SUMMARY:

• Professional with 8 years of extensive experience in the areas of Risk Analysis, SIEM, Endpoint Security, DLP, Network Security, Email Security, Web Gateway, Vulnerability Assessment, Pen testing, Windows Server, Domain technology, Antivirus servers, etc.
• Expertise inCybersecurity& Information Assurance with deep Knowledge of Identity and Access Managementsecurity, Sail point Identity IQ, Access Control issues related tocybersystems and networks, AWS Cloud, Penetration testing methodology, malware detection techniques, recommended information assurance policies and standards.
• Expert in Vulnerability Assessment using Qualys, Nessus and Nexpose tools to evaluate attack vectors, identify system vulnerabilities and develop remediation plans andsecurityprocedures.
• Assisted in integrating regulatory compliance requirements (e.g., PCI, NIST) into the organizationalsecurityroadmap.
• Hands on experience on Forcepoint and Knowledge of distributed Splunk installation with Forwarders, Clusters, and Search head cluster.
• Possess a well - balanced understanding of business relationships, business requirements, and technical solutions with ability to work collaboratively with business analysts, software testers, developers,
• Hands on experience for development, implementation, and administration of informationsecuritypolicies, standards, and procedures, adhering to industry best practices for clients.
• Assisted in ensuring dat the corporate IT environment is secure and complies with all external audit requirements and federal standards
• Designed and facilitated new cloudsecurityarchitecture at Bluemix datacenters for the ECMoC product offering using Vyatta 5400/5600, Juniper vSRX, Fortinet/Fortigate series firewalls.
• Efficient and Expert in EIGRP, OSPF, with noledge on MPLS, BGP (including configuration and troubleshooting)
• Expertise in Gathering and analyzing metrics, key risk indicators and maintain scorecards defined within the area of informationsecurityto ensure our informationsecurityprogram is performing effectively and efficiently.
• Experience in vulnerability scanning g with relevant tools e.g., Nessus, HPE Fortify for SCA (Static Code Analysis) and WebInspect, and Rapid 7 Nexpose.
• Assist in the deployment and configuration of new tools and capabilities such as Nessus, Splunk, Symantec and McAfee DLP.
• Experience configuring and deploying modules and products like McAfee ePO, McAfee VSE, Cloud, McAfee HIPS, McAfee Endpoint Encryption, McAfee Network DLP, McAfee DLP Endpoint, McAfee SIEM.
• Experience in managing Network infrastructuresecurityusing HPE ArcSight ESM/ Splunk for monitoring and classifying and responding to incidents and threats.
• Supported the informationsecurityaudit and third-party assessment initiatives during planning, execution, and remediation phases, as well as coordinating and tracking remediation activities.
• Liaison between the audit/assessment teams and InformationSecuritymanagement.
• Familiar with threats and vulnerabilities, latest trends and risks and be able to understand the technical remediation action steps or plans and communicate them effectively to teams within the organization
• Experience with SOC and 24/7 operations.
• Acunetix, Microsoft Project, Tripwire/IP360, Tenable, Project Libre, Visio, Pac2000, SharePoint, Peoplesoft& Nexus, Continuous monitoring, GIS Ware, cloudera, Hadoop, Apache, Miscrosoft application, endpoint, Security API’s, shodan API + Nmap and others.
• Extensively worked on coding using core java concepts like multithreading, collections, serialization, Synchronization, exception handling, generics, network APIs and database connections.
• Defined and oversawsecurityhardening standards for client's IT Infrastructure
• Coordinated with systems and network engineers to ensure servers and network devices conform tosecuritystandards, and datsecuritydevices and controls are working as designed
• Experience with industry recognized SIEM (SecurityInformation and Event Management) solutions such as IBM QRadar, Splunk, and LogRhythm.
• Implemented SQL Alchemy which is a python library for complete access over SQL.
• Excellent understanding of computing environments Linux: RHEL-7/DEB-KALI, Windows 7/10, Server 2012/2016 and Unix Operating systems.
• Experience using persistence framework like Hibernate/JPA for mapping Java classes with database and using Hibernate Query Language (HQL).
• Perform Risk Assessment, Gap analysis & create Risk Mitigation plan.
• Highly capable of working in Endpoint Security, E-mail Security and Web Gateway
• Extensive noledge of security vulnerabilities, solutions, network security and risks in IT.
• Experience in vulnerability assessment and penetration testing using various tools like Burp Suite, OWASP ZAP proxy, NMap, Nessus, Nexpose, IBM AppScan enterprise, Kali Linux, Metasploit.

TECHNICAL SKILLS:

Networking: Packet Analysis (tcpdump, Wireshark), IDS (Bro, Snort), Splunk, Firewall, IDS/IPS, Access Control

Systems Administration: Active Directory, DNS, FTP, SSH, DHCP, SMB, HTTP, Virtualization (ESX)

Vulnerability Assessment: Nmap, Nessus, Ettercap, Metasploit, Honeypots (honeyD, inetSim), BurpSuite, Nexpose, Acunetix, IBM App Scan, HP Web Inspect

End PointSecurity: McAfee Suits (VSE, HIPS & HDLP), McAfee MOVE AV, Symantec McAfee EmailSecurityGateways GUI & CLI, McAfee Network Data Loss Prevention, McAfee NITRO SIEMSecurityInformation and Event Management.

Platforms/Applications: Continuous Monitoring Vulnerability Management, Web Application Scanning, ThreatProtect, Policy Compliance, Cloud Agents, Asset Management, Governance, Risk Management and Compliance, Solarwinds, Nexpose, Rapid7 Event Management RSA Archer, Blue Coat Proxy, IBM QRadar, NTTSecurity, LogRhythm, PenTest Tools Metasploit, Burpsuit, NMAP, Wireshark and Kali

Standards & Framework: OWASP, OSSTMM, PCI DSS

SecuritySoftware: Nessus, Ethereal, NMap, Metasploit, Snort, RSA Autantication, PIA

Programming Languages: C, C++, Java, Python, JavaScript, Linux, PowerShell

Networking: LAN, WAN, Wi-Fi, DNS, WINS, DHCP, TCP/IP, ISCSI, Firewalls/IPS/IDS

Protocols: TCP/IP, L2TP, PPTP, IPSEC, IKE, SSL, SSH, UDP, DHCP, DNS, NetBIOS, SNMP, TLS etc.

Domain Knowledge: Risk Management, BCP/DRP, ISO 27001, COBIT, Vulnerability SWOT analysis, Cryptography, Incident Response, Penetration Test, Risk Assessment, SCADASecurity, SCADA Audits, SIEM, NIST, FIPS

PROFESSIONAL EXPERIENCE:

Confidential

Sr. Cyber Security Engineer

Responsibilities:

• Interface with users, technicians, engineers, vendors and other Technical Maintenance personnel to install, update and debug automated systems.
• Ensure products and systems comply with cyber security standards and practices. Develop test routines and monitoring solutions. Penetration testing using Nmap and Wireshark.
• Provide day to day support of servers, workstations, network and other equipment. Document support procedures specific to systems to be utilized by the Technical Maintenance and Engineering departments.
• Plan, execute and oversee remediation activities for valid vulnerabilities which are identified using Application Scanning tools. Experience with application scanning to identify security vulnerabilities in the web application and architectural weaknesses.
• Effectively communicate with Business Operations and other functional areas on web application vulnerabilities. Experience in planning, installing, configuration, and administering IBM Security Identity Manager 7.0.1. Support, performance tuning and troubleshooting ISIM 7. Configure and manage ISIM 7 security e.g. configuration of single sign-on, secure communication with supported middleware etc.
• Hands-on technical experience with testing of web applications in Java or .NET, Experience with audits, e.g. A-123, SOC 1/2, FISCAM. Radius and Kerberos Server experience. API testing using Postman.
• Experience using DAST tools to detect potential vulnerabilities such as HP Webinspect, SolarWinds, Zap, Burp, Tenable, Splunk, Alertlogic, Symantec Endpoint Protection, Zscaler, McAfee security, Portswigger, Fiddler, Wireshark, Nmap, JIRA, Sonatype, Coverity. Experience in Palo Alto Networks and Firewall (PA-5000, PA-3000, PA-500) series, PA IPSec VPN Tunnel.
• Experience with Red hat Linux Server, macOS Server, Microsoft Windows Server, MS Active Directory, Azure AD, Configureand manage AWS/Azure Cloud Infrastructure, Virtualization (VMware NSX, Hyper-V). Extensive experience hands-on Azure IaaS / PaaS. Experience designing and building Azure solutions. PowerShell experience as it relates to Azure, AD, and Office 365.
• Deploy, manage and effectively maintain security systems and their corresponding or associated software, including firewalls, checkpoint firewall, squid firewall, blue coat proxy and routers, IDS, IPS, cryptography systems, Encryption (RSA, AES), Tokenization (OpenNMT), and anti-virus software. Experience in Python, PowerShell and JavaScript programming language.
• Audit and adjust permissions, access-lists, file shares, and any other access control mechanism in place. Troubleshoot and document network security incidents. Produce and present security reports for management. Monitor and analyze network security data.
• Experience setting up Firewalls, using NAV tools, Vulnerability Management platforms, Security Analytics platforms, Penetration Testing frameworks (Metasploit or Resolve).
• Advanced noledge of Cisco wireless LAN controllers, Cisco access points, Cisco ISE, Cisco routers (Cisco 1921, Rv320, Rv215w, Rv042, Rv042G), Cisco L2/L3 switches, Cisco Prime, Generic Routing Encapsulation, load balancing (F5 BIG-IP Local Traffic Manager, Cisco Load Balancer, Citrix, Azure load balancer), QOS, PBR, WCCP, VPN, NAT, VoIP, IPSec, Multicast, DNS services, MPLS networks, LAN, WAN, Juniper Networks Firewall (Juniper EX series EX2300, EX4300, EX3400, QFX T, QFX, SRX series, Cisco ASA firewalls/Router (5508-x with firepower, 5516, 5585, 5545, 5555), Cisco Meraki MX100 Firewall, and network and routing protocols (Ethernet, TCP/IP, SNMP, VLAN Trunking, BGP, OSPF, ISIS, EBGP,IBGP,RIP).
• Experience utilizing Wi-Fi analyzers, Wi-Fi survey software tools (i.e. AirMagnet, Ekahau, etc.) and test equipment. Experience working across the full stack of enterprise security tools to include everything from the physical layer to the application layer. Cisco Nexus series 5k, 7k, 9k switches, Cisco Catalyst Switches (2960, 3560, 6500), Cisco 300/200 series.
• Ability to lead the design of network security infrastructure and the integration of new requirements into existing architectures. Experience leading compliance assessments of relevant cybersecurity frameworks.
• Remain informed on trends and issues in the security industry, including current and emerging technologies and policies.

Confidential, NYC, NY

Sr. Cyber Security Analyst

Responsibilities:

• Analyze, troubleshoot, and investigate security-related, information systems' anomalies based on security platform reporting, network traffic, log files, host-based and automated security alerts
• Monitor and analyze output and performance of network and host-based security platforms including: Vulnerability scanning systems and tools, Network-based Intrusion Detection/Prevention Systems (IDS/IPS), Host-based Intrusion Detection/Prevention Systems (HIDS/HIPS), File integrity verification and monitoring software (FIM), Security Information & Event Management (SIEM) platform, Data Loss Prevention (DLP), Log Indexing and Correlation tools, Anti-virus and anti-spyware logs and events, Web proxy and filtering systems
• Execute routine and ad-hoc vulnerability scans and other tests to verify system security settings and configurations
• Execute, organize and distribute reoccurring and ah-hoc reports for network and host-based security solutions
• Proficient in understanding application level vulnerabilities like XSS, SQL Injection, CSRF, autantication bypass, weak cryptography, autantication flaws etc.
• Assist in maintenance of relevant system and process documentation
• Establish and maintain a strong working relationship with all team members
• Acquainted with various approaches to Grey & Black box security testing
• Generate and present reports on Security Vulnerabilities to both internal and external customers.
• Manual and Dynamic penetration testing of web applications using Burp Suite and AppScan
• Configuration of the IBM AppScan tool to meet individual scanning requirements
• Security assessment of online applications to identify the vulnerabilities in different categories like Input and data Validation, Autantication, Authorization, Auditing & logging
• Vulnerability Assessment of various web applications used in the organization using Paros Proxy, Burp Suite and HP Web Inspect.

Modules / Tools Used: Alien Vault, AD Audit Plus, Symantec Endpoint Protection Management, Bluecoat Proxies, Barracuda Web Filter, Sourcefire IDS / IPS, Nessus Security Centre, QualysGuard Vulnerability Manager, Digicert, Manage Engine Firewall Analyzer, Web scarab, Kali Linux, OWASP, DirBuster, NMAP, IBM AppScan, BirpSuite etc.

Confidential

Cyber Security Engineer

Responsibilities:

• Experience with many of the following technologies/roles: Privileged Account Management, Two-Factor Autantication, Web filtering, Web Application Firewalls, Virtualized computing environments, Encryption-at-rest and encryption-in-transit, Vulnerability Management.
• Installation and configuration of networks and network devices such as web application firewalls, network firewalls, switches, checkpoint firewall, squid firewall, blue coat proxy and routers.
• Network Security configuration, audit, and management of Windows servers. Installation, configuration, audit, and management of security tools.
• Security configuration, audit, and management of applications and databases. Leading security incident investigations, including basic forensic analysis and reporting. Deploying, automating, maintaining and managing AWS cloud based production system, to ensure the availability, performance, scalability and security of productions systems.
• Maintenance and monitoring of network and host intrusion detection and prevention technologies. Implementing security controls. Experience with using a broad range of AWS technologies (e.g. EC2, RDS, ELB, EBD, S3, VPC, Glacier, IAM, CloudWatch, KMS) to develop and maintain an Amazon AWS based cloud solution, with an emphasis on best practice cloud security.
• Implemented physical and procedural safeguards for information resources within the facility. Communicate effectively with senior management, peers, staff, and customers both inside and outside the corporation.
• Administered access to information resources and makes provisions for timely detection, reporting, and analysis of actual and attempted unauthorized access to information resources.
• Proposed and assisted with the acquisition of security hardware/software. Develops and maintains access control rules. Experience with VOIP systems.
• Maintains user lists, passwords, encryption keys, and other autantication and security-related information and databases.
• Experience using DAST tools to detect potential vulnerabilities such as HP Webinspect, SolarWinds, Zap, Burp, Tenable, Splunk, Alertlogic, Symantec Endpoint Protection, Zscaler, McAfee security, Portswigger, Fiddler, Wireshark, Nmap, JIRA, Sonatype, Coverity. Experience in Palo Alto Networks and Firewall. Experience in maintaining local and remote networks.
• Lead the design, implementation, and migration of enterprise infrastructure and application services to software defined networks. Experience in Palo alto networks and firewall. Configure and manage AWS/Azure cloud infrastructure.
• Develops and leads procedure for testing disaster recovery plan. Provides halp-desk-style assistance.
• Administered MS Windows Server, Red Hat Linux Server, and Network/Security Administration.
• Advanced noledge of Cisco wireless LAN controllers, Cisco access points, Cisco ISE, Cisco routers, Cisco L2/L3 switches, Cisco Prime, Generic Routing Encapsulation, load balancing (F5 BIG-IP Local Traffic Manager, Cisco Load Balancer, Citrix, Azure load balancer), QOS, PBR, WCCP, VPN, NAT, VoIP, IPSec, Multicast, DNS services, MPLS networks, LAN, WAN, Juniper Networks Firewall, Cisco ASA firewalls and network and routing protocols (Ethernet, TCP/IP, SNMP, VLAN Trunking, BGP, OSPF, ISIS, EBGP,IBGP,RIP).
• Excellent written and verbal communication skills. Ability to create, update and maintain technical documentation. Ability to work independently. Experience with ServiceNow.
• Provided guidance and policy regarding the administration of all computer security systems and their corresponding or associated software, including endpoint security, intrusion detection systems, and application whitelisting.
• Participated in strategic security relationships between internal resources and external entities, including government, customers, vendors, and partner organizations.
• Experience with using a broad range of AWS technologies (e.g. EC2, RDS, ELB, EBD, S3, VPC, Glacier, IAM, CloudWatch, KMS) to develop and maintain an Amazon AWS based cloud solution, with an emphasis on best practice cloud security. Extensive experience hands-on Azure IaaS / PaaS. Experience designing and building Azure solutions. PowerShell experience as it relates to Azure, AD, and Office 365.

Confidential, Newark, DE

Security Analyst

Responsibilities:

• Performed grey box testing of the web applications
• Executed and crafted different payloads to attack the system for finding vulnerabilities with respect to input validation, authorization checks, and more.
• Reviewed and Validate the User Access Compliance on a quarterly basis.
• Reviewed the requirements for privileged access on an everyday basis and provide recommendations.
• Reviewed and validate the privileged users and groups at Active Directory, Databases and application on a periodic basis.
• Documented information security guidance in step by step operational procedures.
• Performed static code reviews with the halp of automation tools.
• Performed a threat analysis on the new requirements and features.
• Burp Suite, DirBuster, Hp Fortify, NMap tools were used as part of the penetration testing, on daily basis to complete the assessments.
• Established and improved the processes for privileged user access request.
• Reviewed firewall rules and policies in web proxy.
• Highlighted the user access and privileged user access risks to the organization and providing the remediation plan.

Modules / Tools Used: MS SQL, MySQL, Web scarab, HTML, Kali Linux, OWSP, DirBuster, NMAP, IBM AppScan, BirpSuite, HP Fortify, Windows XP, PHP