SUMMARY

• Experienced Information Security Engineer with 5+ years of Security experience.
• Worked on large - scale Security projects with varying level of in-depth configuration, troubleshooting, bug submissions, and providing solutions
• Strong skills in evaluating and testing networking, system, web application vulnerabilities.
• Good understanding of Qualys VM, WAS platforms and Splunk search queries.
• Good skills in testing tools like Burp, SQLmap, Nmap, and Curl.
• Expertise knowledge on IPv6 implementation in large scale networks.
• In-depth knowledge and troubleshooting skills on IPSEC VPN, NAT rules and Packet Inspection.
• Strong troubleshooting skills on AAA protocols like AD, LDAP, RADIUS and TACACS.
• Good understanding on Cryptography standards and its applications.
• Configured PKI/CA server on different platforms like IOS, ASA and windows.
• Strong understanding on Cloud Network Products and worked on Microsoft Azure Virtual Router, Amazon AWS Firewall.
• Developed and written signatures for vulnerabilities and tested them using Wireshark.
• Strong analytical skills to design, code and debug programs.
• Ability to own, improve and develop a better product in project work.
• Lead a team of 15 technical support engineer in Support Coordinator position.

TECHNICAL SKILLS

Vulnerability Tools: QUALYS - VM, WAS, Burp, Nmap, SQLmap

Firewalls/VPN: Cisco ASA, PIX, Microsoft Azure, Checkpoint

Routers/Switches: Cisco ISR, ASR, CSR, 7200 series, Catalyst, Netgear

Security Tools: ASDM, CCP, SDM, CSM, ACS, IDM, Wireshark

Operating Systems: LINUX - Ubuntu, Red Hat, Windows, Mac

Virtualization: VmWare Workstation, VSphere, Oracle VirtualBox

Software/Scripting Language: Python, C, C++, Java, SQL, UML

PROFESSIONAL EXPERIENCE

Information Security Engineer

Confidential

Responsibilities:

• Worked on IPv6 rollover implementation project in Confidential and upgraded 90 scanner appliances.
• Analyzed, validated using Nmap, Curl and scanned using Qualys to check the networking, system, patching vulnerability tickets are remediated.
• Identified the root cause and remediated the scanner crashing problem.
• Analyzed, Tested Web Application vulnerability tickets in Qualys WAS using Burp.
• Developed skillset to do search queries in Splunk Dashboard.
• Created processes and procedures to handle Qualys WAS daily issues.
• Handled Brute force scanning and helped to remediate the system that are susceptible.

Security Engineer

Confidential, San Jose, CA

Responsibilities:

• Handled customer problems on variety of network topologies with different cisco security products in Federal Govt agencies. Corporate networks and small business customers.
• In-depth troubleshooting and debugging in areas of DMVPN, GETVPN, VTI, GRE Tunnels, Remote IPsec VPN on ikev1, ikev2 topologies and created NAT rules, ACL policies.
• Successfully able to recreate customer issues in our labs and identified software defects within a set timeline. Also made sure that the issue gets resolved in customer site after the bug fix.
• Exceled and trained folks in the TAC group to build VM pool in Cisco Cloud for devices like ASA, CSR, PKI server, LDAP Server, RADIUS Server to run on Virtual Machines.
• Successfully handled, implemented on issues like Anyconnect Migration for customers with 40,000 users and GETVPN migration for customers using massive MPLS Cloud networks.

Network Security Engineer

Confidential, Santa Clara, CA

Responsibilities:

• Installed and maintained routers, switches, servers and desktop for the entire company of 120+ people and supported them on daily basis.
• Configured Cisco IOS Router for Zone Based Policies, NAT Filtering, IPSec VPN.
• Configured and implemented EIGRP, BGP routing protocols.
• Worked on vulnerability assessment tools like GFI Languard, Ethereal, to scan the network daily and remediate the exploits in the environment.
• Used controls, templates, standards, and guidelines to write Security policies for Drupal-Based SSV Webite, Eco-cloud Website and HR Administration.

Application Consultant

Confidential

Responsibilities:

• Extensive troubleshooting done in Netgear Products like VPN Routers, Firewall Routers, Switches, Hubs, Wireless proucts, etc.
• Implemented different types of VPN Connection like Site-to-Site VPN by describing the IPSec Policy using IKE, AH, ESP Protocols, and Hashing Algorithms.
• Configured the Wired/Wireless Routers for internal access, Port forwarding, NAT Rules.
• Handled and fixed issues on Wireles Access Point authenticating to CA server.
• Analyzed the defective products and issued RMA to customer products.

Technical Staff

Confidential

Responsibilities:

• Extensive Hands-on Experience on Exploit Assessment on Cross-Site Scripting, SQL Injection, Buffer Overflow, Bypass, Denial-of-Service packets in various testing tools.
• Developed and managed iPolicy signature database by collecting vulnerabilities from US-CERT, SANS, etc. Tested the signatures using Ethereal and TCPDump network analyzers.
• Prominent Work includes the scripting of Apache Struts, PHP Sites, TCPDump routines, and an exploit development on NTLM Authentication using Perl Scripts.

Support Coordinator

Confidential

Responsibilities:

• Headed the Teshnical Support, Spares Movement and Financial Work for NewWave Support.
• Successfully designed and tested the implementation of 36 Catalyst Switches with 4 Cisco ISR Routers with EIGRP in a research site.
• Being outsourced to iNautix, Generated Disaster Recovery Reports using the remedy statistics for the Mainframe Printer toner outages, fuser assembly problem and implemented a Mainframe Tone Usage template and trained the QA Team to maintain toner usage.

Free Lancer - Security Architect

Confidential

Responsibilities:

• A TCP/IP client-server, JAVA datagram architecture model with multi-threading mode is used for a secure (Diffie-Hellman, X.509 Certificate, MD5) connection-oriented design.
• Dynamic shortest-path design is successfully tested with 50 different IP lists.
• A novel hierarchial Cross-Bar Switches based on TCP/IP is implements usinfg GALS, NoC methodology to overcome SoC power consumption issue.
• Windowing technique designed to contrl Congestion Confidential every sender and receiver - to bind the TCP/IP network capacity in different routing modes for a concurrent processing setup.