SUMMARY

• Professional with 7+ years of extensive experience in the areas of Risk Analysis, SIEM, Endpoint Security, DLP, Network Security, Email Security, Web Gateway, Vulnerability Assessment, Pen testing, Windows Server, Domain technology, Antivirus servers, etc.
• Expertise in Cyber security & Information Assurance with deep Knowledge of Identity and Access Managementsecurity, Sail point Identity IQ, Access Control issues related tocybersystems and networks, AWS Cloud, Penetration testing methodology, malware detection techniques, recommended information assurance policies and standards.
• Expert in Vulnerability Assessment using Qualys, Nessus and Nexpose tools to evaluate attack vectors, identify system vulnerabilities and develop remediation plans andsecurityprocedures.
• Assisted in integrating regulatory compliance requirements (e.g., PCI, NIST) into the organizationalsecurityroadmap.
• Experience in vulnerability scanning g with relevant tools e.g., Nessus, HPE Fortify for SCA (Static Code Analysis) and Web Inspect, and Rapid 7 Nexpose.
• Assist in the deployment and configuration of new tools and capabilities such as Nessus, Splunk, Symantec and McAfee DLP.
• Experience configuring and deploying modules and products like McAfee ePO, McAfee VSE, Cloud, McAfee HIPS, McAfee Endpoint Encryption, McAfee Network DLP, McAfee DLP Endpoint, McAfee SIEM.
• Experience in managing Network infrastructuresecurityusing HPE Arc Sight ESM/ Splunk for monitoring and classifying and responding to incidents and threats.
• Supported the informationsecurityaudit and third - party assessment initiatives during planning, execution, and remediation phases, as well as coordinating and tracking remediation activities.
• Liaison between the audit/assessment teams and InformationSecuritymanagement.
• Familiar with threats and vulnerabilities, latest trends and risks and be able to understand the technical remediation action steps or plans and communicate them effectively to teams within the organization
• Experience with SOC and 24/7 operations.
• Experience with industry recognized SIEM (SecurityInformation and Event Management) solutions such as IBM QRadar, Splunk, and Log Rhythm.
• Extensively worked on coding using core java concepts like multithreading, collections, serialization, Synchronization, exception handling, generics, network APIs and database connections.
• Defined and oversawsecurityhardening standards for client's IT Infrastructure
• Coordinated with systems and network engineers to ensure servers and network devices conform tosecuritystandards, and thatsecuritydevices and controls are working as designed
• Experience with industry recognized SIEM (SecurityInformation and Event Management) solutions such as IBM QRadar, Splunk, and Log Rhythm.
• Implemented SQL Alchemy which is a python library for complete access over SQL.
• Excellent understanding of computing environments Linux: RHEL-7/DEB-KALI, Windows 7/10, Server 2012/2016 and Unix Operating systems.
• Experience using persistence framework like Hibernate/JPA for mapping Java classes with database and using Hibernate Query Language (HQL).

TECHNICAL SKILLS

Networking: Packet Analysis (tcpdump, Wireshark), IDS (Bro, Snort), Splunk, Firewall, IDS/IPS, Access Control

Systems Administration: Active Directory, DNS, FTP, SSH, DHCP, SMB, HTTP, Virtualization (ESX)

Vulnerability Assessment: Nmap, Nessus, Ettercap, Metasploit, Honeypots (honeyD, inetSim), Burp Suite, Nexpose, Acunetix, IBM App Scan, HP Web Inspect

End PointSecurity: McAfee Suits (VSE, HIPS & HDLP), McAfee MOVE AV, Symantec McAfee EmailSecurityGateways GUI & CLI, McAfee Network Data Loss Prevention, McAfee NITRO SIEMSecurityInformation and Event Management.

Platforms/Applications: Continuous Monitoring Vulnerability Management, Web Application Scanning, Threat Protect, Policy Compliance, Cloud Agents, Asset Management, Governance, Risk Management and Compliance, Solar winds, Nexpose, Rapid7 Event Management RSA Archer, Blue Coat Proxy, IBM QRadar, NTTSecurity, Log Rhythm, Pen Test Tools Metasploit, Burp suit, NMAP, Wireshark and Kali

Standards & Framework: OWASP, OSSTMM, PCI DSS

SecuritySoftware: Nessus, Ethereal, Nmap, Metasploit, Snort, RSA Authentication, PIA

Programming Languages: C, C++, Java, Python, JavaScript, Linux, PowerShell

Networking: LAN, WAN, Wi-Fi, DNS, WINS, DHCP, TCP/IP, ISCSI, Firewalls/IPS/IDS

Protocols: TCP/IP, L2TP, PPTP, IPSEC, IKE, SSL, SSH, UDP, DHCP, DNS, NetBIOS, SNMP, TLS etc.

Domain Knowledge: Risk Management, BCP/DRP, ISO 27001, COBIT, Vulnerability SWOT analysis, Cryptography, Incident Response, Penetration Test, Risk Assessment, SCADASecurity, SCADA Audits, SIEM, NIST, FIPS

PROFESSIONAL EXPERIENCE

Confidential, Dallas TX

Sr. Cyber Security Analyst

Responsibilities:

• Generate and present reports on Security Vulnerabilities to both internal and external customers.
• Manual and Dynamic penetration testing of web applications using Burp Suite and AppScan
• Configuration of the IBM AppScan tool to meet individual scanning requirements
• Security assessment of online applications to identify the vulnerabilities in different categories like Input and data Validation, Authentication, Authorization, Auditing & logging
• Vulnerability Assessment of various web applications used in the organization using Paros Proxy, Burp Suite and HP Web Inspect.
• Using Fore Scout to automate policy-based access control and enforcement, allowing to perform a range of actions to limit access to appropriate resources, find and fix endpoint security gaps.
• Working on Python security vulnerabilities securityscanner for checking if there are any vulnerabilities or bugs.
• Experience setting up Firewalls, using NAV tools, Vulnerability Management platforms, Security Analytics platforms, Penetration Testing frameworks (Metasploit or Resolve).
• Working on Python security vulnerabilities securityscanner for checking if there are any vulnerabilities or bugs.
• Experience setting up Firewalls, using NAV tools, Vulnerability Management platforms, Security Analytics platforms, Penetration Testing frameworks (Metasploit or Resolve).
• Working as a dedicated resource for a Scrum Project to provide timely firewall support and configuration for ongoing high priority Scrum Projects.
• Vulnerability Assessment and Management (Nessus & Qualys),Securityrisk analysis; reporting using SPLUNK.
• Conduct daily IDS analysis/monitoring for potential compromise, intrusion, deficiency, significant event or threat to thesecurityposture andsecuritybaseline and numerous activity against spam.
• UtilizeSecurityInformation and Event Management (SIEM), Intrusion Detection & Prevention (IDS / IPS), Data Leakage Prevention (DLP), forensics, sniffers and malware analysis tools
• Implemented multiple tools including Symantec DLP, and QRadar SIEM.
• Installed, configured and administered Splunk Enterprise Server and Splunk Forwarder on RedHat Linux and Windows servers.

Confidential, Los Angeles, CA

Sr. Cyber Security Analyst

Responsibilities:

• Provide day to day support of servers, workstations, network and other equipment. Document support procedures specific to systems to be utilized by the Technical Maintenance and Engineering departments.
• Plan, execute and oversee remediation activities for valid vulnerabilities which are identified using Application Scanning tools. Experience with application scanning to identify security vulnerabilities in the web application and architectural weaknesses.
• Analyze, troubleshoot, and investigate security-related, information systems' anomalies based on security platform reporting, network traffic, log files, host-based and automated security alerts
• Monitor and analyze output and performance of network and host-based security platforms including: Vulnerability scanning systems and tools, Network-based Intrusion Detection/Prevention Systems (IDS/IPS), Host-based Intrusion Detection/Prevention Systems (HIDS/HIPS), File integrity verification and monitoring software (FIM), Security Information & Event Management (SIEM) platform, Data Loss Prevention (DLP), Log Indexing and Correlation tools, Anti-virus and anti-spyware logs and events, Web proxy and filtering systems
• Experience with national, international, and/or sectoral cloudsecurityassurance/compliance regimes and frameworks such as Federal Risk.
• Working on XDR collects and automatically correlates data across multiple security layers - email, endpoint, server, cloud workloads, and network.
• Working on Tenable.sc which create custom assets based on specific subnets, DNS names, operating systems, or a combination of collected data.
• Monitoring Tenable.sc CV continuous network monitoring solution, and can assist in securing an organization’s internal network.
• Led the application security efforts of over 60 external and internal facing web applications based on OWASP Top 10 and CWE/SANS Top 25.
• Working on (WAF) protecting web applications from a variety of application layer attacks such as cross-site scripting (XSS), SQL injection, and cookie poisoning, among others.
• Experience in analyzing the logs and Trouble Shooting issues in Integration of other applications using CA Site Minder (Access Management) and Identity Management tools along with LDAP and Web-server agents and Site minder federation services.

Environment: Alien Vault, AD Audit Plus, Symantec Endpoint Protection Management, Bluecoat Proxies, Barracuda Web Filter, OWASP ZAP proxy, Source fire IDS / IPS, Nessus Security Centre, Qualys Guard Vulnerability Manager etc.

Confidential, Los Angeles, CA

Cyber/Network Security Engineer

Responsibilities:

• Working on Develops in collaboration with DevOps engineers to address and eliminate security vulnerabilities during development. Responsible for cloud security, and provide support to infrastructure users.
• Using Fore scout .exe file, which connects to the Counteract platform via an SSL connection, making it possible for the agent on remote machines to link in through a corporate firewall.
• Experience in analyzing the logs and Trouble Shooting issues in Integration of other applications using CA Site Minder (Access Management) and Identity Management tools along with LDAP and Web-server agents and Site minder federation services.
• Reviewed and validate the privileged users and groups at Active Directory, Databases and application on a periodic basis.
• Experience in SAST, DAST tools to find security vulnerabilities and weaknesses in a running application, typically web apps.
• Updating information about advanced threats, zero-day vulnerabilities, and new regulatory compliance data with the help of Tenable.sc
• Working on Tenable.sc helps you improve and maintain your cybersecurity program and visibility across your entire environment, including cloud, virtualized and mobile environments.
• Experience on (WAF) protects web applications from a variety of application layer attacks such as cross-site scripting (XSS), SQL injection, and cookie poisoning, among others
• Effectively communicate with Business Operations and other functional areas on web application vulnerabilities. Experience in planning, installing, configuration, and administering IBM Security Identity Manager 7.0.1. Support, performance tuning and troubleshooting ISIM 7. Configure and manage ISIM 7 security e.g. configuration of single sign-on, secure communication with supported middleware etc.

Confidential, FL

CyberSecurity Engineer

Responsibilities:

• Responsible for performing application penetration testing on web, thick client, and other types of applications to identify significant vulnerabilities that threaten the confidentiality, integrity, and availability of customer systems.
• Working on XDR collects and automatically correlates data across multiple security layers - email, endpoint, server, cloud workloads, and network.
• Hands on experience on (WAF) protecting web applications from a variety of application layer attacks such as cross-site scripting (XSS), SQL injection, and cookie poisoning, among others.
• Worked on SIEM, as well as solar winds, Symantec end to end pointsecurityfor malware detection and threat analysis.
• Experience with national, international, and/or sectoral cloudsecurityassurance/compliance regimes and frameworks such as Federal Risk and Authorization Management Program (Fed RAMP), Federal
• Responsible for performing application penetration testing on web, thick client, and other types of applications to identify significant vulnerabilities that threaten the confidentiality, integrity, and availability of customer systems.
• Implementation and configuration of the network infrastructure in Business environment.

Confidential, Dallas, TX

Network Security Engineer

Responsibilities:

• Make needed changes to Security Architecture. Implement Firewall policies.
• Maintain and monitor Network Intrusion Detection and Prevention systems.
• Security hardening for Operating Systems, including UNIX, Linux, Solaris, Microsoft Server.
• Collaborates with other team members as necessary to ensure customer service levels are met.
• Execute defined Enterprise System strategies to support corporate initiatives.
• Other Functions: Secure Email inbound/outbound filtering - Tumbleweed. Internet Content Filtering Websense.