SUMMARY

• Incident Management | Secure Configuration on Management | Cyber Security Management Strategic Planning and Implementation | Regulatory Compliance | Threat and Vulnerability Management | Risk Management |Security Architecture| Project Management | Design Process Improvement | Change Management | Software Development Life Cycle Management Deployments and Migrations | Security Implementation Administration |Web Penetration Testing |
• A multifaceted professional, Experience and skills in threat and vulnerability management, information security analysis, information security architecture, information security policy design, risk assessment, security incident response, and security solution implementation and administration.
• Information Security Officer (ISO) - experience in Governance, Risk, Compliance & Audit - ISO 27001, PCI, HIPAA, McAfee, SOX etc. Information Security & Network security functions.
• Skilled at designing and implementing cyber security solutions for global petroleum, government and financial organizations that consistently reduce security costs while elevating the security status of the environment.
• Accomplished history wif working wif various private business and IT organizations to facilitate security architecture in order to further enhance the security stance of the company.
• Adept at security policies, developing solutions, assessing environments, and interpreting standards that constantly pass the security and regulatory audits.
• Successful in initiating six separate security programs which passed all third-party audits and all established laws and regulations.
• Comprehensive background in developing and implementing strategic technology and security road maps aligned wif the needs of the business to deliver exceptional security and privacy solutions.
• Knowledgeable of penetration testing, vulnerability assessment, threat hunting, and security program development.
• Expert in Implementing & managing Symantec tools like Data Loss Prevention (DLP) and Secure Web Gateway (ProxySG).
• Experience wif convert Checkpoint VPN rules over to the Cisco ASA solution. Migration wif both Checkpoint and Cisco ASA VPN experience.
• Deliver niche technology projects such as DLP and forensics to catch and prevent fraud, manage overall operational aspect of DLP.
• Maintaining critical monitoring systems (Splunk - log management systems) measuring system errors logs performance and availability. Evaluation of log management solution Splunk plus open source Linux storage systems.
• Subject matter expert (SME) for DLP, Firewall, VPN, Archer, Vulnerability Management solutions, IDS/IPS/WIPS, SIEM and Endpoint Security.
• Expert at implementing network security, SIEM tools, new concepts, identity management, new security technologies, securing cloud architecture, and new security controls as well as in developing innovative security controls and processes that meet business and executive requirements in order to protect information.

TECHNICAL SKILLS

Security Solutions: Nexpose | Metasploit | NitroSIEM/McAfee ESM | Fireeye | Nessus | Splunk | Websense | | Arcsight | Cyberark | Cisco Umbrella |Open DNS| Cisco Firepower | RSA Envision Encase |RSA Net witness | Beyond Trust | Logrythm |Alert Logic |Cylance | Prism | Sourcefire or FirePower IPS | Cisco Ironport | Barracuda Spam Devices | Data Loss Prevention (DLP) | Snort | Various NAC. IDS/IPS, HIDS, and SIEM solutions

Others: ICS | SCADA | Cisco network devices | SASS | Microsoft Windows | UNIX and Linux | SQL | Oracle | IIS | Apache | Python | NMap | ZMap |Masscan | Qualys | P KI Infrastructure and digital certificates | AWS | Azure | Bit 9 | Backtrack/Kali | McAfee | Symantec | Kaspersky | Java

Protocols: TCP/IP | UDP | HTTP | HTTPS | SSL | FTP | TFTP | Telnet | SNMP | ICMP | SSH | DNS | DHCP LDAP | WINS | NAT | SMTP | POP | IPSec | IMAP | SSL/IPSEC VPN | DNSSEC | iSCSI | PAT | NetBIOS | BACnet

PROFESSIONAL EXPERIENCE

Confidential, Dallas TX

Sr. Cyber security Analyst

Responsibilities:

• Migration of the rule base from ASA to Checkpoint Firewalls wif Algosec Firewall Analyzer.
• Experience skills in implementing Java, Java script, Node.js.
• Blacklist/whitelist malicious email addresses/domains
• Execute on appropriate mitigation strategies for identified threats.
• Perform penetration testing for internal network and follow-up end to end wif security vendor for the web application PT and make sure that vulnerabilities are addressed.
• Managing all client systems from endpoint perspective using McAfee ePO tool which includes managing Agent, VSE, pushing client tasks.
• Configuring rules and maintaining Palo Alto firewalls & analysis of firewall logs using various tools.
• Responsible for security risk analysis process which includes identification, assessment, evolution, control monitoring and testing.
• Experience converting Palo Alto VPN rules over to the CISCO ASA
• Implemented vulnerability management (VM) processes and Nexpose Rapid 7, BurpeSuite and security solutions.
• Symantec DLP and RSA DLP architecture and implementation for enterprise level companies.
• Performed Symantec DLP environments management and support configuration as well as data security environments used in testing and configuring client sites prior to installation.
• Expertise in writing Splunk searches, Splunk Infrastructure and Development expert well-versed wif Splunk architecture and design
• Experience converting Palo Alto VPN rules over to the CISCO ASA solution. Migration wif both Checkpoint and CISCO ASA VPN experience
• Administrating Carbon Black to do host based monitoring.
• Created script in Python for calling REST APIs.
• Involved in representation of the system in hierarchy form by defining the components, subcomponents using Python and developed set of library functions over the system based on the user needs.
• Symantec DLP and RSA DLP architecture and implementation for enterprise level companies.
• Monitored Security Management Console for Security Operation Centre (SOC) for ensuring confidentiality, Integrity and Availability of Information systems.
• Experience wif Risk assessment using Industry standards like NIST Rev5, HIPPA, PCI/DSS and develop Security policy as per these standards. projects that installed, deployed and/or maintained multiple security solutions for security tools such as Nexpose Rapid 7, Comodo, Qualys, threat stop
• Used HTML, CSS, JavaScript wif security Tool.
• Prepared system plans and executed Arc Sight architecture modifications.

Confidential, Les Vegas, NV

Senior Cyber Security Engineer

Responsibilities:

• Review and ensure compliance wif customer security policies and requirements
• Conduct vulnerability and generic security scans of both systems and networks to identify and mitigate security vulnerabilities
• Analyze and mitigate network-related risks
• Review new and existing system designs for compliance wif security standards and best practices
• Conduct vulnerability assessments on new and existing systems
• Lead system and application architects through security acceptance testing
• Develop plans for vulnerability mitigation
• Document and communicate security policy to enterprise organizations
• Develop mitigation plans and security implications for vulnerabilities
• Provide architectural and technical guidance and recommendations for securing systems and networks
• Implement securing and hardening recommendations
• Produce threat reports
• Provide information security expertise and consulting
• Implement an information security framework
• Gain organizational commitment for security plans
• Plan, design, and implement security-related technologies
• Ensure new and existing products conform to information security policies, standards, and best practice

Confidential, Les Vegas

Senior Security Engineer

Responsibilities:

• Experience converting Palo Alto VPN rules over to the CISCO ASA solution. Migration wif both Checkpoint and CISCO ASA VPN experience
• Static Code analysis using Val grind, Flaw finder and manually checking the code flow
• Monitor Carbon Black Manufacturing Equipment’s like Rotary dryer, Reactor, Mixer Pelletizers, Bucket Elevators.
• Monitor the performance of Splunk via the Splunk Monitoring Console.
• Black endpoint security platform detecting malicious behavior and prevents malicious files, Anti-Malware Defense Experience wif Carbon.
• Implementation of Energy Management program and Origination of Carbon offsets for Moores Industrial Calgary
• Configure and administer security rules and policies to either permit or deny user traffic based on company's security policies on checkpoint and Palo Alto firewall.
• Expertise in writing Splunk searches, Splunk Infrastructure and Development expert well-versed wif Splunk architecture and design
• Design and developed various Business Application using both Key light and Archer eGRC platform.
• Integrate vulnerability standard TEMPPrincipals like CVE, OWASP in to organization security policy.

Confidential, Atlanta GA

Cyber Security Engineer

Responsibilities:

• Developed Cyber Security Standards on NIST Frameworks and insured their proper implementation to reduce the risk of vulnerability to IT assets.
• Monitoring and remediating daily security alerts generated by end users wif the tools like Intel/McAfee SIEM, Force Points Websense, and Intel/McAfee EPO and also responsible for effectiveness of tools and scans, as well as assessing and tracking risk of exposure.
• Deploy and support information security systems and solutions such as key management, IPS/IDS, SIEM, MDM, NAC, APT detection, and endpoint management for remote user.
• Utilized Security Information and Event Management (SIEM), Intrusion Detection & Prevention (IDS / IPS), Data Leakage Prevention (DLP), forensics, sniffers and malware analysis tools.
• Implemented multiple tools including Symantec DLP, and QRadar SIEM.
• Developed approaches for industry-specific threat analyses, application-specific penetration tests and the generation of vulnerability reports.
• Utilize McAfee EPO and Microsoft SCCM for endpoint management.
• Developed detailed remediation reports and recommendations for compliance and security improvements across industries based on changing threats.
• Evaluated firewall change requests and assess organizational risk.

Environment: Linux, White Hat Security Source, Nessus, Wireshark, Sql Map, Nmap, Metasploit, AWS Cloud Watch and Stack Driver

Confidential, Los Angeles, CA

Information Security Engineer

Responsibilities:

• Installation, configuration and administration of Asterisk based VOIP Telephony
• Troubleshoot and resolve computer/network issues by providing both on-site and remote support.
• Maintaining software applications, operating systems Win2K, Win XP, Win2007, and Linux.
• Responding to inquiries from staff, administrators, service providers, site personnel and outside vendors and etc. to provide technical assistance and support.
• Supervising administration of systems and servers to ensure availability of services to authorized users.
• User administration, setup, maintaining system and verifying peripherals are working properly.
• Quickly arrange repair in occasion of hardware failure and Monitor system performance
• Install software & create a backup and recovery policy & Updating Antivirus and its Patches.
• Administering multi-Server windows LAN, WAN.

Confidential, Los Angeles, CA

Security Analyst

Responsibilities:

• Reviewed the requirements for privileged access on an everyday basis and provide recommendations
• Reviewed and validate the privileged users and groups at Active Directory, Databases and application on a periodic basis
• Documented information security guidance in step by step operational procedures
• Performed static code reviews wif the help of automation tools
• Performed a threat analysis on the new requirements and features
• Burp Suite, DirBuster, Hp Fortify, NMap tools were used as part of the penetration testing, on daily basis to complete the assessments
• Established and improved the processes for privileged user access request
• Reviewed firewall rules and policies in web proxy
• Highlighted the user access and privileged user access risks to the organization and providing the remediation plan

Environment: MS SQL, MySQL, Web scarab, HTML, Kali Linux, OWSP, DirBuster, NMAP, IBM AppScan, BurpeSuite, HP Fortify, Windows XP, PHP