SUMMARY

• 8+ years of Information Security, design and development experience in information security architecture, cloud security, cryptography, security assurance, threat modeling, IT risk assessments, SSO, and risk remediation activities.
• Working knowledge of OWASP Top 10 and SANS Top 25 software guidelines, Federal Financial Institutions Examination Council's (FFIEC) regulations, including Payment Card Industry (PCI - DSS), HIPAA and Sarbanes-Oxley Section404 (SOX).
• Working knowledge of API Security (Apigee, SoapUI Pro), Terraform, Kubernetes, Imperva WAF, AWS Cloud Security, Container Security (Aqua, Twistlock).
• Experience in implementing Security Incident and Event Management System (SIEM) using HP ArcSight, Splunk Enterprise Security.
• Hands-on with Penetration Testing, DAST, SAST, IAST and manual ethical hacking.
• Experience in conducting IT Security Risk Assessments in accordance to NIST and FFIEC framework
• In-depth knowledge of penetration testing for web and mobile (iOS and Android) applications.
• Expertise in Application Security and identifying and fixing OWASP Top 10 and SANS 25 security vulnerabilities.
• Experience evaluating, responding and mitigating alerts originating from SIEM and the cyber security product suit.
• Automate the threat intelligence and vulnerability management process to improve operation efficiency
• Strong foundation and In-depth technical knowledge of security engineering, computer and network security, authentication and security protocols.
• Experience in conducting IT Security Risk Assessments in accordance to NIST and FFIEC.
• An efficient team player in challenging and creative environment with excellent capacity to adapt new technologies and skills.
• Possess strong technical aptitude with strong analytical, work ethic, problem solving and communication skills.
• Proficiency with scripting languages such as Python, Perl, JavaScript and Power Shell.

TECHNICAL SKILLS

Security Tools: AppDetect, AppRador, Oracle Identity Manager, Oracle Access Manager, Hijack, Metasploit Pro, ZED attack proxy, SQLMAP, Wireshark, WebScarab, Paros, Nmap, BMC BladeLogic, Nessus, Rapid7 Nexpose, Tripwire, Symantec DLP, DBProtect, ArcSight SIEM, e-DMZ Password Auto DBProtect, ArcSight SIEM, e-DMZ Password AutoRepository (PAR), Varonis, Amazon Web Services (AWS) Cloud security.

Port/Vulnerability Scanning: Nmap/Nmap Scripting

Networking: SymantecDLP, Checkpoint, PaloEngine (NSE), Netcat, Nessus, Openvas Alto, Check Point, Cisco, IDS/IPS, Anti-virus, BMCPassword

Cracking: Hydra, Rainbow Crack, Blade Logic, Remedy. 0phcrack, John the Ripper, Pyrit.

Cloud Security: Amazon Web Services (AWS) and MS Azure, Cloud Security Alliance (CSA), Cloud Security Access Broker (CASB), Aqua, Twistlock.

DAST and SAST tools: IBM AppScan, checkmark, veracode, Enterprise Scripting

Languages: AngularJS, XML, XSLT, XPath, (ASE), Standard & Source editions, HP WebInspect, XQuery, HTML/JavaScript/JQuery, QualysGuard, BurpSuite Pro, Acunetix, Fortify SCA,AJAX.

Middleware: TIBCO EMS, IBM WebSphere SQLMAPMQ, JMS

Databases: Oracle, MS SQL Server, Sybase.

Operating Systems: Oracle Solaris UNIX, RedHat

Application Servers: WebLogic Server, iPlanet, LINUX 4/5, Windows Server2003/2008. Netscape Application Server and MicrosoftIIS

Java & J2EE Technology: Spring Framework, EJBs

DevSecOps: AWS CodePipeline, CI/CD, Jenkins, GitHub, IBM AppScan automation, Terraform, Kubernetes.

Middleware: TIBCO EMS, IBM WebSphere MQ, JMS.

Databases: Oracle, MS SQL Server, Sybase.

Languages: Golang, Java, Python, C/C++, C#.NET, Perl, Struts2, Servlets, JavaServerPages (JSPs), JMS, JavaUML. Mail API, JNDI, LDAP, JDBC, JTS, RMI, AWT, Swing, Socket Programming, IONA Orbix CORBA.

PROFESSIONAL EXPERIENCE

Confidential - Chicago, IL

Sr.Security Engineer

Responsibilities:

• In-depth API Security testing of RESTful and SOAP services using Apigee and Smartbear SoapUI Pro.
• Performed Web ApplicationSecurity /Penetration Testing in accordance with OWASP guidelines.
• Implemented Multifactor Authentication (MFA) for AWS root accounts, including password rotation policies. Set up Access Keys and Secret Assess Keys for newly created users.
• Develop security requirements for applications and infrastructure deployed in the Cloud. Ensured that Cloud security best practices have been followed.
• Configured AWS Simple Storage Service (S3) to securely store the organization’s critical file systems.
• Implemented Access Control Lists (ACLs) and Bucket Policies for controlling access to the data.
• Built, configured and deployed infrastructure to the cloud using Terraform. Utilized Aqua and
• Twist lock for verifying Container security.
• Implemented Security Group Policies for Elastic Compute Cloud (EC2), Simple Storage Service (S3), Docker Containers, ECS, ECRs within AWS. Developed AWS Service Roles to protect Identity Provider access.
• Participated in the implementation of Virtual Private Cloud (VPC). Implemented multiple layers of security, including security groups, network access control lists, to control access to Amazon EC2 instances in each subnet.
• Implementation of Cyber Threat Intelligence Platform(CTI).
• Develop approaches for industry-specific threat analysis, application-specific penetration tests and the generation of vulnerability reports
• Participated in the implementation of AWS Cloud security for applications being deployed in the Cloud. Developed WACLS for AWS Web Application Firewalls (WAF) and configured the rules and conditions to detect security vulnerabilities in the Cloud Front
• Participated in the implementation of data tokenization in various environments to ensure compliance to regulations.
• Experienced in different web application security testing tools like Metasploit, Splunk,OWASPZAP Proxy, Nessus, Nmap, Microfocus Fortify.
• Performed security architecture, maintain and monitor existing infrastructure, including Malware analysis, IDS, DLP, Splunk SIEM, APT, vulnerability management, firewalls and NAC.
• Performed static/dynamic code testing, manual code inspection, threat modeling, design reviews and penetration testing of internal web applications and external partner applications to identify vulnerabilitiesand security defects.
• Developed DevSecOpstools for automating various security scanning processes. Utilizing tools such as Jenkins, Python, Docker, PowerShell,BOTO3, and AWS CLI have been used for automation. Developed AWSSecurity Groups to control traffic.
• Participated in the development of IT security risk assessments for enterprise applications. The NISTframework has been utilized for IT risk assessments. This included leading the data discovery meetings, identification of existing controls and validates them against the expected controls. The control gaps or non-compliance to security policies were presented to the stake holders for remediation.
• Detailed knowledge of international regulations and best practices covering ITIL, COBIT, ISO 27000, SOX, PCI, HIPAA, NIST, FedRAMP, FISMA.
• Implemented Multifactor Authentication (MFA) for AWS root accounts, including password rotation policies. Set up Access Keys and Secret Assess Keys for newly created users.
• Developed AWS Security Groups to control traffic to various instances in the Cloud.
• Automated the security scanning process as part of DevSecOps efforts using Jenkins, Maven, Gradle to support CI/CD initiatives.
• Implemented security around Dockers to ensure Containers and the data present in them are secured as part of secureSDLC.
• Performed reverse engineering analysis using IDA Pro, WinDbg for binary files.
• Worked extensively with software development teams to review the source code, triage the security vulnerabilities generated by IBM AppScan, BurpSuite, White Hat Sentinel, HP WebInspect, HP Fortify, Checkmarx,Contrast Security and eliminated false positives.
• Conducted vulnerability assessments using Rapid7 products. Specifically, the tools such as MetaspolitPro,AppSpiderhave been used for identifying security vulnerabilities.
• Implemented Symantec & McAfee DLP product and configured policies for detecting data loss across the organization.
• Triaged security vulnerabilities to eliminate false positives and worked with the developers for remediation.
• Monitored Security Management Console for Security Operation Centre (SOC) for ensuring confidentiality, Integrity and Availability of Information systems.
• Managed quality control within the SOC to ensure that outgoing communications and tracking forms are compliant with SOPs and error free through the random auditing of incident communications.
• Reviewed Azure network security architecture and implemented security controls. Specifically, Azure virtual networks, including on-premise connectivity, traffic filtering, secure communication, point-to-site VPN etc.,
• Implemented Network Security Groups (NSG) to control network traffic to various Azure network resources. Created NSG rules (inbound and outbound) and prioritized the rules based on the requirements. Associated NSGs to VMs, NICs, and subnets based on the deployment model.
• Validated database security for SQL servers deployed in Azure Cloud environment. Implemented Integrated Windows authentication supported by Azure Active Directory.
• Specifically, security testing has been performed to identify XML External Entity (XXE), Cross-Site Scripting, ClickJacking, and SQL Injection related attacks within the code.
• Developed Security requirements for Data Loss Prevention (DLP) specifically for Data at Endpoint, Data In-transit, and Data at rest.
• Reviewed source code (Java/J2EE/Spring/FTL/JavaScript) and developed security filters within IBM AppScanfor critical applications.
• Implemented OAuth2.0, SAML and Single Sign-on (SSO) for AzureAD& Mobile applications for corporate applications.
• Performed security assessments for various types of Operating Systems (O/S) used by the firm. The security audits of RedHat Linux, Unix, SharePoint, Oracle Solaris, SunOne, AD, Ping LDAP Windows (including Active Directory) and IBM AIX were conducted. Several security control enhancements were recommended.
• Conducted security assessments to ensure compliance to firm's security standards (i.e., OWASP Top 10, SANS25).
• Generated executive summary reports showing the security assessments results, recommendations (CWE, CVE) and risk mitigation plans and presented them to the respective business sponsors and senior management.
• Working knowledge of OWASP Top 10 and SANS Top 25 software guidelines, Federal Financial Institutions Examination Council's (FFIEC) regulations, including Payment Card Industry (PCI- DSS), HIPAA and Sarbanes-Oxley Section404 (SOX).
• Conducted monthly developer workshops to educate and train developers on secureSDLC, scan source code using IBM AppScan Source, triage and resolve the security vulnerabilities.
• Participated in the implementation of Virtual Private Cloud (VPC). Implemented multiple layers of security, including security groups, network access control lists, to control access to Amazon EC2 instances in each subnet.
• Working knowledge of AWS Cloud Security in implementing Web Application Firewalls (WAF).

Confidential, Austin TX

Sr. Security Engineer

Responsibilities:

• Expertise in using the DAST tools (Like IBM Appscan and Burpsuite Pro) while the application is running to penetrate the application in various ways to identify potential vulnerabilities outside the code and in third party interfaces.
• Administered Maintained, and Deployed Imperva web application firewall, Checkpoint IPS & VPN systems, and McAfee network-based Data Loss Prevention (DLP) devices.
• Carbon Black Threat Hunter has been utilized to investigate and hunt for abnormal of various processes running on the endpoints. Developed interactive and expandable attack chain pattern for binary and unfiltered data.
• Analyzed security incidents originated from various network/application monitoring devices (e.g., Symantec Vontu DLP) and coordinated with engineering teams for tracking and problem escalation, including remediation.
• Instrumental in architecting, implementing and administrating a Security and Information Event Management (SIEM) solution (QRador) to automate the correlation of I-Series, Windows and network devices.
• Conducting Web Application Vulnerability Assessment & Threat Modeling, Data Gap Analysis, secure code review on the applications.
• Performed the penetration testing of mobile (Android and iOS) applications, specifically, APK reverse engineering, traffic analysis and manipulation, dynamic runtime analysis.
• Developed secureSDLC policies and standards for Web and Mobile apps.
• Working knowledge of SSO implementation for the applications deployed in MS Azure cloud platform.
• Lead subject matter expert (SME) in design and engineering of Cloud Access Security Broker (CASB) solution for box, O365, service now, sales force; this project includes engineering the integration with existing infrastructure such as MDM, SIEM, KMS and DLP. And tokenization of sensitive data.
• Developed, implemented and migrated applications based on NIST Framework.
• Developed information assurance (IA) designs to meet specific operational needs and environmental factors
• Participated in the implementation of AWS Cloud security for applications being deployed in the Cloud.
• Configured AWS Simple Storage Service (S3) to securely store the organization’s critical file systems.
• Implemented Access Control Lists (ACLs) and Bucket Policies for controlling access to the data. .
• Developed WACLS and configured to rules and conditions to detect security vulnerabilities in the Cloud Front.
• Experience with SaaS applications in configuring and deploying to the cloud platform Worked with DevOps teams to automate security scanning into the build process.
• Worked extensively with software development teams to review the source code, triage the security vulnerabilities generated by IBM AppScan, BurpSuite, HP WebInspect, HP Fortify, Checkmarxand eliminated false positives.
• Reviewed Android and iOS mobile source code manually and recommended code fixes.
• Participated in the Proof of Concept (POC) in implementing Arxan application protection software for Mobile apps.
• Performed Root Cause Analysis for the incidents reported at Security Operations Center.
• Performed Security event monitoring of heterogeneous networks such as Firewalls, IDS/IPS, CiscoASA, DLP devices using Splunk.
• Solved many problems on call with my knowledge on the applications using event logs on the system / server and telemetry logs on the server, later started using Splunk for health monitoring, analysis and reporting.

Confidential, PA

Security Analyst

Responsibilities:

• Performed vulnerability testing using tools such as Nessus and Qualysguard.
• Maintains network performance by performing network monitoring and analysis, and performance tuning, troubleshooting network problems.
• Skilled using Burp Suite, Acunetix Automatic Scanner, NMAP, Dirbuster, Qualysguard, Nessus, SQLMap for web application penetration tests and infrastructure testing.
• Performed advanced security testing of F5 load balancers, Websense V10K &BlueCoat Proxies using virtual machines, security tools, and URL generator.
• Assisted with the update and administration of all SOX audit requirements from an IT internal controls perspective.
• Working knowledge of OSSTMM,OWASP Top 10 and SANS Top 25 software guidelines, Federal Financial Institutions Examination Council's (FFIEC) regulations, including Payment Card Industry (PCI-DSS), HIPAA and Sarbanes-Oxley Section404 (SOX).
• Provided with Threat profiling of the application to the Client and prepared combined reports of level of risks, their trend, and frequency to the client
• Conducted white/gray box penetration testing on the financial systems using Kali Linux, Cobalt Strike for OWASP top 10 Vulnerabilities like XSS, SQL Injection, CSRF, Privilege Escalation and all the test-case of a web application security testing
• QRadar licensing updates by adding new license under Admin and System and License Management Ironport URL filtering for known bad URL content Ironport
• Mail analysis and blocking for known bad emails Analysis of pcap files using FireEye and Wireshark
• System audit and analysis using DOD checklist for PA series
• Threat and virus scanning using Malwarebytes from centralized console Enforcement of policies and procedures for users, admins, and management
• Reverse engineering of malware using tools like process hacker and so on Incident response tabletop exercise by documenting and alerting necessary personnel
• Client: Oracle India Java/Developer
• Designed and created DAO using data modeling in the integration layer.
• Exposed all the enterprise services to the clients using SOAP and REST based web services, and tested using SOAPUI.
• Modified WSDL documents for the internal clients and deployed on WSRR.
• Involved in designing the front end applications using web technologies like HTML/HTML 5, XHTML, and CSS/CSS3.
• Designed dynamic and browser compatible pages using HTML5, CSS3, SASS, JavaScript/ES6
• Implemented request and response objects using SOAP web services and JAXB for converting WSDL to java classes.
• Configured all dependencies with spring framework and various stateful and stateless beans in the application.
• Used various spring features to deploy custom properties and static context in the application.
• Exposed Stateless session beans as restful web services using Jersey JAX-RS.
• Created virtual host and configured based on the IP configuration for all enterprise services.
• Used JSON marshaller for marshaling and unmarshalling the JSON Objects and Dom manipulations with various SAX and Dom parsers
• Worked and configured with MKS and RTC versioning tools for keep track of source code.
• Used Jenkins for continuous integration with maven built in to generate the EAR files and sanity4j code quality testing reports.
• Hands-on a service-oriented approach (SOA) using WebLogic for integration.
• Worked on HP portfolio Management software to create the PPM packages and deploy the various environments.
• Updated the WSDL in WSRR for the governance and storing, accessing and managing information.
• Setup meeting to configure and understand the Data power for security, for accessing the application.
• Used Log4j for logging for debugging, warnings, errors etc.
• Created log back file based on time-based triggering policy and application based triggering policy.
• Used HPQC for defect tracking and working on the defects and created Triage process (Microsoft Visio) to track the defects in the application.
• Migrated MKS Source control to RTC and created JENKINS builds for all enterprise services.
• Worked closely with the infrastructure team to create the performance environment for enterprise.

Confidential, PA

Security Analyst

Responsibilities:

• Performed vulnerability testing using tools such as Nessus and Qualysguard.
• Maintains network performance by performing network monitoring and analysis, and performance tuning, troubleshooting network problems.
• Skilled using Burp Suite, Acunetix Automatic Scanner, NMAP, Dirbuster, Qualysguard, Nessus, SQLMap for web application penetration tests and infrastructure testing.
• Performed advanced security testing of F5 load balancers, Websense V10K &BlueCoat Proxies using virtual machines, security tools, and URL generator.
• Assisted with the update and administration of all SOX audit requirements from an IT internal controls perspective.
• Working knowledge of OSSTMM,OWASP Top 10 and SANS Top 25 software guidelines, Federal Financial Institutions Examination Council's (FFIEC) regulations, including Payment Card Industry (PCI-DSS), HIPAA and Sarbanes-Oxley Section404 (SOX).
• Provided with Threat profiling of the application to the Client and prepared combined reports of level of risks, their trend, and frequency to the client
• Conducted white/gray box penetration testing on the financial systems using Kali Linux, Cobalt Strike for OWASP top 10 Vulnerabilities like XSS, SQL Injection, CSRF, Privilege Escalation and all the test-case of a web application security testing
• QRadar licensing updates by adding new license under Admin and System and License Management Ironport URL filtering for known bad URL content Ironport
• Mail analysis and blocking for known bad emails Analysis of pcap files using FireEye and Wireshark
• System audit and analysis using DOD checklist for PA series
• Threat and virus scanning using Malwarebytes from centralized console Enforcement of policies and procedures for users, admins, and management
• Reverse engineering of malware using tools like process hacker and so on Incident response tabletop exercise by documenting and alerting necessary personnel

Confidential

Java/Developer

Responsibilities:

• Designed and created DAO using data modeling in the integration layer.
• Exposed all the enterprise services to the clients using SOAP and REST based web services, and tested using SOAPUI.
• Modified WSDL documents for the internal clients and deployed on WSRR.
• Involved in designing the front end applications using web technologies like HTML/HTML 5, XHTML, and CSS/CSS3.
• Designed dynamic and browser compatible pages using HTML5, CSS3, SASS, JavaScript/ES6
• Implemented request and response objects using SOAP web services and JAXB for converting WSDL to java classes.
• Configured all dependencies with spring framework and various stateful and stateless beans in the application.
• Used various spring features to deploy custom properties and static context in the application.
• Exposed Stateless session beans as restful web services using Jersey JAX-RS.
• Created virtual host and configured based on the IP configuration for all enterprise services.
• Used JSON marshaller for marshaling and unmarshalling the JSON Objects and Dom manipulations with various SAX and Dom parsers
• Worked and configured with MKS and RTC versioning tools for keep track of source code.
• Used Jenkins for continuous integration with maven built in to generate the EAR files and sanity4j code quality testing reports.
• Hands-on a service-oriented approach (SOA) using WebLogic for integration.
• Worked on HP portfolio Management software to create the PPM packages and deploy the various environments.
• Updated the WSDL in WSRR for the governance and storing, accessing and managing information.
• Setup meeting to configure and understand the Data power for security, for accessing the application.
• Used Log4j for logging for debugging, warnings, errors etc.
• Created log back file based on time-based triggering policy and application based triggering policy.
• Used HPQC for defect tracking and working on the defects and created Triage process (Microsoft Visio) to track the defects in the application.
• Migrated MKS Source control to RTC and created JENKINS builds for all enterprise services.
• Worked closely with the infrastructure team to create the performance environment for enterprise