalls, Cisco VPN IPSEC, Cisco IDS/IPS, Cisco Wireless Controllers/APs and Cisco Meraki Cloud Wireless Security on high volume critical production environment.
• Conducted and performed security review and testing of Cisco ASA, Cisco FWSM Firewalls, Cisco Routers, Cisco WLANs Controllers/APs and Cisco Meraki Cloud WLANs based on SOX, ISO 27001 and PCI DSS compliance standard.
• Configured and performed automation, sanity and manual testing of Cisco Devices and Web Security Appliance and for security vulnerabilities and attacks mitigation.
• Developed, deployed, tested and implemented UI for distributed, multi - tier enterprise applications.
• Developed, deployed and tested web client technologies: HTML5, CSS, JavaScript and JQuery.
• Configured and managed OSPF, BGP, HSRP, VRRP and ARP security vulnerabilities defense and mitigation.
• Deployed, configured and implemented Imperva SecureSphere WAF and DAM, WebInspect, Appscan, OWASP for Web-based application vulnerability analysis and Code reviews.
• Conducted and Performed Vulnerability Assessment and Penetration Test on the perimeter network, systems and applications based on SOX, ISO 27001 and PCI DSS Compliance Standard.
• Deployed and implemented Wireshark, HPING, Retina Iris, Nessus, NMAP, Netflow, Firewall Analyzer and solarwind for security event monitoring, packet and traffic analysis.
• Reviewed and analyzed application codes for Cross-Site Scripting, SQL Injection, parameter manipulation and brute-force attacks.
• Worked and coordinated Network, Systems and Application security vulnerability activities with developers and engineers both in the US and India to analyze software and application codes for security threat and risk.
• Worked and coordinated security vulnerability activities with Cisco Security Incident Management Team on latest and emerging security vulnerabilities.

Confidential

Security Engineer/Analyst

Responsibilities:

• Lead team of four engineers to deploy, configure, manage and implement Juniper Firewalls and Checkpoint Firewalls/VPNs (LAN-LAN IPSEC VPN) and Cisco IDS/IPS on high volume critical production environment.
• Managed and implemented best practice firewall rules for Security Policy and Regulatory Compliance Standard. And worked with Network Engineers on VLAN (Switch), Router (Routing Protocols) and Firewall (rules and policies) security.
• Deployed and implemented WebInspect, Appscan, OWASP for Web-based application vulnerability analysis and Code reviews.
• Configured, managed and implemented Aruba Wireless Controller, APs and Juniper SBR Radius Authentication for Wireless Security management.
• Conducted and Performed Vulnerability Assessment and Penetration Test on the perimeter network, systems and applications based on SOX, ISO 27001 and PCI DSS Compliance Standard.
• Configured, secured, managed and updated AirWave with walls, pillars, windows, and other obstacles to wireless transmissions. Input existing Access Points into Airwave and place in correct locations on imported floor plans and identified locations requiring additional APs to ensure wireless density standards are met.
• Developed, deployed and implemented Business Continuity and Incident Response Management Plan, and leveraged MS/SIM Method to validate compliance with business, legal, and regulatory security requirements.
• Designed, recommended and built solutions and mitigation to address issues and mitigate exposure.
• Protected and defended against Web and Internet applications security vulnerabilities including cross-site scripting and SQL injection.
• Actively investigated latest security vulnerabilities, advisories, incidents, and network protection techniques.
• Trained systems administrators, network engineers and Infosec personnel to solve and troubleshoot security and network issues more efficiently.
• Deployed and configured ISS Vulnerability Scanner, WebInspect and SMS Server for vulnerability management.
• Configured, managed, monitored and analyzed IDS/IPS Signatures Attacks, Firewall logs, Systems, Applications and Security Event Logs for comprehensive security monitoring.

Confidential

Network Security Engineer/Analyst

Responsibilities:

• Lead team of six engineers to deploy, configure, manage and implement Juniper Firewalls, Checkpoint Firewalls/VPNs and Cisco Router/Switches, this included Cisco ASA 5500 series Firewalls, Cisco Routers, Cisco VPN Concentrators (LAN-LAN IPSEC VPN) and Cisco IDS/IPS on high volume critical production environment.
• Deployed, implemented and managed Web Application Firewall to block intrusion attempts before they interact with back-end web application.
• Designed, recommended and built solutions and mitigation to address security issues and mitigate systems exposure.
• Stayed informed about industry best practices, researched new and developing security attack methods, and presented insights regularly to managers and development teams.
• Performed malicious code control analysis and security compliance testing and responses.
• Deployed and configured ISS Vulnerability Scanner, WebInspect, Wikto, Microsoft ISA/SMS Server, TripWire and BindView for vulnerability and security management.
• Performed information security assessments and audits of internal networks/systems to meet SOX with ISO 17799 Security Audit and Regulatory Compliance Standard.
• Configured, managed, monitored and analyzed IDS/IPS Signatures Attacks, Firewalls log, Systems, Applications and Security Event Log for comprehensive security monitoring and vulnerability management.

Confidential

Network Security Engineer/Analyst

Responsibilities:

• Provided technical leadership for the design, deployment, configuration and operation of security management software and hardware devices: Anti-Virus Defense (Mac Afee Epolicy Orchestrator), IDS/IPS (Cisco, ISS Real Secure, Snort, Nessus), Firewalls and VPNs Technology (Cisco and Checkpoint), Network and Vulnerability Scanner.
• Deployed, Configured and managed Cisco Firewall, Routers and Switches in a high volume production environment.
• Pro-actively protected the integrity, confidentiality and availability of Freddie Mac data and assets with Single Sign-on, Tripwire for Servers, IPSec, VPN, DMZ and IDS/IPS monitoring and analyses.
• Assisted with developing, deploying, managing and enforcing of the Network/Systems Security Policy, Standard, Procedure and Disaster Recovery and Business Continuity Plans.
• Performed information security assessments and audits of internal networks/systems to meet SAS 70 Security Audit and Compliance Standard conducted by Deloitte & Touche.
• Deployed, managed, configured and implemented Login, AD, GPO, Users, Groups, Domain, LDAP, Components and Software Application Accounts.
• Secured and hardened Windows NT, 2000x and Unix Servers in a high transaction production environment.
• Worked with other engineers to develop, deploy and implement Business Continuity and Incident Response Management Plan, and leveraged MS/SIM Method to validate compliance with business, legal, and regulatory security requirements.
• Deployed and configured ISS Vulnerability Scanner, Nessus, Languard and WebInspect for vulnerability and security management.

Confidential

Network Security Engineer/Analyst

Responsibilities:

• Conducted vulnerability assessment of all computer systems, networks, software application and databases in order to ensure maximum security of data. And recommended proper security solution for known vulnerabilities.
• Trained various personnel and tech support to troubleshoot network and security issues more efficiently with minimum downtime thereby maximizing productivity and providing highly available network most of the time to the end user as well as to the Top Tier customers such as Bank of America, Citi Bank, Chase, Lending Tree and Freddie Mac.
• Pro-actively protected the integrity, confidentiality and availability of data and assets with Check Point Firewall, Tripwire for Servers, IPSec, VPN, DMZ and IDS/IPS monitoring and analyses.
• Secured and hardened Windows servers and workstations in a high transaction production environment by working with Microsoft Windows Security Developer.
• Attended security trainings and seminars at Microsoft (Microsoft Security Clinic and MS SDLA.

Confidential

Network/Internet Engineer

Responsibilities:

• As a Network and Internet Engineer, I deployed, configured, managed and implemented secured web codes and Internet software applications on a high transaction production environment.
• Managed, maintained and secured critical production data on the Internet from intrusions, worms and virus attacks.
• Configured and managed web servers and sites on a critical production environment.
• Configured and managed Web Application Firewall to prevent Internet attacks and intrusion.
• Tested and certified web applications and sites with Quality Assurance Engineers.
• Monitored web applications and sites for security, downtime, performance and availability.
• Troubleshot custom web applications written for Apache and IIS using application and operating system logs and other technique.
• Monitored and reviewed logs of computer systems and network activities for possible unauthorized intrusion and Worms/Virus, and troubleshot/tested web applications with QA Engineers.