We provide IT Staff Augmentation Services!

Sr. Security Consultant Resume

4.00/5 (Submit Your Rating)

San, JosE

EXPERIENCE SUMMARY:

16+ years of experience in enhancing value of enterprise IT through business alignment, technology transformation and optimization of current and new solutions. An experienced, highly technical security professional with advanced knowledge of security principals, strong communication skills and a veteran of implementing diverse security solutions, design, engineering and maintaining resilient security architecture.

TECHNOLOGIES:

Security Tools: Qualys, Tripwire, Allgress, Skybox, SEP, RSA enVision, Sourcefire, Websense, Cloud Security, GRC, Confidential Endpoint Encryption (SEE), SSIM, Loglogic, Confidential Core Systems Protection (SCSP), Redseal, Nessus, NMap, Metasploit, Realsecure, Juniper SA, McAfee Web Gateways 7.0 resident w/ WCCP, Palo Alto Networks Firewalls, Imperva WAF’s, Qualys, Metasploit, Tufin.

Application Security: Secure SDLC design, Attack surface reduction, Threat modeling, Secure coding, Cryptography, Security testing, Risk assessment, Vulnerability assessment, Pen Testing, Threat mitigations, Static analysis, Dynamic analysis, Fuzz testing, Incidence Response

Compliance: PCI, HIPPA, MARS - E ISO27001, SOX

Networking:

Routers: Cisco, Foundry, FastIron, Juniper, EIGRP, OSPF, BGP.

Firewall/VPN: ASA, Checkpoint NG, Netscreen, PIX, CiscoConcentrator, SonicWall, PaloAlto, JuniperSSG and SRX on NSM and Fortinet.

Load Balancers: Cisco LD, BIG-IP F5, Foundry ServerIronGT, Foundry ServerIron SA.

Switches: Cisco Catalyst, Workgroup, Layer3 Feature Cards, trunk, and channel and fiber connectivity, Foundry.

Wlan: Cisco Aeronet and Dell’s TrueMobile, Cisco WLC and AP’s.

WAN Optimization: Riverbed Steelhead

Monitoring Tools: Iperf, netperf, WireShark, Nagios, Splunk, MRTG, Caching Services, Keynote, Op-Manager.

OS’s: Windows 2000/2003/2007/2008/2011/2012 AD/Cluster, Solaris 2.6/2.8, Red Hat 6.2/8.0/9.0, Cisco IOS, PIX OS, AIX-4.3, Checkpoint NG, VMWare - ESX Servers, ScreenOS, JunOS.

Hardware Platforms: Ultra10, Ultra60, E4500 & E450 w/ D1000 Array, COMPAQ-Proliant, ML480R and DL360 Servers, DELL-Power Edge, Gateway-ALR9200 and HP Net Server, Sun V 20z/40/240.

Software’s: Adventnet, Solarwinds Orion, Big Bother, Webtrends, What’s UP Gold, Proactivenet, VERITAS, Site Seer, Cisco Works, Sniffer Technologies and eTrust, Lotus Notes with DOMINO, Mdaemon, Exchange.

Databases: MS-Sql, Oracle.

PROFESSIONAL EXPERIENCE:

Sr. Security Consultant

Confidential, San Jose

Responsibilities:

  • Design, build and support PAN and Imperva Web Application firewalls architecture to secure Virtual Private Cloud (VPC) (in AWS) for IT Public Cloud Services at Confidential .
  • Build a strong relationship with cross-functional internal organizations including Information Security, Compliance, Data Privacy and Product Security.
  • Actively seek vulnerabilities in a constantly changing landscape of threats. Identify and remediate vulnerabilities.
  • Perform audits of prod and non-prod environments
  • Design and build solutions to security challenges, Provide security expertise on new projects and technologies, Proactively find and fix security problems, Work on company security projects, Assess and implement vendor security solutions that support our mission, Perform security assessments, Recognizes successful intrusions and compromises through review and analysis of relevant event detail information, Alerts on potential intrusions and compromises to network infrastructure and provide IR, Contributes to the monitoring of the security system, Conduct Vulnerability Assessment, Continuous Compliance and Reporting.

Technologies: Secure SDLC design, Threat modeling, Secure coding, Cryptography, IDS/IPS, SEIM, File Integrity and Change Monitoring, Vulnerability Assessment, Web Application Security, Web filtering and DLP, GRC, Threat Analytics, Threat Modelling, Security Framework and Roadmap, Gap Analysis, Risk Assessment, Compliance (PCI, SOX, HIPPA, Mars-E), WAF, DDOS, Cloud Security, Pen Testing, Python Scripting, Forensics, Log Management, Endpoint Protection, Incident Response.

Sr. Security Consultant

Confidential, Cupertino

Responsibilities:

  • Review, analyze and report on regular security controls.
  • Automate regular control tasks where feasible.
  • Develop project plans; manage project tasks to improve network and information security.
  • Ensure compliance and provide evidence as required for regulatory audits (SOX, PCI, ISO).
  • Identify current operational process inefficiencies and provide recommendations for improvement.
  • Architect and Build Data Center Security Infrastructure: Design and Deployed HA Checkpoint 560 IPSO flash based appliances and SPLAT systems running R70.30, HA F5 LTM v.10.2 on 1600 appliances, HA F5 Firepass v.7.0 on 4300 VPN devices, HA F5 GTM v.10.2 BIG-IP and HA Cisco 5585 firewall/VPN device.
  • Support NetApp Global Security Infrastructure:
  • Responsible for implementation, support and management of NetApp Worldwide Security Infrastructure of 65+ HA Juniper SSG VPN/FW appliances Models 208, 550M, 2000 and 5400 managed through CLI and NSM, Clustered Juniper SA appliances and Cisco ASA device for SSL VPN, McAfee IDP with 18+ HA Sensor pairs Models M-6050, 4050, 1450 managed through NSM’s and 12+ McAfee Web Gateway 7.0 resident appliances in HA Clustered environment.

Network Security Consultant

Confidential, Palo Alto, CA

Responsibilities:

  • Support Varian Global Security Infrastructure
  • Responsible for support of Varian Worldwide Security Infrastructure.
  • Conduct Vulnerability and Pen testing using Nessus and Metasploit, Management of 40+ Juniper SSG and SRX appliances through NSM, Monitoring and Alerting using Orion.

Infrastructure Security Engineer

Confidential, Reston, VA

Responsibilities:

  • Responsible for providing tier 3-4 support of Firewall, VPN, and Vulnerability Scans - Nessus and Web content filtering security solutions.
  • Support of firewall technologies includes Pix, ASA, Fortinet, and Netscreen firewalls.
  • Administration, troubleshooting and engineering of solutions done daily in support of customer contracts.

Network Security Consultant

Confidential, Mountain View, CA.

Responsibilities:

  • Support Confidential Network and Security Infrastructure including Data Center Operations.

Technologies: Cisco (Routers, Switches, Firewalls (ASA, PIX, FWSM), ACS(Radius/TACACS)), BGP4, OSPF, VRRP,IPSec/AnyConnect/Clientless VPN, Nessus, OpenNMS, Catci, MARS, Solarwinds Orion, Splunk, IDS (ISS Realsecure), Tripwire, Confidential SEP, Vulnerability Assessment (Qualys Guard), SEIM - RSA envision and VeriSign Token Authentication.

Principal Solutions Specialist

Confidential, Cupertino, CA

Responsibilities:

  • Architect and deployed Confidential Security Information Manager - Environment: 26 Firewalls, 3 ISS NIPS, 3 Cisco ACS, Cisco Routers and Switches, 40+ Web servers, SEP, SAV, 30+ Windows 2K3 and 2K8 DC’s and 17000+ Windows clients in a geographically spread complex multi-platform IT environment.
  • Architect and deployed Confidential Security Information Manager - Environment: 4 HA Firewalls, IPS, Cisco VPN Concentrators, Cisco Routers and Switches Vulnerability Scanners, SEP, 60+ Windows 2K3 AD Servers, 500+ Windows clients and multiple Linux servers in a geographically spread complex multi-platform IT environment .
  • SEP deployment in a multiplatform complex high data volume IT environment with over 3000+ remote offices consisting of over 4000+ Servers and 31000+ Workstations and Desktops.
  • Assess existing technology toolsets/capabilities.
  • Define what is needed to address internal threat vectors.
  • Security Gap Analysis:Define the current security posture of the seven areas and provide the recommended next steps in order to improve the security status.
  • Develop a Security Capability Maturity Model with scoring level classification and definition of each level, the methodology to assess the security status, and the CMM graphical representation.

Sr. Network Security Consultant

Confidential, CA

Responsibilities:

  • Member of the Global Hosting group. Involved in Design, Setup and Management of Data Center Infrastructure (System, Network and Security) for multiple clients and projects.
  • Design and setup HA ASA 20 firewalls, SEIM-RSA envision, Catalyst 4503 with trunks and channels in a redundant environment.
  • Monitor and analyze streaming and historical data and Troubleshoot application problems and investigate security incidents using Splunk.
  • Design and Setup Foundry routers, and switches with 802.1x for Production Data Center Operations.
  • Setup Big-IP F5 LTM for Global Load Balancing.
  • Design and setup OpManager - a network monitoring and alerting software that offers combined WAN, Server, Applications monitoring with integrated help desk, asset management & WAN traffic analysis functionality for the Data Center Infrastructure.

Network Security Architect

Confidential, CA

Responsibilities:

  • Design, Setup and Manage technical Infrastructure (System, Network and Security) Projects and IT Support for corporate office, remote office and co-location facilities at US, India and UK facilities. Maximizing the utilization of available resources in a Secure, Highly Available 24x7 NOC Environment.
  • Worked extensively on dynamic routing protocols like EIGRP and OSPF.
  • Worked on WAN technologies like T1, DS3, Frame-Relay, and DSL.
  • Worked extensively on PIX and Netscreen Firewalls for setting up VPN’s, NAT and ACL’s.
  • Worked extensively on Cisco Catalyst 4000, 3750, and 2950 series switches with FL, Fiber Trunks, Channels and Stateful Redundant Firewall (PIX 525).
  • Create, maintain, and enforce standards, policies, procedures, and best practices for implementation of technical solutions and delivery of Information Systems services.
  • Co-Ordinated implementation of ISO 27001 Security Standards and audit at all FIS India locations.
  • Wrote Technical, Disaster Recovery, BCP, Datacenter/NOC and SLA Documents/Run books.
  • Design and Setup Windows 2003 Active Directory Setup for over 700+ users located at multi-site, multi-locations facilities spread across different demographics and connected via IPCL/Leased Line Circuits.

Sr. Security Consultant

Confidential, CA

Responsibilities:

  • On-Site Coordinator for Filter Development and Security Review Operations. Supervise team of 5 Network Security Engineers in the performance of their duties and in the general execution of the day-to-day activities.
  • Make recommendations, and implement policy and procedure changes as directed by the Director of Operations.
  • Worked on Hardening of Cisco Routers, CSU/DSU, PAT, NAT, and CBAC using Cisco Firewall Feature Set. Worked extensively on Cisco Catalyst switches and Stateful Redundant Firewall (PIX 525).
  • Wrote Technical / Disaster Recovery Document Run Books and SLA.
  • Provide customer and sales support as needed and provide an escalation point for the timely resolution of customer quality control.
  • Installed and Configured Redundant Load Balancers (BIG-IP F5) w/ Extended Content Verification.
  • Design and Setup Webfiltering software (SURFCONTROL) for bandwidth management.
  • Harden UNIX system for security. Install, troubleshoot and resolve hardware and software problems.
  • Design and Setup of Company Wide IDS system.

Data Center NOC Manager

Confidential, Santa Clara, CA

Responsibilities:

  • Responsible for capacity planning for application and server.
  • Design and Setup Windows 2000 Active Directory Service. Migrated NT to 2000 environment, including setup of 2000 Professional, NT Workstation and XP Clients. Setup Exchange 2000 with ADS.
  • Design and Setup National IDC Network Infrastructure.
  • Setup VPN for secure, Office and Data Center access. Setup and Configured Site Perimeter Security using PIX Firewall, ACL’s, IDS Services, Crawler Blocking and E-Mail Virus Protection. Installed and Configured SSH on Linux and Solaris Platforms.
  • Co-Ordinate Data Center Move with zero downtime.
  • Establish and implement policies, procedures and technologies to ensure UNIX system security.

We'd love your feedback!