SKILL:

DAST, SAST, IAST tools: IBM AppScan Enterprise (ASE), Standard & Source editions, MicrofocusWebInspect, QualysGuard, BurpSuite Pro, Contrast Security, Acunetix, Fortify SCA, SQLMAP.

Port/Vulnerability Scanning: Nmap/Nmap Scripting Engine (NSE), Netcat, Nessus.

Network Security Testing: Symantec DLP, End - point Protection, Checkpoint, Palo Alto, Cisco, IDS/IPS, Anti-virus, and BMC.

Password Cracking: Hydra, Rainbow Crack, Blade Logic, Remedy.0phcrack, John the Ripper, Pyrit.

Security Tools: AppDetect, AppRador, Oracle IdentityManager, Oracle Access Manager, JHijack, Metasploit Pro, ZED attack proxy, SQLMAP, Wireshark, WebScarab, Paros, Nmap, BMC BladeLogic, Nessus, Rapid7 Nexpose, Tripwire, Symantec DLP, DBProtect, ArcSight SIEM, e-DMZ Password Auto DBProtect, ArcSight SIEM, e-DMZ Password Auto Repository (PAR), Varonis, IDA Pro, WinDbg.

Cloud Providers & Security: Amazon Web Services (AWS) and MS Azure, Apigee API Management, Cloud Security Alliance (CSA), Cloud Security Access Broker (CASB). Aqua Container Security, Kubernetes, Terraform.

DevSecOps: AWS CodePipeline, CI/CD, Jenkins, GitHub, IBM AppScan automation.

Middleware: TIBCO EMS, IBM WebSphere MQ, JMS.

Databases: Oracle, MS SQL MySQL, Server, Sybase.

Operating Systems: Oracle Solaris UNIX, RedHat LINUX 4/5, Windows Server2003/2008.

Application Servers: Weblogic Server, iPlanet, Netscape Application Server and Microsoft IIS.

Programming Languages: Spring Framework, EJBs, Java, J2EE, Python, C/C++, C#.NET, Perl, Struts2, Servlets, JavaServerPages (JSPs), JMS, JavaUML. Mail API, JNDI, LDAP, JDBC, JTS, RMI, AWT, Swing, Socket Programming, IONA Orbix CORBA.

Web Technologies: XML, HTML, HTML5, XHTML, CSS3, JavaScript/ES6

PROFESSIONAL EXPERIENCE:

Confidential, Reston, VA

Sr. Security Engineer

Responsibilities:

• Automation of security scanning process (DevSecOps) into the build environment wif CI/CD pipeline using Jenkins, Maven, Gradle, GitHub tools.
• Implemented OAuth2.0, SAML and Single Sign-on (SSO) for AWS& Mobile applications for corporate applications Working knowledge of OSSTMM,OWASP Top 10 and SANS Top 25
• Conducted Vulnerability Assessment (DAST, SAST, and IAST) of Web and Mobile (iOS and Android Applications, including third party applications. The tools IBM AppScan, ZAProxy, BurpSuite Pro, Checkmarx, and HP Fortify have been utilized for scanning the application.
• Conducted security assessments to ensure compliance to firm’s security standards (i.e., OWASP Top 10, SANS25). Specifically, security testing has been performed to identify XML External Entity (XXE), Cross-Site Scripting, ClickJacking, and SQL Injection related attacks wifin the code.
• Reviewed source code (Java/J2EE/Spring/FTL/JavaScript) and developed security filters wifin IBMAppScan for critical applications.
• Analyzed security incidents using Splunk Enterprise Security originated from various network/application monitoring devices (e.g., Symantec DLP) and coordinated wif engineering teams for tracking and problem escalation, including remediation.
• Administered maintained, and deployed Imperva web application firewall (WAF).
• Experience wif ISO 27001/27002 for ISMS, GRC solutions like Sarbanes Oxley (SOX) Compliance, HIPPA, PCI.
• Scan images and functions for known vulnerabilities, malware, secrets, open source licenses, and configuration and permissions issues wif aqua.
• Monitored container activity, detect and granularly block suspicious processes through aqua.
• Hands on experience wif Container Technology (Docker, EKS, GKE, Kubernetes, Openshift, ) and respective security tools (Twistlock, Stackrox, Aqua, Sysdig, etc)
• Participated in the implementation of developing security policies and security groups for AWS Cloud infrastructure including, EC2, Security Groups, Route 53 and Virtual Private Cloud (VPC).
• Implemented API security using Apigee API management and AWS API Gateway services.
• Developed and deployed Hashi corp Sentinel “Policy as Code” to enforce security against infrastructure between plan and apply phases of Terraform run.
• Installed, configured and deployed CyberArk Enterprise Security Vault to administer privileged passwords and also set up policies for accessing passwords wifin the acceptable timeframes.
• Conducted security assessment of Cryptography applications including the apps dat use Hardware Security Model (HSM).
• Managed a team of analysts and service providers who support the various Identity Access Management (IAM) and Data Loss Prevention (DLP) functions.
• Developed and maintained IAM policies, standards, and practices. Helped to establish a formal review process dat promoted strong collaboration among a wide range of policy, standard, and practice leaders and groups.
• Configured SafeNet ProtectDB to enable column level encryption for securing confidential customer data.
• Implemented Single Sign-On (SSO), MFA, and user provisioning for enterprise applications using Okta, SAML, OAuth2.0, OpenID Connect (OIDC) flows.
• Enabled security controls for APIs to secure Restful and SOAP based web services from various security attacks.
• Integrated Prisma Cloud Compute Native Security Platform into CI/CD pipelines to continuously scan and monitor for security anomalies of host, container, and serverless functions.
• Strong AWS platform experience in securing CloudWatch, S3, ELB/ALB, Lambda, EC2, Landing Zone, Control Tower, and Subnets.
• Responsible for source code and binary repository management tools. Implemented their secure automated CI/CD pipeline in adherence to the latest DevSecOps initiatives.
• As a Senior DevSecOps Engineer dat works wif cloud technologies to deploy and maintain applications in a secure production environment.
• Perform all cloud engineering and DevSecOps services.
• Senior a team of Cloud and DevSecOps engineers serving a large diverse team of multidisciplinary professionals defining and supporting the DevSecOps and CI/CD platforms across a portfolio of systems
• Drive DevSecOps Adoption Strategy of the provided platform wif your vision and industry experience
• I have an excellent working knowledge of DevSecOps engineering, tools & technologies, like Kubernetes, Jenkins, SonarQube, etc.
• Design and implement AWS/Cloud based DevSecOps processes and tools like (Security Monkey, UptimeRobot etc)
• Work closely wif product and platform teams to engineer and implement Cloud security controls wif a focus on DevSecOps
• Managed and protected firm’s secrets in dynamic infrastructure (e.g., database credentials, passwords, API keys) using HashiCorp’s Vault and AWS Secrets Manager.
• Reviewed various applications on GitHub, identified secrets including, passwords, codes, sensitive account ids, service, and generic account logins and migrated them to AWS Secrets Manager for cloud applications and CyberArk Enterprise Password Vault for on-prem applications.
• Administered Secrets Manager by creating secrets, use accounts and managed the user access.
• Enabled rotation, auditing and monitoring for secrets.
• Associated every secret wif an AWS KMS CMK for the encryption of secret data.
• Implemented data security using AWS Key Management Service (KMS). Developed key policies, policy conditions, grants.
• Utilized AWS Key Management Service (KMS) to protect Customer Master Keys (CMKs). Applied Symmetric and Asymmetric CMKs for data encryption and decryption.
• Managed the life cycle of CMKs (backing, key rotation) using AWS Key Management Service (KMS).
• Implemented server-side encryption for AWS S3 buckets using SSE-KMS.
• Designed security architecture for web and mobile apps. Reviewed Solution overview Documents (SODs) to identify security anomalies in the system architecture and design, and provided recommendations to address data security and privacy concerns.
• Developed threat modeling framework (STRIDE, DREAD) for critical applications to identify potential threats during the design phase of applications.
• Implemented file system security by applying hashing techniques for protecting data stored in files on the file servers.
• Administered cryptography, management and implemented dual keys to address segregation of duties issue between DBAs and security admins.
• Rolled out IBM AppScan products such as AppScan Enterprise (ASE), Standard, Source, Developer plug-ins to various development teams across the business lines.
• Worked extensively wif software development teams to review the source code, triage the security vulnerabilities generated by IBM AppScan, BurpSuite, Whitehat Sentinel, HP WebInspect, HP Fortify, Checkmarx and eliminated false positives.
• Generated executive summary reports showing the security assessments results, recommendations (CWE, CVE) and risk mitigation plans and presented them to the respective business sponsors and senior management.
• Deployed AWS landing zones into AWS organization and supplied log archive, security account, shared services.
• Performed binary reverse engineering and Anti-debugging analysis using IDA Pro, WinDbg, OllyDbg.
• Conducted monthly developer workshops to educate and train developers on secure SDLC, scan source code using IBM AppScan Source, triage and resolve the security vulnerabilities.
• Participated in the implementation of AWS Cloud security for applications being deployed in the Cloud. Developed WACLS and configured to rules and conditions to detect security vulnerabilities in the Cloud Front.
• Implemented Security Group Policies for Elastic Compute Cloud (EC2) instances wifin AWS. Developed AWS Service Roles to protect Identity Provider access.
• Worked wif DevSecOps teams to automate security scanning into the build process.
• Reviewed Android and iOS mobile source code manually and recommended code fixes.
• Participated in the Proof of Concept (POC) in implementing Arxan application protection software for Mobile apps.
• Performed the penetration testing of mobile (Android and iOS) applications, specifically, APK reverse engineering, traffic analysis and manipulation, dynamic runtime analysis.
• Developed secure SDLC policies and standards for Web and Mobile apps.

Confidential, VA

Sr. Security Engineer

Responsibilities:

• Incident and Event Management System (SIEM) using HP ArcSight, Splunk Enterprise Security
• IAM solutions developed wif Azure and managed Enterprise Mobility and Security ( EMS)
• Hands-on wif Penetration Testing, Source Code Review, DAST, SAST, IAST and manual ethical hacking.
• Configured CyberArk Password Session Manager (PSM) to control privilege sessions for UNIX and Windows based applications and DBs. Also, the audit logs have been enabled and utilized for forensics investigations.
• Participated in the implementation of API Security projects including OAuth2.0 and SAML.
• Involved in the implementation of RSA Single Sign On (SSO) for the applications deployed in the Cloud and on-premise.
• Configuring and creating Vulnerability Reports in Nexpose, SIEM -Log monitoring and user behavior Investigations in LogRythm.
• Worked on Aqua leverage secrets vaults for lifecycle controls, including Hashi Corp Vault, CyberArk EPV and Conjur, AWS KMS and Azure Vault.
• Visualize cluster security posture by namespace deployment, pod, and host.
• Provides aqua deep visibility to network traffic for cloud-native workloads
• Define container network connections based on orchestrator concepts (pod name, namespaces), IP/CIDR addresses, and DNS
• Designed and implemented Endpoint Security solutions in an enterprise environment. Endpoint security systems including intrusion protection solution.
• Working experience wif identity management solutions and access governance to strong authentication and public key infrastructure (PKI) and made sure PKI enables the use of encryption and digital signature services for various of applications.
• Implemented and integrated a complete cloud services framework (Iaas, Paas, SaaS) and Cloud deployment.
• Deployed Azure IaaS virtual machines (VMs) and Cloud services (PaaS role instances) into secure VNets and subnets and designed Network Security Groups (NSGs) to control inbound and outbound access to network interfaces (NICs), VMs and subnets.
• Expertise in using the DAST tools (IBM AppScan and BurpSuite Pro) while the application is running to penetrate the application in various ways to identify potential vulnerabilities outside the code and in third partyinterfaces.
• Working knowledge of OWASP Top 10 and SANS Top 25 software guidelines, Federal Financial Institutions Examination Council's (FFIEC) regulations, including Payment Card Industry (PCI-DSS), HIPAA and Sarbanes-Oxley Section404 (SOX).
• Developed secure SDLC policies and standards for Web and Mobile apps. Various industry standards have been utilized such as NIST, CIS Benchmarks, OpenSAMM, and FFIEC.
• Administered Maintained, and Deployed Imperva web application firewall, Checkpoint IPS & VPN systems, and McAfee network based Data Loss Prevention (DLP) device
• Developed Security requirements for Data Loss Prevention (DLP) specifically for Data at Endpoint, Data In-transit, and Data at rest.
• Administered cryptography, management and implemented dual keys to address segregation of duties issue between DBAs and security admins.
• Automated security scanning process (DevSecOps) as part of Continuous Integration and Continuous Delivery (CI/CD) of security reports into the build cycle
• Implemented and managed SIEM - IBM Qradar suite of products, QRadar SIEM, Qradar Vulnerability Manager (QVM), Qradar Risk Manager (QRM), Qradar Incident Forensic (QIF), and Splunk.
• Participated in the implementation of AWS Cloud security for applications being deployed in the Cloud. Developed WACLS for AWS Web Application Firewalls (WAF) and configured the rules and conditions to detect security vulnerabilities in the Cloud Front.
• Participated in the implementation of AWS Cloud security for applications being deployed in the Cloud. Developed WACLS and configured rules and conditions to detect security vulnerabilities in the Cloud Front.
• Configured AWS Simple Storage Service (S3) to securely store the organization’s critical file systems. Implemented Access Control Lists (ACLs) and Bucket Policies for controlling access to the data.
• Decided on wat to remediate and wat to risk accept based on security requirements.
• Reviewed vulnerability reports for applications and databases security, monitored, analyzed and worked extensively wif the development teams for the implementation of mitigating controls.
• Implemented IBM AppScan standard, source editions, HP WebInspect, Whitehat Sentinel, Nessus, and QualysGuard web application scanners. In addition, the security tools Metasploit and BurpSuite were utilized for manual penetration testing.
• Performed security assessments for the client-facing apps. The associated IT infrastructure such as database management systems, middleware systems, web services (SOA) were also included in the security assessments.
• Implemented Secure Software Development Life Cycle (S-SDLC) processes; developed secure coding practices for web, mobile applications, including database and middleware systems.
• Experience in Threat Modeling during Requirement gathering and Design phases.
• Security Risk Management wif TCP-based networking.
• Experience wif TCP/IP, Firewalls, LAN/WAN.

Confidential

Security Engineer

Responsibilities:

• UtilizedSecurityInformation and Event Management (SIEM), Intrusion Detection & Prevention (IDS / IPS), Data Leakage Prevention (DLP), forensics, sniffers and malware analysis tools.
• Utilize tools like WebLogic, LogRythm, and Tripwire to assess and validate controls per requirements and Government direction
• Discussed false positives and prepared a plan of action and milestones for mitigation Prepared incident reports for reported and unreported attacks APT hunting for Ransomware.
• Performed Root Cause Analysis for their incidents reported at Security Operations Center. Performed Security event monitoring of heterogeneous networks such as Firewalls, IDS/IPS, Cisco ASA, DLP devices using Splunk.
• Performed real-time proactivesecuritymonitoring and reporting on variousSecurityenforcement systems, (SIEM), Anti-virus, Internet content filtering/reporting, malware code prevention, Firewalls, IDS and IPS, WebSecurity, Anti-spam.
• Performed security compliance audits and identified control gaps for Firewalls, Routers, DLP, IDS/IPS, Windows/Linux, and DB servers.
• Performed penetration testing for external facing web applications. Security areas covering DMZ architecture, threat modeling, secure coding practices (i.e., OWASP standards) and vulnerability analysis were assessed.
• Provided solution to many problems on a call wif the best of my knowledge on the applications using event logs on the system/server and telemetry logs on the server, later started using Splunk for security analysis.
• Wrote scripts on servers using Python on Windows Servers, Active Directoryto update servers wif the latest patches and changes systems configurations at large.
• Used Remedy Information Technology Service Management (ITSM) tool for managing theincidentsbasedontheprioritiesandsolvedissueswhichareinthesecurity domain.
• Experience in performing authenticated and unauthenticated testing.
• Generated Vulnerability reports to monitor the health of the applications and reported High, Medium and low vulnerabilities in this system.
• AnalyzedattackpatternsBuildworkflowstoautomaticallyanalyzethesamples
• Determined wat functionality attackers may have introduced and scan for malicious artifacts based on sandbox results Investigate endpoint attacks and replay attacks on systems.
• Analyze JavaScript, PDFs, Office documents, and packet captures for signs of malicious activity SIEM implementation and analysis by writing rules and sets.
• SIEM to determine attack vectors and source of incident Troubleshoot network application inbound/outbound connectivity utilizing Cisco WSA proxies and Wireshark.
• Involved on Bridges in solving High/Severe incidents reported in the application or in the environment.
• IronPort URL filtering for known bad URL content Ironport Mail.
• Analysis and blocking for known bad emails Analysis of pcap files using FireEye and Wireshark System audit and analysis using DOD checklist for PA series Threat and virus scanning using Malware bytes from centralized console.
• Enforcement of policies and procedures for users, admins, and management Reverse engineering of malware using tools like malware, process hacker and so on Incident response tabletop exercise by documenting and alerting necessary personnel.

Confidential

Software Developer

Responsibilities:

• Designed and created DAO using data modeling in the integration layer.
• Exposed all the enterprise services to the clients using SOAP and REST based web services, and tested using SOAPUI.
• Modified WSDL documents for the internal clients and deployed on WSRR.
• Involved in designing the front end applications using web technologies like HTML/HTML 5, XHTML, and CSS/CSS3.
• Designed dynamic and browser compatible pages using HTML5, CSS3, SASS, JavaScript/ES6
• Implemented request and response objects using SOAP web services and JAXB for converting WSDL to java classes.
• Configured all dependencies wif spring framework and various stateful and stateless beans in the application.
• Used various spring features to deploy custom properties and static context in the application.
• Exposed Stateless session beans as restful web services using Jersey JAX-RS.
• Created virtual host and configured based on the IP configuration for all enterprise services.
• Used JSON marshaller for marshaling and unmarshalling the JSON Objects and Dom manipulations wif various SAX and Dom parsers
• Worked and configured wif MKS and RTC versioning tools for keep track of source code.
• Used Jenkins for continuous integration wif maven built in to generate the EAR files and sanity4j code quality testing reports.
• Hands-on a service-oriented approach (SOA) using WebLogic for integration.
• Worked on HP portfolio Management software to create the PPM packages and deploy the various environments.
• Updated the WSDL in WSRR for the governance and storing, accessing and managing information.
• Setup meeting to configure and understand the Data power for security, for accessing the application.
• Used Log4j for logging for debugging, warnings, errors etc.
• Created log back file based on time based triggering policy and application based triggering policy.
• Used HPQC for defect tracking and working on the defects and created Triage process (Microsoft Visio) to track the defects in the application.
• Migrated MKS Source control to RTC and created JENKINS builds for all enterprise services.
• Worked closely wif the infrastructure team to create the performance environment for enterprise services.