SUMMARY

• Highly accomplished, results - driven IT professional with over 20+ years of progressive experience in IT Management and Information Security.
• A pragmatic leader with extensive proficiency in leading Cyber Security Strategy, Infrastructure Security Architecture, Engineering, Security Monitoring, Security Operations.
• Excellent leadership skills demonstrated by adapting rapidly to changing business needs, and a solid history of successfully achieving desired infrastructure availability and performance targets.

• Threat and Vulnerability Management
• Risk Management
• Security Architecture| Incident Management crisis management
• Cyber Security Management Strategic Planning and Implementation
• Regulatory Compliance
• Project Management
• Design Process Improvement
• Cyber Threat Intelligence
• Software Development Life Cycle Management Deployments and Migrations
• Security Implementation Administration
• Web Penetration Testing
• Leadership| Leadership
• Team building
• Resource development
• Programming - VB .Net
• Team building
• Resource development
• Programming - VB .Net
• Programming - VB .Net
• DBA - Oracle
• MS SQL
• MS Access
• ERP - SAP R/3 Basis
• Microsoft Office products

PROFESSIONAL EXPERIENCE

Cyber security Analyst

Confidential, Albany, NY

Responsibilities:

• Delivered Business Continuity and Disaster Recovery Planning project for Office of Attorney General, New York State has a complex landscape with proprietary systems, customized solutions, highly regulated data and huge VM infrastructure supporting thousands of users across multiple locations, based on NIST SP R1.
• Managed Risk Analysis & Management, Business Impact Analysis, Incident Response Policy, Procedures, DR Policy, Processes, and Procedures.
• Analyzed existing security infrastructure, Firewalls, IDS, IPS, SIEM’s, Physical access controls, Security policy etc
• Designed and developed possible DR solutions based on MTD, RTO’s and RPO’s. Provide budgetary estimate for different solutions including Cloud and Co-Lo.
• Leading a SOC team for cyber incidence and compliance towardsPCIDSS, NIST framework.
• Documenting incident results and reporting details through ticketing system
• Investigate potential or actualsecurityviolations or incidents in an effort to identify issues and areas that require new security measures or policy changes. Conduct proof of concepts for emerging threats and present to management staff recommendations and designs.
• Managing Security tools DLP, SIEM,Vulnerabilityscanner and Penetrations test.
• Conducts vulnerability scans andpenetrationtests to meet PCI requirements.
• Perform penetration testing for internal network and follow-up end to end with security vendor for the web application PT and make sure that vulnerabilities are addressed
• Extensive knowledge of information security principles and practices, understanding of security protocols, standards and defense in depth.
• Pioneered and built a team of 12 consultants providing IT consulting and implementation services.
• Contributed in achieving revenue target of USD 1 Million in the first year of operations.
• Formalized partnership agreement with many industries leading vendors like Redhat, HPE, AWS, Sungard, Unitrends, VMware etc
• Identifying and remediating any threats and vulnerabilities as a Security Monitoring (SOC), Triage and Escalation to T2.
• Assisted Network SME in developing state of art network design for the new location of AG’s office which included assessing the new site, design the network layout addressing the various requirements such as secured network access to all internal users and external user with provision for BYOD, unrestricted and restricted access of wireless connectivity, VoIP accessibility, facilities for conducting and streaming press conferences, provisions for access controls etc.

Confidential

Security Engineer

Responsibilities:

• Support/ownership of application and hardware for Endpoint Protection
• Create and deliver reports to business lines pertaining to endpoint security, compliance, etc.
• Skilled using Burp Suite, IBM APP Scan, Acunetix Automatic Scanner, NMAP, Havij, Dirbuster, Qualysguard, Nessus, SQLMap for web application penetration tests and infrastructure testing.
• Review, update, and publish documentation management procedures
• Provided Arcsight Administration for Arcsight Console. Arcsight Manager Center, Arcsight Logger, Arcsight Connector Appliance as well as Arcsight ESM
• Good understanding of administering and implementing SIEM, DLP, Web sense, Advance malware detection program, vulnerability assessment, and prevention,
• Designing and maintaining production-quality Splunk dashboards.
• Consolidate inventory repositories to a central location and format
• Conduct inventory of network and server hardware
• Create standard installation procedures for new sites and systems
• Update training materials and perform training sessions for small groups of people
• Assist infrastructure management team and infrastructure project manager with project related tasks
• Attend and report status in weekly team meetings

Confidential

Responsibilities:

• Built a startup company providing end to end solutions based on Smartcard Technology.
• Successfully launched and marketed Smartcard based software solutions for the hospitality
• Industry, schools, colleges, hospitals, and townships.
• Achieved revenue targets of 9.0 Million Rupees for the year .

SAP R/3 Basic Consultant

Confidential

Responsibilities:

• Worked as SAP R/3 Basis core team consultant for European operations, instrumental in designing, developing, integrating and maintaining SAP R/3 Systems.
• As SAP R/3 Basis consultant maintained all the systems (DEV/TEST/QAS/PRD) with an uptime of above 98% as per the SLA
• Planned and implemented support patches, upgrades for R/3 systems and Oracle Databases.
• Optimized system performance levels by fine-tuning related parameters at the application layer and the DB layer.
• Carried out Audit and Assessment report activities, coordinated with external audit and implemented audit recommendations.
• Excelled in Oracle, MS SQL, MS ACCESS DBA activities.