SUMMARY

• Security Analyst with experience in Information Technology specializing in Security Operation Center (SOC), Network Operation Center (NOC), Vulnerability Assessments, Penetration Testing, Data Loss Prevention, and Malware Analysis. Experienced in managing and protecting enterprise information systems, network system and operational processes through Information Assurance.
• Managing enterprise level security applications like McAfee ePO, VirusScan Enterprise, Symantec DLP (Data loss prevention), McAfee VM (Vulnerability Management), FireEye wMPS (Web Malware protection systems), eMps (Email Malware Protection system), HX (Endpoint Protection system) & AX (Live Malware Analysis), SIEM (ArcSight and Splunk) and monitoring application like Netcool, SCCR. Working knowledge on Cisco NIDS application.
• Performing the initial configuration and deploying the FireEye appliance into production having experience on NX, EX, HX, CMS and AX.
• Managed company’s enterprise email server with all the requirements related to software and Hardware.
• Operating and maintaining information security systems to protect data from unauthorized users.
• Ensuring the secure operation of the organization's computer systems, servers, and network connections and conducting both network and user activity audits.
• Addressing the known Bugs on FireEye products by coordinating with FireEye support and notifying the stakeholders.
• Efficiently worked with the Tanium support tool in incident response.
• Experience in dealing with government security compliance like HIPAA and NIST.
• Determining security needs, developing and implementing solutions, and creating and enforcing security policies.
• Assiting the Engineering team in planning the upgrade activities for FireEye appliances, participating in the change management process to upgrade the appliances globally.
• Process Flow by backing up ePO Policies, ePO Tasks, ePO Database and ePO Application.
• Comparing the Old Compliance Reports & with the New Compliance reports and checking the Compliance Posture
• Involved in Non - Compliant Systems Remediation Process
• Familiarity with IDS/IPS, firewalls, SIEM, network and system vulnerability scanning.
• Providing Enterprise level support for FireEye HX Endpoint protection appliance.
• Managing McAfee Virus Scan and HIPS through EPO for the entire client environment
• Ensuring all the McAfee Security Products (McAfee Agents/McAfee VSE/McAfee HIPS) are installed in user's machines with the latest patches and also the DAT Files and Engines are up to date.
• Escalate and follow up the issue with McAfee support for product related issue also monitoring alerts for McAfee EPO Server
• Conducting Incident Response actions and promoting effective IR Procedures.
• Creating and monitoring scheduled server tasks and ensuring the successful completion.
• Generating the weekly, monthly and custom report as per the client requirement.

TECHNICAL SKILLS

Systems & Programming: Windows Server Domains, VMWare, Virtual Center, Email Exchange Server, Storage & Backups, Monitoring (Solarwinds) Orion, Web Server, Apache, Databases (SQL, MySQL), Python, bash scripting.

Network: LAN/WAN, TCP/IP, Cisco ASA, VPN Tunnels, L2/Remote Access, VLANs, Access-Lists, Cisco 3750X/45000/4506E, Cisco Wireless Controllers, BlueCoat Proxy, Cisco Call Manager, Express, and Unity.

Security: DDoS Abor Peakflow, Enterprise Email Security, RSA Security Analytics, Q1 Radar, Splunk (SIEM), Fidelis XPS, McAfee, IDS/IPS, RSA/Symantec (DLP), FireEye (Malware Protection, Endpoint HX, Web MPS), Bit9, McAfee ePO, Sophos, TippingPoint (IPS), NIST and HIPAA Compliance, Cisco IronPort, Web Gateway, Fidelis XPS, RSA Archer GRC, RSA TokenID, eCat, ServiceNow, CyberArk, Tanium, QualysGuard, Palo Alto Firewalls, Solarwinds, NetQoS.

PROFESSIONAL EXPERIENCE

Confidential, Bronx, NewYork

Information Security Engineeer

Responsibilities:

• Responsible for implementing and maintaining the IT Infrastructure (design, development, installation, and support on different environments like windows/VMware environments etc.
• Implements information security policies and procedures for the organization
• Implement, Managing, configuring & administering windows 2008/2003 Windows servers across various data centres.
• Provide end to end support for incidents, problems & Changes in designated areas of expertise.
• Supporting environments are Development, test and Production if require any change in this environment we have to follow the change management process.
• End to end ticket managements. Successfully analyzing system logs and identifying potential issues with computer systems.
• Working security solutions like Symantec DLP, Uniken (Secure Data Transfer), DLP (Symantec).
• Provided accredidation support for a new Tanium installation on network.
• Identify deficiencies and modify IDS rules to reduce the likelihood of false positives.
• Support implementation and maintenance of Intrusion Prevention Appliance (IPS).
• Symantec Endpoint Protection assessment and upgrade to version 14. Scope included approximately 200 servers and 500 desktops spread out across a worldwide enterprise environment. Performed a Gap Analysis.
• Developed a sustainable program for ongoing NIST compliance using the 800-53 series of security and privacy controls in a diverse and heterogeneous environment.
• Managing enterprise level security applications like McAfee ePO, VirusScan Enterprise, Symantec DLP (Data loss prevention), McAfee VM (Vulnerability Management), FireEye wMPS (Web Malware protection systems), eMps (Email Malware Protection system), HX (Endpoint Protection system) & AX (Live Malware Analysis), SIEM (ArcSight and Splunk) and monitoring application like Netcool, SCCR. Working knowledge on Cisco NIDS application
• Expertise level work experience and knowledge on FireEye HX Endpoint and McAfee Endpoint protection systems.
• Involving the upgrade and optimization of Symantec 12.x Endpoint Anti-Virus Protection. Scope included approximately 2, 500 Servers, and 4, 000 physical/virtual desktops spread out across a worldwide enterprise environment.
• Engineering level working and investigating the FireEye HX issues and troubleshooting the issues to fix the PROD issues.
• Approximately 65 physical Servers. Utilized Symantec's Netbackup v 12.x. Configured offsite datacenter replication.
• Performed periodic DR testing and provided technical support.
• Maintenance and upgrading the activities like version upgrade, guest image upgrades, baseling the global configuration for FireEye products.
• Representing the Change Management board meeting for the changes raised in regard to the FireEye, McAfee applications.
• Involved in daily operations of investigating threats discovered through SIEM.

Confidential, SanJose CA

Symantec-FireEye-DLP-SecurityEngineer

Responsibilities:

• Symantec'sDataLossPrevention suite is a comprehensive, content-aware solution that discovers monitors, and protects confidentialdatawherever it is stored or used across network, storage and endpoint systems.
• Responsible for troubleshooting issues, configuring new rules, and also assisting with any technical design issues that arise during this time.
• Raising Change Request mentioning all the required details like downtime required, details of the server, reason for upgrade etc.
• Detected and classified impostor email through a combination of authentication (DMARC), pre-defined rules, and dynamic classification using proofpoint enterprise email.
• Created custom rules support global, group and user-level controls to meet the needs of even the most complex enterprise. Individual quarantine.
• Responsible for the deployment and associated tasks for the implementation of the Tanium Endpoint Security and Systems Management product.
• Performed log analysis for ArcSight content filter request .
• Getting approval from the CAB for the change request after validation.
• Taking the backup of the ePO Server Snapshot & also all the critical folders related to ePO.
• Using Tanium and other automation tools we were able to significantly reduce response time and man hours spent on network vulnerability.
• Reviewed encryption logs and DLP logs to regulate use base technological risk violations
• Leading the remediation activities by providing support to Operation team and assisting in remediation activities surrounding clients with proper McAfee client installations.
• Upgrading the exisiting FireEye series appliance with the next level series appliance like FireEye NX from 7000 & 7300 series to 9450 & 10450 series.
• Upgrading FireEye EX from 8300 to 8420 series appliances performing the initial configuration and following the ITIL process.
• Support implementation and maintenance of Intrusion Prevention Appliance (IPS) and Intrusion Detection Systems.
• Deployed 35K agents to FireEye HX as a fresh configuration to provide SOC forensic analysis capablities.
• Managing and troubleshooting the issues at the safe boot server end.
• Expertise level work experience and knowledge on FireEye HX Endpoint and McAfee Endpoint protection systems.
• Engineering level working and investigating the FireEye HX issues and troubleshooting the issues to fix the PROD issues.
• Giving a Manual DAT Update & Wake-Up-Agent Call for the machines which are having previous order DAT
• Involved in Security &Compliance Team to ensure Security & Compliance is met or strictly followed within the Organization as per the Industry Standards
• Maintenance and upgrading the activities like version upgrade, guest image upgrades, baseline the global configuration for FireEye products.

Confidential

Associate Support Engineer

Responsibilities:

• Remote management tools like Remote Desktop, NetMeeting, and Dame Ware.
• Install/Maintain Win 98, Win XP, server, Update virus patches. Installation of Linux (Basic knowledge), Knowledge of DHCP & DNS.
• TCP/IP utilities, Hardware, Software, Cabling, Ports, IP Addresses.
• Troubleshooting Network problems in LAN / WAN and Hardware failure.
• Network Assessment and Documentation (including technical & operational).
• Asset and Inventory management.
• Provided Support for all types of hardware and software to various Clients under Annual
• Maintenance Contracts taken by company. Troubleshooting their Desktops, Laptops, Servers and Network related problem.
• Guided clients to solve their technical queries over phone or email or through remote support or personally visiting to clients places.
• Initiated Installing and configuring new hardware and software to fulfill client's requirements.
• Set up new networks (Domain, Workgroup), troubleshoot the network problems,
• Broadband connection, sharing internet connection through broadband router, Proxy servers,, antivirus server Symantec Corporate
• Maintained Multiple Server status records and troubleshoots errors and performing application, patch and update releases on servers and client, machines Having XP as required.
• Maintained Wireless Network with Troubleshooting and setup and security.
• Troubleshooting the Applications and users reported problems, connectivity Issues.
• Monitored servers for CPU utilization, free space, Errors, Logs.
• Maintained Internet Connections (Broadband and Lease Lines) and checking latency and speed.