SUMMARY

• Over 5 years of experience as IT professional in Information Security.
• Involved in Software Development Life cycle (SDLC) to ensure security controls are in place
• Experience in Threat Modeling during Requirement gathering and Design phases.
• Responding to inquires/issues from end users related to active directory.
• Experience on vulnerability assessment and penetration testing using various tools like HP web inspect, IBM App Scan, Burp suite, Dir Buster, OWASP ZAP Proxy, N Map, Nessus, Kali Linux, Metasploit.
• Conduct network monitoring and intrusion detection analysis using various Computer Network Defense (CND) tools, such as Intrusion Detection/Prevention Systems (IDS/IPS), Firewalls, Host Based Security System (HBSS), etc.
• Experience in Splunk.
• Experience with Security Risk Management with TCP - based networking.
• Experience with TCP/IP, Firewalls, LAN/WAN and VPN.
• Experience in Cloud computing and security.
• Experience with Load balancers and Web Application Delivery Controller (ADC).
• Experience with network intrusion detection technologies (Snort, Bro, Sguil, etc).
• Ability to utilize and create attack signatures, tactics, techniques and procedures to aid in identification of anomaly and zero day attacks.
• Experience with incident response and handling.
• Experience in Linux system administration.
• Static Code Analysis during development phase.
• Knowledge of Lightweight Directory Access Protocol (LDAP).
• Hands on experience in conducting Web Application Security scan, Network Penetration Testing and Ethical Hacking using commercial and non-commercial applications and methodologies such as OWASP Top 10, HP WebInspect, IBM AppScan, Fortify,, Burp Suite,Firefox Add-ons XSS Me, SQL Inject Meand others.
• Interpreted least privilege for applications and segregation of duties.
• SOX Compliance Audit experience on controls like User access management, Change Management, Incident Management.

TECHNICAL SKILLS

Languages: C, C++, HTML/HTML 5, Java, JavaScript, PHP.

Platforms: Windows 7/8/10, Windows Server 2000/2003, Linux, Shell scripting(Kernel)

Database: My SQL 5.0, MS Access, MS SQL 2000, PostgreSQL.

Packages: MS - Office, Visual Studio 2005/08/10.

Networks: Routing & Switching, VPNs, VOIP, PBX, MPLS, WAN and QOS etc.

Cloud Services: Google Cloud, Amazon Web services.

Firewalls: Cisco ASA firewalls, Checkpoint, Palo Alto, Fortinet.

Load Balancers: F5 BIG-IP, Citrix Netscalar.

Virtualization tools: VMware, Citrix.

Vulnerability Assessment tools: Metasploit, Nessus, Nexpose, Qualysgard, NMAP, OWASP ZAP, Burpsuite, IBM App scan, DIR-Buster, Kali Linux etc.

IT & Management Tools: GFI LanGuard, Solarwinds, Splunk,Tufin etc.

IDS/IPS: Snort, Tipping Point, IBM Proventia, McAfee Network Security Platform

PROFESSIONAL EXPERIENCE

Confidential, Union - NJ

SOC Anaylst

Responsibilities:

• Lead and drove improvements to information security monitoring and incident response
• Manage and maintain Firewall systems and IPS along with VPN access controls.
• Support in detecting, understanding and resolving information security incidents and remediation.
• Perform risk analysis to identify points of vulnerability and recommend disaster recovery strategies and business continuity planning.
• Manage and maintain and troubleshoot Active Directory forest infrastructure.
• Evaluate, deploy and manage information security system solutions such as strong authentication, key management, IPS, SIEM, antimalware, vulnerability scanners, MDM and others.
• Prepared, arranged and tested Splunk search strings and operational strings.
• Created and configured management reports and dashboards.
• Developed, evaluated and documented specific metrics for management purpose
• Designed, developed and implemented system engineering plans and technical support services.
• Executed systems programming activities and supported data center activities.
• Developed standardized incident response handbook for global investigative staff, coordinated input and approval across HR, Legal, and internal auditors
• Proficient in understanding application level vulnerabilities like XSS, SQL Injection, CSRF, authentication bypass, cryptographic attacks, authentication flaws etc
• Developed and delivered IT Services Management (ITSM) solutions based on ITIL best practices that focused on the people, process, and technology perspectives of providing business solutions.
• Skilled using Burp Suite, IBM APP Scan, Acunetix Automatic Scanner, NMAP, Havij, Dirbuster, Qualysguard, Nessus, SQLMap for web application penetration tests and infrastructure testing.
• Performing onsite & remote security consulting including penetration testing, application testing, web application security assessment, onsite internet security assessment, social engineering, wireless assessment, and IDS/IPS hardware deployment.
• Conduct network monitoring and intrusion detection analysis using various Computer Network Defense (CND) tools, such as Intrusion Detection/Prevention Systems (IDS/IPS), Firewalls, Host Based Security System (HBSS), etc.
• Monitor the Security of Critical System (e.g. e-mail servers, database servers, Web Servers, Application Servers, etc.).
• Change Management to highly sensitive Computer Security Controls to ensure appropriate system administrative actions, investigate and report on noted irregularities.
• Conduct network Vulnerability Assessments using tools to evaluate attack vectors, Identify System Vulnerabilities and develop remediation plans and Security Procedures.
• Identifying the critical, High, Medium, Low vulnerabilities in the applications based on OWASP Top 10 and SANS 25 and prioritizing them based on the criticality.

Confidential, Austin -Texas

Network Engineer

Responsibilities:

• Experience working with design and deployment of MPLS Layer 3 VPN cloud, involving VRF, Route Distinguisher(RD), Route Target(RT), Label Distribution Protocol (LDP) & MP-BGP.
• Convert Branch WAN links from TDM circuits to MPLS and to convert encryption from IPsec/GRE to Get VPN.
• Coordinating the implementation of switched networking infrastructure for server and client building blocks.
• Redesigned F5 load-balancer configuration and topology to eliminate outages during F5 active-standby failovers.
• Built automation scripts for device inventory, backups, and (some) changes; scope: 800 managed Cisco and F5 network devices.
• Leveraged a single domain-wide public wildcard SSL certificate to reduce costs of securing servers while maintaining host-level security requirements.
• Troubleshooting and monitored routing protocols such RIP, OSPF, EIGRP & BGP.
• Install and maintain security infrastructure, including IPS, IDS, log management, and security assessment systems.
• Assess threats, risks, and vulnerabilities from emerging security issues
• Designed and implemented networking for disaster recovery sites.
• Perform and create procedures for system security audits, penetration-tests, and vulnerability assessments.
• Develop scripts to maintain and backup key security systems.
• Periodic data center inspections, and on call participation, and helped other staff members with networking problems

Confidential, Philadelphia - PA

Network Security Engineer

Responsibilities:

• Experience working with design and deployment of MPLS Layer 3 VPN cloud, involving VRF, Route Distinguisher(RD), Route Target(RT), Label Distribution Protocol (LDP) & MP-BGP.
• Conducted security assessment of PKI Enabled Applications.
• Experience with design and configure Fiber Channel over Ethernet (FCoE) on Cisco Nexus 5548 devices.
• Convert Branch WAN links from TDM circuits to MPLS and to convert encryption from IPsec/GRE to Get VPN.
• Experience with migrating from Cisco ASA 8.2 version to Cisco ASA 8.4 Version.
• Responsible for Cisco ASA firewall administration across our global networks.
• Migration of existing IPSEC VPN tunnels from one Data Center to another Data Center, due to decom of existing Data Center, which involved working with Partner Companies.
• Experience with converting WAN routing from EIGRP/OSPF to BGP (OSPF is used for local routing only) which also involved converting from Point to point circuits to MPLS circuits
• Life-cycle management of the McAfee SIEM platform including coordination and planning of upgrades, new deployments, and maintaining current operational data flows
• Configure rules within McAfee SIEM ESM to correlate events from various devices throughout the network and identify anomalies that require further investigation
• Conduct Security / Vulnerability testing using HP Web Inspect and generation of Security testing reports.
• Creation of Test Data using Load Runner and usage of Techniques (Parameterizations, Correlations, Encryptions, Verification points and Custom codes).
• Log, track, close defects and generation of defect reports via HP Quality Center.
• Deploying, managing, and operating scalable, highly available, and fault tolerant systems on AWS.
• Migrating an existing on-premises application to AWS.
• Implementing and controlling the flow of data to and from AWS.
• Selecting the appropriate AWS service based on compute, data, or security requirements.
• Identifying appropriate use of AWS operational best practices.
• Estimating AWS usage costs and identifying operational cost control mechanisms.

Confidential

IT Network & Security Analyst

Responsibilities:

• Conducted application penetration testing of 90+ business applications.
• Responding to inquires/issues from end users related to active directory.
• Acquainted with various approaches to Grey & Black box security testing.
• Conducted security assessment of PKI Enabled Applications.
• Skilled using Burp Suite, Acunetix Automatic Scanner, NMAP, Kali Linux, Back Track and Nessus for web application penetration tests.
• Identifying the critical, High, Medium, Low vulnerabilities in the applications based on OWASP Top 10 and SANS 25 and prioritizing them based on the criticality.
• Good knowledge of network and security technologies such as Firewalls, TCP/IP, LAN/WAN, IDS/IPS, Routing and Switching.
• Monitor, Analyze and respond to security incidents in the infrastructure. Investigate and resolve any security issues found in the infrastructure according to the security standards and procedures.
• Monitor the security system logs (i.e., intrusion detection system, firewall system logs, etc.) and reports on discovered anomalies or problems (i.e. insufficient disk space, inappropriate access patterns, etc.).
• Perform analysis on any malware that breaches the environment to determine breadth of attack and remediation steps.
• Actively search for potential security issues and security gaps that are beyond the ability of detection by any security scanner tool. Initiate and develop new mechanisms to addresses unidentified security holes & challenges.
• Real-time Analysis and defense.
• Vulnerability Assessment of various web applications used in the organization using Paros Proxy, Burp Suite, and Web Scarab, YASCA, HP Web Inspect.
• Configuration and management of Cisco IDS, Checkpoint firewall, Snort.
• Training the development team on the most common vulnerabilities and common code review issues and explaining the remediation.
• Follow up and ensure the closure of the raised vulnerabilities by revalidating and ensuring 100% Closure.
• Update with the new hackings and latest vulnerabilities to ensure no such loopholes are present in the existing system.
• Responsible Vulnerabilities Management, Remediation and patching of Office365 Corporate and Clients environments.
• Generated and presented reports on Security Vulnerabilities to internal management and end point users.
• Conducted Compliance Audits.