We provide IT Staff Augmentation Services!

Sr. Security Analyst Resume

SUMMARY:

  • Innovative and Agile expertise in Information Technology, with a strong emphasis in IT Cyber Security operations Management. Consistently exceed corporate Goals and IT service expectations.
  • Experienced and Skilled in developing and implementing Compliance and Policies driven procedures for IT Infrastructures, Network/Applications and Cyber Security Operations., utilizing DevOPS Emerging Solutions with in Agile Infrastructure and Agile Operations Deployment project lifecycle.

PROFESSIONAL EXPERIENCE:

Confidential

Sr. Security Analyst

Responsibilities:

  • Provide a consultancy to manage cyber security solutions for power utility organizations.
  • Manage/configure/deploy Containers to AWS cloud IaaS console to maintain IDS infrastructure.
  • Work with various cyber security team and provide risk assessment from cyber - attack lifecycle phases (reconnaissance-exploitation-command and control) to detect Risk and Impact on data.
  • Actively Monitor various SIEM logs and alerts to perform Network and Enterprise endpoint security.
  • Responsible to Collect Palo-Alto Evident (Cloud Security Management) logs and Review reports for various power utility’s network and perform compliance validation audit.
  • Manage various Utility provider’s network and determine a root cause of security alerts and provide compliance-based tune-ups and remediations.
  • Monitor IDS/IPS sensors, collect evidence and perform Risk assessment and Audit Reporting.
  • Manage and Maintain Security Vulnerability Management Program for various utilities.
  • Responsible for daily administration of the SIEM dashboard including triage, action and remediation of SIEM alerts.
  • Maintain Malware and compromise analysis process and tools including incident response processes and monitor and manage Rapid7-InsightOps dashboard.
  • Responsible for operating and maintaining the AWS Cloud Console and Dashboard.
  • Schedule Vulnerability Assessment and Penetration Test via IDS SPAN.
  • Provided support by using SIEM technologies such as HP Arc Sight, Splunk, McAfee Nitro or Confidential QRadar for various Utility provider’s IT operations.
  • Provide Advanced Persistent Threat (APT) monitoring against, Cyber Crime, Hacktivism and associated tactics detection on critical power utility provider’s data and grid distribution.
  • Work with Various utility provider’s risk team to maintain “Zero Trust” Security Model. And review fire wall and IDS/IPS threat identification policies to have enforcement across cloud, network and enterprise endpoints.

Confidential

Security/Operations Analyst

Responsibilities:

  • Worked with External Audit team and provided relevant system evidence for Lottery systems.
  • Worked as DRP Witness (ISO Resource) and maintain Buisness continuity for critical Apps.
  • Participated in testing of PaloAlto Network Wildfire product deployment and reviewed Malware analysis CI and provided endpoint security Manager incident reporting verifications.
  • Managed Application problem and Security Change Management by using Service Now.
  • Managed and Administrated middleware consoles such as JBoss EAP, WebSphere, Tivoli Directory Server and Web Administration to Maintain Confidential ’s Middleware Business continuity.
  • Maintained ITIL-Standards in IT Service environment and supported Service Now Modules.
  • Performed API and CI Testing and DevOPS and SDLC Testing for Confidential ’s Agile operations.
  • Provided technical liaison to project deliverables including deployment and integration activities, device management, security event analysis, service-level reporting, risk and contingency planning. Support-related responsibilities include sizing, troubleshooting and managing critical situations.
  • Provided Continuous monitoring by using various monitoring tools to prevent zero-day attacks.
  • Worked with corporate Risk Management team to protect lottery applications from advance malware attacks such as metamorphic viruses and distributed fault architecture attacks.
  • Worked with Cloud Service provider to configure Azure Advance Threat Protection (APT)
  • Worked with DevOPS Team to Test API for Prometheus Server to build Threat detection Console.
  • Worked in SDLC Framework to prevent exploitation on lottery applications and monitor design phase-remote/local executions and payload by using various software testing tools.
  • Monitored various API deployements and provided Complaince validation to DevOPS Team.
  • Worked as Cyber Security Resources to analyze and detect defects in a system using Wireshark.
  • Configured, Installed, Maintained and Troubleshoot Nessus and Nmap tools and collect data.
  • Performed system vulerability detection by using Blue Team Field Manual Commands.
  • Monitored network related events, assigning severity, report-based change execution on SLA.
  • Owned issues through resolution, escalate to adhere to Risk Management and provide process Improvement by Monitoring Various Network and Infrastructure events and alerts.
  • Monitored east-west network traffic and provided compliance to Confidential ’s data usage policy.
  • Managed Confidential Security Identity management and password safe console to support Privilege Bracket policy violation and least privilege user access policy to maintain Risk Dashboard.
  • Worked as Change Manager and Incident Manager for after hours incidents and change.
  • Managed and executed code and API by utilizing MKS and SVN.
  • Utilized JBoss and Payara console to deploy jar and .net applications.
  • Provided 24x7 Network/Infrastructure and Data center support to Confidential ’s Core IT Business.

Confidential

Sr.IT Security Analyst

Responsibilities:

  • Accountable to manage various IDs to support Confidential identity Management policy.
  • Involved in PCI/SOX and CIP Compliance based DRP for Various Confidential clients.
  • Worked as Security Threat detection resource against Cyber-attack Lifecycle.
  • Analyzed and Evaluate SOC Processes and develop a baseline for forensic Audit.
  • Analyzed SEIM logs and maintained SOX/PCI Compliance based Security Operations for clients.
  • Responded and investigated potential security incidents, alerts and provided mitigations against critical data exploited end points and performed hardening and patching.
  • Worked with various network user’s Endpoints such as enterprise assets and detect objectives behaviors to protect against various attacks by providing documentations and s.
  • Performed System Patch on Windows and Linux/Unix Servers to maintain infrastructure Security Baselines via Windows server update services and Confidential BigFix Patch management.
  • Provided IT Management and liaison between Confidential to Various Client’s SLA Management Team.
  • Worked with vendor’s Risk Assessment team and performed Pen-Testing, red/blue team activities, threat intel and vulnerability management.
  • Worked on SLAs and Key Performance Indicator’s (KPI) reports and present changes with Audit Trails as well provided Continuous Service Improvement to various Managed Services for Confidential .

Confidential

Enterprise Security Compliance Analyst

Responsibilities:

  • Provided operational support for a wide variety of security services and platforms including both pro-active and re-active security operations, administration, maintenance functions, and root cause analysis.
  • Responsible to collect detailed forensic reports from various network protection devices such as Cisco ACS, PaloAlto, Juniper, IDS/IPS sensors and wrote security audit reports from findings.
  • Performed Network Threat Reconnaissance via discovery and enumeration, provided mentoring to end users to recognize reconnaissance phishing and malware attacks.
  • Managed and performed monitoring of enterprise wide Intrusion detection Systems, including server and network sensors, and vulnerability scanning.
  • Managed various security technologies such as Firewalls, Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Vulnerability Management Systems (VMS), Security Information and Event Management (SIEM), Content Filtering, Advanced Persistent Threat (APT) / Data Leakage Protection (DLP).
  • Worked as part of the Vulnerability Research Team concentrating on reporting new Software Vulnerabilities as well as writing the Snort Rules to detect any attack dat uses this vulnerability over the network.
  • Performed Problem Investigations and Risk Management on repeated occurrence of incidents.
  • Worked with various resources to co-ordinates and directs activities to implement and maintain a network security infrastructure including wired and wireless systems and handheld mobiles, against internal and external intrusion threats.
  • Performed UNIX and Windows Server Health Checks and testing against Guidelines and Reporting to Server owners to Maintain Corporate Security standards.
  • Participated in infrastructure deployments and performed PCI Compliance auditing.
  • SOX and PCI Compliance provided on various Web Based Applications and performed log analysis.
  • Analyzed various Network Traffics and Packets to detect Malwares - such as viruses, AntiAv agents, Exploit payload delivery agents, trojan and ransomware attack attempts, spyware/adware to protect roger’s corporate users.

Confidential

Network Supports Specialist

Responsibilities:

  • Responsible for designing scalable and secure UNIX and Windows solutions for Confidential enterprise.
  • Assembled and configured Network Appliances and services such as Squids, DNS, Webservers and firewall zones to maintain Confidential ’s Infrastructure Capacity Management.
  • Monitored and maintained UNIX and Linux infrastructure stability. Analyzed the results from monitoring systems and recommend changes to improve processing and utilization, ensured high availability of all Corporate, Web, Mobile and IVR services.
  • Monitored 24x7 Network Alerts via Various monitoring tools and provided incident resolutions to Confidential IVR and Telco Business.
  • Provided audit and risk assessment to audit security policies on firewalls and infrastructures.

Confidential

Lead Tech

Responsibilities:

  • Participated in PCI and SOX Compliances Audit for future shop’s internal Audit Team to merge critical part source and POS systems Data to BestBuy’s Existing Enterprise solutions.
  • Installed Servers/POS systems/Printers and Managed infrastructure on various Retail locations.
  • Developed In-Store Desktop Computer Technician’s Team to Manage computer Service Centers and participated to provide growth to achive sales and Service goals.
  • Provided Lead Support to future shop Retail stores and on-site Technicians and developed SOP.
  • Managed 120 In-Store Technician’s and provided day to day repairs process and procedures.