SUMMARY

• Information Security professional with diversified 6+ years of experience encompassing Compliance and Risk Management Framework (RMF), Information Security and Assurance, System Development Life Cycle (SDLC), Security Control Assessment, Vulnerability and POA&M Management using different industrial standard frameworks such as OMB, FISMA, FedRAMP, HIPAA, PCI DSS, FIPS 199/200 and NIST 800 SPs (18, 30, 37rev1, 53/53Arev4).
• A proven project and team lead with the ability to provide information security support for federal information systems.
• Experience in the development of ATO Packages such as System Security Plans (SSP), SAR and POAM.
• Experience in Security Information and Event Management Tools like IBM QRadar, Splunk and RSA Archer.
• Able to create and review security artifacts such as System Security Plans (SSP), Contingency Plans (CP), Incident Response Plans (IRP)/Testing, and Configuration Management Plans (CMP), Privacy Impact Assessments and SOPs
• Understanding of Cloud protections as expressed in FedRAMP for Federal Government agencies.
• Able to develop and implement Technology Controls and Information Security related policies, programs and tools.
• Experience documenting technical issues identified during security assessments and recommending improvements in the existing service support tools and "standard findings"
• Familiar with network and information system security principles, technologies, and test practices as well as supporting security authorization activities.
• Utilized Security Information and Event Management (SIEM), Intrusion Detection & Prevention (IDS / IPS), Data Leakage Prevention (DLP), forensics, sniffers and malware analysis tools.
• Experienced with Symantec DLP Policies (DLP templates) compliance and regulation standards such as SOX, PCI, and HIPAA.
• Investigated and analyzed various alerts/incidents using Splunk including logs, suspicious logins and web traffic.
• Use IBM QRadar Security Manager to identify threats and assigned category.
• Knowledge of Vulnerability Management and Assessment Process with NESSUS. Used NESSUS for scanning network & host, writing Policies, generating and analyzing report.
• Worked on McAfee VSE product for Stop worms, spyware, and viruses, get high - performance security, Lessen damage from outbreaks.
• Antivirus McAfee Virus Scan Enterprise, Symantec, Endpoint Protection Suite
• Experience with industry recognized SIEM (Security Information and Event Management) solutions such as SNORT, Splunk, Log Rhythm and many other tools
• Experience performing on-site security testing using vulnerability scanning tools such as Qualys, Tenable and Penetrating testing using tool such as Burpsuite
• Experience with architecting Symantec DLP Platforms.
• Coordinate with third parties to perform vulnerability tests and create security authorization agreements and standards. The ability to balance risk mitigation with business needs.
• Experience in qualys Modelling during Requirement gathering and Design phases.
• Experience analyzing Symantec DLP events and report
• Investigate end point alerts from malware bytes to remediate the risk.
• Experience with Web App Testing, Content Filtering, EndPoint Protection, IPS/IDS, Threat Vulnerability Management, Firewall Risk Assessment, Symantec. SIEM.
• Strong understanding of Application Security Processes, Standards, Security Best Practices and Policies.
• Good understanding on seven layers of OSI Model. And worked on Defect Tracking Tools.
• Hands-on experience with various Penetration Testing Tools like Confidential Web Inspect, Acunetix, IBM AppScan, Burp suite, CSRF tester etc.,
• Good experience working security management tool McAfee ePolicy Orchestrator (ePO) console and deploying the McAfee agents on the client side.
• Verifying the incidents by using Symantec VontuDLPand solves queries within SLA time
• Performed web application security assessments considering OWASP top 10 guidelines for wide variety of clients from Financial, Telecom and Insurance Industry.
• Excellent command of Cybersecurity organization practices, operations & risk management processes, principles architectural requirements, engineering threats and vulnerabilities, including incident response methodologies.
• Experience working with multiple vulnerability platforms like Nessus. Possess experience working with SQL Server and oracle databases.
• Configured and involved to set up architecture of WAF(web application firewall) to inspect http traffic with content filtering feature to prevent against SQL injection, cross-site scripting, buffer overflow, cookie poisoning and security misconfiguration
• Expertise in Gathering and analyzing metrics, key risk indicators and maintain scorecards defined within the area of information security to ensure our information security program is performing effectively and efficiently
• Advanced knowledge, design, installation, configuration, maintenance and administration of Checkpoint Advanced Knowledge in IPSEC VPN design connection and protocols, IPSEC tunnel configuration, encryption and integrity protocols
• Knowledge of Server Maintenance, including establishing Security Protocols, Configuring Network, and Troubleshooting Problems.
• Extensive experience in balancing Information Security requirements by having a broader perspective on the business process of security administration.
• Responsible for user access provisioning and user access provisioning management using access provisioning tools.
• Expertise in processes within theSecurityAssessment and Authorization environment such as systemsecuritycategorization, development ofsecurityand contingency plans,security testing and evaluation, system accreditation and continuous monitoring

TECHNICAL SKILLS

Tools: & Utilities: Acunetix web vulnerability scanner, Nessus, Confidential Web Inspect, IBM Appcan, InsightVM, Qualys, Tenable, Malwarebytes, Cisco FirePower, CrowdStrike, IPS/IDS, Rapid7, Open DNS, Burp Suite, Wireshark, Metasploit, CSRF Tester, ALM, IBM Rational Clear Quest, Nmap, Knowbe4, CyberArk(ViewFinity), Splunk(SIEM), OWASP Top 10, SANS/MITRE Top 25, Office365, TrackIT, ServiceNow, QRadar, Symantec DLP, AlgoSec, PhishMe, Lansweeper, tcpdump, citrix, Cylance, Firemon, Wombat, ProofPoint TRAP, ProofPoint TAP, Windows XP, 2007,2010 & MAC, Microsoft Office 2010/365, McAfee Anti-Virus, iOS, Window Server 2008,2012 remote access tools MBSA, NIPPER, Firewalk, IBM RACF, Fortify etc

Network Monitoring: Solar winds, Wireshark, Hping 3, VmWare

Operating Systems: Windows 7,8,10, KALI LINUX 2018.3, Parrot

Programming Languages: C, C++, Perl, Power Shell, SQL

PROFESSIONAL EXPERIENCE

Confidential, Stamford, CT

Cyber Security Analyst

Responsibilities:

• Responsible for carrying out System and network wide Vulnerability Assessment and Penetration testing to asses the security level of systems and network devices at client’s networks.
• Risk Management Framework (RMF) Using NIST as a guide, assessments and Continuous Monitoring: Performed RMF assessment included initiating meetings with various System Owners and Information System Security Officers (ISSO), providing guidance of evidence needed for security controls, and documenting findings of assessment.
• Expertise in National Institute of Standards and Technology Special Publication (NIST SP) documentation: Performed assessments, POAM Remediation, and document creation using NIST SP Rev.1 and NIST SP rev.4.
• Enhanced in using cryptography to achieve authentication and access control, non-repudiation, and integrity of data, making sure that no data is lost, altered, or even tempered with its original structure. Well knowledgeable in cryptographic terminology and technology.
• Intermediate experience in working on AWS/ETL environments. Security, compliance, and customer data protection are top on priority. Creating ATO for cloud systems and continues monitoring for clear operations of the systems. Confidently protect data with a level of assurance that meets, if not exceed, requirements and needs, and gives the resources to secure AWS environment.
• Involved in Security Operation, Vulnerability and Risk Assessment, alerting report generation and analysis with various security tools (Splunk,McAfee ePO, Symantec DLP, Imperva, Sourcefire (IDS/IPS), FireEye. Bluecoat Proxy, etc
• Worked with ISSO and Security team to Access Security Controls selected, in Updating SAP, ROE where Vulnerability scanning and penetration testing procedures are included in the assessment, conduct assessment meeting kickoff and security Control meeting with ISSO and System Owner .Assessment finding result be reflexed on the (RTM) or Test case and all weakness noted be reported in our SAR report. Knowledge of SAN-20 and ISO 27001 Security controls and Mapping with NIST.
• Working as Analyst SOC Operations for monitoring, analyzing logs from various security/ Industrial appliances using Qradar and Splunk
• Analyzing alerts generated from Splunk, further investigating suspicious agent behavior using SQL and Splunk logs
• Security Documentation: Perform updates to System Security Plans (SSP) Using NIST as a guide to develop SSP, Risk Assessments, and Incident Response Plans, create Change Control procedures, and draft, review, update Plans of Action and Milestones (POAMs).
• Identify web application security vulnerabilities (SAST/DAST) and offer resolution advice
• Monitor the security of critical systems (e.g., e-mail servers, database servers, web servers, etc) and changes to highly sensitive computer security controls to ensure appropriate system administrative actions, investigate and report on noted irregularities
• Configuration of check Point Firewall, Policy & group assignment in R80 smartconcole
• Vulnerability Assessment and Penetration Testing, Performing Weekly, Monthly, Half yearly, yearly vulnerability assessments. Maintaining and analyzing the security risks on to the whole network, Servers and the systems through several vulnerability tools.
• Security log monitoring and review using SIEM (Firewalls/IDS/ Domain controllers).
• Managing Email filtering and troubleshooting with help of Proofpooint.
• Investigate end point alerts from malwarebytes to remediate the risk.
• Patch Management, and Antivirus compliance Performing scanning using MBSA tool to maintain patches and security updates.
• Carry out Phishing test campaigns to get the analysis on how much percentage of users are prone to email frauds.
• Introduced Phish alert button to make user reporting of fraud/phishing emails easy in just ‘one click’.
• Disseminating knowledge on Security awareness and made presentations that address different IT security issues and subjects.
• Involved in understanding the Requirements of the End Users/Business Analysts.
• Conducting threat modeling for the applications, involves in identifying the threats and providing mitigation controls.
• Conducting the secure code assessments using FORTIFY tool and vulnerability Assessment using IBM rational app scan standard edition for the applications.
• Respond to the request received from the business unit (SPOC), maintaining the dashboard and status of the projects.
• Updating Issue trackers if any issues occur in the tool with the possible mitigation by coordinating with the support team.
• Creating Project trackers and sharing them to the leads.
• Conducting security awareness programs for development community monthly targeting developers and tech Specialists.

Confidential, Irving, Texas

Cyber Security Analyst

Responsibilities:

• Monitor, analyze and respond to network incidents and events. Participate in disaster recovery implementation and testing under NIST framework, PCI standards.
• Involved in configuration of Access Lists (ACL) on checkpoint for the proper network routing for the B2B network connectivity.
• Vulnerability Scanning and Patch Management using s/w tools like GFI LAN Guard and Nessus.
• Creating groups and providing authorization using IBM RACF. Configuring access list to provide access authority for the individuals and groups in RACF. Auditing accountability for recording and reporting access in RACF.
• Working with IBM app scan to create policies and working on web application vulnerabilities.
• Categorizing vulnerabilities by using OWASP top 10 and SANS top 25 vulnerabilities guide. Working with OWASP tools to perform tasks.
• Planning and identifying the in-scope codes for the scan. Fortify tool installation, Configuration and Scanning.
• Perform the Review and Analysis of vulnerable code to identify applicability and false positives.
• Develop and maintain Security Artifacts supporting the risk profile such as SP, CP, CM, IR and POA&Ms
• Reviewing and update of the System Security Plan (SSP) using NIST SP guidelines and system security checklists, Privacy Impact Assessment
• Complete Familiarity with the Open Web Application Security Project (OWASP)
• Specialized in areas of Information Technology (IT) such as Network Security, Cyber security, Information Assurance (IA), Security Assessment and Authorization (SA&A),Risk Management, System Monitoring.
• Assisting in the development of Privacy Threshold Analysis (PTA), and Privacy Impact Analysis (PIA) by working closely with the Information System Security Officers (ISSOs), the System Owners, the Information Owners and the Privacy Act Officers.
• Perform Risk Management Framework (RMF), SA&A/C&A and system control assessment processes using FIPS 199/NIST SP, NIST SP r4/53A, preparing and reporting SSP, SAP, ST&E, SAR, PII, PTA, PIA, IR, MOU, POA&M, a Perform assessment and continuous monitoring
• Penetration testing using vendor provided tools. Coordinate and manage team activities during assessment engagements.
• Developed a correlated picture of what is occurring right now in an enterprise through integration of information from a variety of devices with QRadar SIEM tool, then normalizing and correlating the information to develop modules that provides real-time (or near real-time) reporting in SOC
• Managing Security tools DLP, SIEM, Vulnerability scanner and Penetrations test.
• Follow information security policies, methods, standards, NIST standards, and practices to organize information systems, IT reference material, and interpret regulations.
• Determined the classification of information systems to aid in selecting appropriate controls for protecting the system.
• Used remediation techniques for all collected vulnerabilities and if it is very high severe vulnerability then ticket escalate to the higher authority.
• Analyzed and updated System Security Plan (SSP); Risk Assessment (RA), Privacy Impact Assessment (PIA).

Confidential, Chicago, IL

Security Analyst

Responsibilities:

• Conduct a kick off meeting in order to categorize agency's systems according to NIST requirements of Low, Moderate or High system
• Conduct IT controls risk assessments that included reviewing organizational policies, standards, procedures and guidelines.
• Reviewing, analyzing and drafting privacy, policy and procedures.
• Manual Code review to find logic flaw which are not identify by Automated Tool.
• Familiar with various approaches to Grey & Black box security testing.
• Comfortable with technical elements of networksecurityand design, to include TCP/IP, firewalls, IPS/IDS, and experienced with endpoint solutions including Anti-Virus, Firewall, Malware and Intrusion Detection.
• Provided Vendor Risk assessment to the client's, approx. 30 projects including Wipro Holmes and Non-Holmes applications, and periodically conducts Vulnerability Assessments and Penetration Tests (DAST&SAST).
• Analyzed risks associated with intellectual property, such as information leakage and copyright infringement etc.
• Proficient in understanding application level vulnerabilities like XSS, SQL Injection, CSRF, authentication bypass, weak cryptography, authentication flaws etc.
• Security assessment of online applications to identify the vulnerabilities in different categories like Input and data Validation, Authentication, Authorization, Auditing & logging.
• Performed security assessment of PKI Enabled Applications.
• Experience in using Burp Suite, Acunetix Automatic Scanner, NMAP for web application penetration tests and Conducted functional testing.
• Used Rainbow Crack, Hydra for Password cracking tests and Capturing and analyzing network traffic at all layers of OSI model.
• Conducting social engineering attacks using Back track and Kali Linux.
• Generated and presented reports on Security Vulnerabilities to both internal and external customers.
• Training the development team on the most common vulnerabilities and common code review issues and explaining the remediation.
• Update with the new hackings and latest vulnerabilities to confirm no such loopholes are present in the existing System.
• Extensive Interaction with the customer in understanding the business issues, requirements, doing exhaustive analysis and providing end-to-end solutions.
• Finding out effective ways of manipulating the vulnerable domains of the systems.