SUMMARY

• Professional with 8 years of extensive experience in the areas of Risk Analysis, SIEM, Endpoint Security, DLP, Network Security, Email Security, Web Gateway, Vulnerability Assessment, Pen testing, Windows Server, Domain technology, and Antivirus servers.
• Expertise inCybersecurity& Information Assurance with deep Knowledge of Identity and Access Managementsecurity, Sail point Identity IQ, Access Control issues related tocybersystems and networks, AWS Cloud, Penetration testing methodology, malware detection techniques, recommended information assurance policies and standards.
• Hands on experience with SAST and DAST using tools like HP Fortify, HP Web Inspect, Check Marx and IBM Appscan.
• Engineered and deployed global Splunk SIEM solution and deployed global Carbon Black Response EDR solution Engineered and having good experience SAST and DAST applications using tools using Burp Suit and Check Marx.
• Worked on SAST and DAST applications using tools Check Marx, Fortify and IBM AppScan
• Expert in Vulnerability Assessment using Qualys, Nessus and Nexpose tools to evaluate attack vectors, identify system vulnerabilities and develop remediation plans andsecurityprocedures.
• Possess a well - balanced understanding of business relationships, business requirements, and technical solutions with ability to work collaboratively with business analysts, software testers, and developers.
• Hands on experience for development, implementation, and administration of informationsecuritypolicies, standards, and procedures, adhering to industry best practices for clients.
• Assisted in ensuring that the corporate IT environment is secure and complies with all external audit requirements and federal standards.
• Expertise in Gathering and analyzing metrics, key risk indicators and maintain scorecards defined within the area of informationsecurityto ensure our informationsecurityprogram is performing effectively and efficiently.
• Excellent knowledge of FISMA, HIPAA and NIST, PIA Compliance usage, rules and regulations.
• Expertise in performing Application Security risk assessments throughout the SDLC cycle.
• Understanding of data integration, network design, and database concepts.

TECHNICAL SKILLS

Networking: Packet Analysis (tcpdump, Wire shark), IDS (Bro, Snort), Splunk, Firewall, IDS/IPS, Access Control

Systems Administration: Active Directory, DNS, FTP, SSH, DHCP, SMB, HTTP, Virtualization

Vulnerability Assessment: Nmap, Nessus, Ettercap, Metasploit, Honeypots (honeyD, inetSim), BurpSuite, Nexpose, Acunetix, IBM App Scan, HP Web Inspect

End PointSecurity: McAfee Suits (VSE, HIPS & HDLP), McAfee MOVE AV, Symantec McAfee EmailSecurityGateways GUI & CLI, McAfee Network Data Loss Prevention, McAfee NITRO SIEMSecurityInformation and Event Management, Cisco Security (Cisco AMP Umbrella, Cisco Email Security),Fire Eye HX

Platforms/Applications: Continuous Monitoring Vulnerability Management, Web Application Scanning, Threat Protect, Policy Compliance, Cloud Agents, Asset Management, Governance, Risk Management and Compliance, Solar winds, Nexpose, Rapid7 Event Management RSA Archer, Blue Coat Proxy, IBM QRadar, NTTSecurity, LogRhythm, Pen Test Tools Metasploit,KaliLinux

Standards & Framework: OWASP, OSSTMM, PCI DSS

SecuritySoftware: Nessus, Ethereal, NMap, Metasploit, Snort, RSA Authentication, PIA

Programming Languages: C, C++, Java, Python, JavaScript, PowerShell

Protocols: TCP/IP, L2TP, PPTP, IPSEC, IKE, SSL, SSH, UDP, DHCP, DNS, NetBIOS, SNMP, TLS

Domain Knowledge: Risk Management, BCP/DRP, ISO 27001, COBIT, SWOT analysis, Cryptography, Incident Response, Penetration Test, Risk Assessment, SCADASecurity, SCADA Audits, SIEM, ITIL, NIST, FIPS

PROFESSIONAL EXPERIENCE

Confidential

Sr Cyber Security Engineer

Responsibilities:

• Experience with DLP, Bluecoat web sense, Proof point, Trend Micro, and IBM QRadar Enterprise SIEMsecuritytools to monitor network environment.
• Worked on tools like Informationsecurityand Group Policy, Symantec Data Loss Prevention, Symantec End- Point Protection Manager, Symantec Endpoint Encryption, Windows Server Update service, Bluecoat Proxy, Syslog’s, and GFI.
• Experienced primary Voltage secure data encryption engineer heading up the International Project encryption servers worldwide.
• Oversee Vulnerability assessment/penetration testing of scoped systems and applications to identify system vulnerabilities.
• Implemented Application Security program (DAST and SAST) at the enterprise level to identify, report and remediate security vulnerabilities from applications deployed in DEV, PRE-PROD and PROD environments.
• Conduct IBM AppScan Enterprise and IBM Security AppScan Source for Analysis DAST and SAST testing on WWB Applications.
• Application support for tripwire, research and understand all aspects up tripwire and troubleshooting as well as find other ways to automate practices. Would help other teams within cyber security as well for any projects dealing with Nessus tools vulnerability management, risk and compliance in NERC standards.
• Lead a team of cloudsecurityengineers in various areas of expertise to execute complex solutions to meet delivery timelines.
• Monitored and researchedCyberThreats with a direct & indirect impact to the organization internally.
• Experience on Nessus VA and Burp Suite PT with Implement RSA SecurID.
• Multi model Consulting on different frameworks & standards like ITIL, COBIT, SDI, CMMI & ISO 2000, and ISO 9001.
• Worked with development teams to review application source code for security and operational risks using Blackduck.
• SecurityConsultant specializing in Data Loss Prevention and large infrastructure encryption.
• SecurityEngineer for Proof Point Email GatewaySecurity.
• Develop architectures and proof of concept implementations of cloudsecurityenvironments
• Responsible for architecting, implementing and supporting of cloud based infrastructure and its solutions.
• Manage all repeated threats to all systems and perform vulnerability tests.
• Responsible for the design, development, and implementation of new and innovative solutions to protect lucid sensitive data and strengthen data protection capabilities.
• Support IT teams based on latest risks and possible remediation Vulnerability remediation of VBlock Infrastructure. Involved in integration of Splunk with Service Now, Active directory and LDAP authentication
• Used Splunk Deployment Server to manage Splunk instances and analyzedsecuritybased events, risks & reporting.
• Experienced with Handling Cloud environments (AWS and Cloud).
• Simplified knowledge sharing by creating and maintaining detailed and comprehensive documentation and necessary diagrams.
• Developed Application Security program (DAST and SAST) at the enterprise level to identify, report and remediate security vulnerabilities from applications deployed in DEV, PRE-PROD and PROD environments.
• Managing the enterprise infrastructure of the SystemSecurityteam, such as configuration of File Integrity Monitoring systems, DLP toolsets, enterprise Antivirus solutions, and endpoint encryption.
• Assisted internal users of Splunk in designing & maintaining production-quality dashboard, assisted team to understand the use case of business and provided technical services to projects, user requests & data queries.
• Password vault Management (CyberArk), Risk and Security Controls exceptions (Archer), Software Vulnerability Scanning (Veracode), Infrastructure security (Blackduck), Release automation (Nolio).
• Combat operations IN Signals and info sec operations. Worked with NERC CIP, Tripwire, Tenable and IP360 Enterprise 8.6.
• Responsible for network monitoring using Splunk, Arch sight, andSecurityCenter.
• Responsible for Web UI development in JavaScript using jQuery, Angular2, and AJAX.
• DevelopedCyberSecurityStandards on NIST Frameworks and insured their proper implementation to reduce the risk of vulnerability to IT assets.
• Using Tenable and IP360, Tripwire to control vulnerabilities and mitigate them by severity.
• Developed an intelligence-drivensecurityapproach for threat detection, which helped
• Responsible for conducting structuredsecurity and accreditation (C&A) activities utilizing the Risk Management Framework and in compliance with the Federal InformationSecurityModernization Act (FISMA) requirements.
• Performed enterprisesecurityand Cloudsecurityspecific solutions such as: IAM, Identity Governance, SIEM, Key Management & Encryption access keys, Public, Private and Hybrid cloud solutions.
• Provide information regarding intrusion events,securityincidents, and other threat indications and warning information.
• Performed Static Application Security Testing (SAST) using tools such as HP Fortify and Dynamic Application Security Testing (DAST) using tools such as IBM AppScan.
• Responsible for Continuous Integration (CI) and Continuous Delivery (CD) process implementation using Jenkins along with LINUX Shell scripts to automate routine jobs.
• Performs advanced problem identification and resolution, performance monitoring and capacity planning functions for all Cloud infrastructure
• Deploying True Crypt Drive Encryption to all State Trooper laptops and desktops.
• Run internal and external Network Vulnerability scans at least quarterly after any significant change in network such as a new system component, installations, and changes in network topology, firewall rule modifications and product upgrades.
• Analyzing vulnerability using scanning tools (Nessus, Qualys Guard) provided to us by our client to remove false positives before creating and delivering a final report.
• UtilizeSecurityInformation and Event Management (SIEM), Intrusion Detection & Prevention (IDS / IPS), McAfee Endpoint Encryption Data Leakage Prevention (DLP), PIA, Force point, forensics, sniffers and malware analysis tools.
• Responsible for monitoring and, providing analysis in a 24x7x365SecurityOperation Center (SOC) using Splunk SIEM, IDS/IPS tools.

Confidential, Denver, CO

Cyber/Network Security Engineer

Responsibilities:

• Interface with users, technicians, engineers, vendors and other Technical Maintenance personnel to install, update and debug automated systems.
• Ensure products and systems comply with cyber security standards and practices. Develop test routines and monitoring solutions. Penetration testing using Nmap and Wire shark.
• Provide day to day support of servers, workstations, network and other equipment. Document support procedures specific to systems to be utilized by the Technical Maintenance and Engineering departments.
• Plan, execute and oversee remediation activities for valid vulnerabilities which are identified using Application Scanning tools. Experience with application scanning to identify security vulnerabilities in the web application and architectural weaknesses.
• Analysis of Static and Dynamic Application Security Testing (SAST/DAST) tools for use by GSS infrastructure contractor and Application Developer Organizations (ADOs)
• Effectively communicate with Business Operations and other functional areas on web application vulnerabilities. Experience in planning, installing, configuration, and administering IBM Security Identity Manager 7.0.1. Support, performance tuning and troubleshooting ISIM 7. Configure and manage ISIM 7 security e.g. configuration of single sign-on, secure communication with supported middleware etc.
• Hands-on experience in full lifecycle of ISO27001 framework, SOC2 Audit and remediation.
• Hands-on technical experience with testing of web applications in Java or .NET, Experience with audits, e.g. A-123, SOC 1/2, FISCAM. Radius and Kerberos Server experience. API testing using Postman.
• Experience using DAST tools to detect potential vulnerabilities such as HP Web inspect, Solar Winds, Zap, Burp, Tenable, Splunk, Alert logic, Symantec Endpoint Protection, Scalar, McAfee security, Portswigger, Fiddler, Wire shark, Nmap, JIRA, Sonatype, Coverity. Experience in Palo Alto Networks and Firewall (PA-5000, PA-3000, and PA-500) series, PA IPSec VPN Tunnel.
• Expertise in using the DAST tools (Like IBM AppScan and Burp Suite Pro while the application is running to penetrate the application in various ways to identify potential vulnerabilities outside the code and in third party interfaces.
• Knowledge with risk and compliance assessments, and in-depth knowledge of HIPAA, HITRUST requirements.
• Experience with Red hat Linux Server, macOS Server, Microsoft Windows Server, MS Active Directory, Azure AD, and Configure and manage AWS/Azure Cloud Infrastructure, Virtualization (VMware NSX, Hyper-V). Extensive experience hands-on Azure IaaS / PaaS. Experience designing and building Azure solutions. PowerShell experience as it relates to Azure, AD, and Office 365.
• Deploy, manage and effectively maintain security systems and their corresponding or associated software, including firewalls, checkpoint firewall, squid firewall, blue coat proxy and routers, IDS, IPS, cryptography systems, Encryption (RSA, AES), Tokenization (Open MT), and anti-virus software. Experience in Python, PowerShell and JavaScript programming language.
• Experience with interpreting HIPAA, HITRUST requirements and lead organization wide efforts to implement the required technical, administrative and physical controls.
• Experience utilizing Wi-Fi analyzers, Wi-Fi survey software tools (i.e. Air Magnet, Ekahau, etc.) and test equipment. Experience working across the full stack of enterprise security tools to include everything from the physical layer to the application layer. Cisco Nexus series 5k, 7k, 9k switches, Cisco Catalyst Switches (2960, 3560, 6500), Cisco 300/200 series.
• Ability to lead the design of network security infrastructure and the integration of new requirements into existing architectures. Experience leading compliance assessments of relevant cyber security frameworks.
• Remain informed on trends and issues in the security industry, including current and emerging technologies and policies.

Confidential, Columbus, OH

CyberSecurityEngineer/Analyst

Responsibilities:

• Establish a strong GRC (Governance, Risk and Compliance) practice to ensure adherence to best practice, regulatory requirements and ISO 27001.
• Adept with QRadar, Symantec PCAP, Symantec CloudSOC, PAN Firewall, PAN Wildfire, PAN TRAPS, PAN Relock, Fire Eye, Threat, Microsoft SCEP, Microsoft O365Securityand Compliance Portal, Proof Point,
• Working with McAfee epos for managing client's workstations for providing end pointsecurity.
• Facilitate implementations of informationsecuritypolicies, accountsecuritypolicies and standards for logical and physicalsecurity.
• Worked on SIEM, as well as solar winds, Symantec end to end pointsecurityfor malware detection and threat analysis.
• Performed manual and automated source code reviews using HP Fortify, CheckMarx.
• Experience with national, international, and/or sectorial cloudsecurityassurance/compliance regimes and frameworks such as Federal Risk and Authorization Management Program (Fed RAMP), Federal
• Responsible for performing application penetration testing on web, thick client, and other types of applications to identify significant vulnerabilities that threaten the confidentiality, integrity, and availability of customer systems.
• Implementation and configuration of the network infrastructure in Business environment.
• Installation and maintenance of McAfee Drive Encryption used to encrypt all workstation hard drives in the environment to secure the data stored on them.
• Installation, maintenance and monitoring of McAfee Data Loss Prevention Endpoint, one piece of the Removable Media Encryption suite.
• Installation, maintenance and monitoring of McAfee File and Removable Media Protection, the second piece of the Removable Media Encryption suite.
• Setup and configuration of test benches includes configuring Cisco UCM, 29xx/3800 series routers, Cisco 7975/9971 IP Phones, RSVP gateways, POE switches and Media servers, implemented all VMware configurations for CUCM installs using vSphere.
• Implemented and configured CASB solution including Netskope to secure the enterprise with a cloud.
• Tested and certified new software such as Tanium Protect (an access control software) and PEGA trouble ticketing software.
• Audit Support: Facilitated the PCI DSS external audit for the client, took charge of end to end co- ordination and support during the onsite assessment.
• Oversee the design and development ofsecuritysolutions and manage cross-platform integration of a range of on-premised and public cloudsecuritydesigns and configurations, Amazon Cloud Front and Amazon Route 53.
• Troubleshooting day to day issues in IT infrastructure in Business Environment tools like Splunk, Arc Sight, Solutionary, PIA, Log Rhythm, SCCM, Altiris, LANDesk, Big Fix, McAfee/Symantec.
• Automated DLP Incident metrics using Splunk. Developed monthly, weekly metrics and dashboards using Splunk.
• Provided leadership in architecting and implementingsecuritysolutions towards Qualys and SIEM tools like Splunk, Arc Sight, Solutionary, Log Rhythm, SCCM, Altiris, LANDesk, Big Fix, and McAfee/Symantec.
• Configured Advance Cyber Ark integration with AD through LDAP, 2factor authentication & email integrations.
• Utilizing Tanium EndpointSecurityto create reports to resolve various informationsecurityissues.
• Experience with Risk assessment, Cobit I help Malware Analysis.
• Coordinates closely with disaster recovery and datasecurityteams.
• Enhancing Risk culture across the organization based on COSO framework. Applying and implementing COSO framework across organization
• Allocate/coordinate work within a team/project. Provides value input into risk reports. Presents reports to the business areas and CTS management.
• Working as Device Management in-charge to provide technology support, install, maintain, upgrade, and troubleshoot server's issues, networks, othersecurityproducts, providing solutions to complex hardware/software problems.
• Working as a dedicated resource for a Scrum Project to provide timely firewall support and configuration for ongoing high priority Scrum Projects.
• Conduct daily IDS analysis/monitoring for potential compromise, intrusion, deficiency, significant event or threat to thesecurityposture andsecuritybaseline and numerous activities against spam.
• UtilizeSecurityInformation and Event Management (SIEM), Intrusion Detection & Prevention (IDS / IPS), Data Leakage Prevention (DLP), forensics, sniffers and malware analysis tools
• Implemented multiple tools including Symantec DLP, and QRadar SIEM.
• Deploying and configuring McAfee products for client. Providing SME for McAfee suite of products like McAfee epos, McAfee Endpoint Encryption, McAfee DLP Endpoint
• Manage IBM QRadar configuration files like inputs, props, transforms, and lookups. Upgrading the IBM QRadar Enterprise andsecuritypatching.
• Leading a SOC team forcyberincidence and compliance towards PCI DSS, NIST framework.
• Installed, configured and administered Splunk Enterprise Server and Splunk Forwarder on Red hat Linux and Windows servers.
• Configuration and Maintenance of MPLS between satellite locations and Data center. Rule Management for MPLS routers.
• Tracks all the incidents happened in all the stores and used for recovery and settlements using RSA Archer.
• Experience with SIEM platforms (Splunk, Qradar, McAfee/Nitro, Arc sight, Log Rhythm, Carbon Black).
• Administration experience of Cyber Ark vault with Safe creation, integration with LDAP and other authentication methods & Creation of policies and reports in PVWA.
• Experience in analyzing the logs and Trouble Shooting issues in Integration of other applications using CA Site Minder (Access Management) and Identity Management tools along with LDAP and Web-server agents and Site minder federation services.
• Projects that installed, deployed and/or maintained multiplesecuritysolutions forsecuritytools such as Nexpose Rapid 7, Comodo, Qualys, and threat stop.
• Installation and configuration of Cyber Ark Vault, Password Vault Web Access (PVWA), Central Password Manager (CPM) and Privileged Session Manager (PSM) in Prod and PIA.
• Working on theSecuritytools like DeepSecurity, HIPPM, Nessus, and Symantec Control Compliance Suite 11.

Confidential, Plano, TX

Cyber Security Analyst

Responsibilities:

• Responsible for detection and response to security events and incidents within global fortune 500 client networks; utilizing Arc Sight, Splunk, Tipping Point, Virus Total, IPVOID, Fire Eye, Wire shark, etc. To gather, analyze, and present forensic evidence of cyber malware and intrusions.
• Review System and firewall logs based on individual preset client policies, rules, and standards; also review all host activity for specified timeframe.
• Work directly with ESM engineers and Account Information Security Officers to adjust alert criteria
• Coordinated escalations to Forensic Analyst Team with recommendations for remediation.
• Acted as liaison and interacted with leadership, account management teams, and engineers to further define the risk and remediation plan.
• Evaluated and fulfilled requests from the Account Information Security Risk & Compliance Officers for each client and aligned with the appropriate run book procedures to attain Client Service Level Objectives and Agreements.
• Adjusted network alerts temporarily to suppress excessive alerts prior to engineers making permanent threshold changes.
• Facilitated and operated direct telephone communication in order to perform the immediate required escalation requests or engagements of required teams to support clients.
• Researched McAfee Threat Center, Symantec, and other vulnerability and threat libraries to identify and formulate remediation plans.

Confidential

Jr.SecurityAnalyst

Responsibilities:

• Resolved all LAN/WAN connectivity other issues.
• Analyze Vulnerabilities reports from various scans and assessments by acting on high risk / critical Vulnerabilities to other Vulnerabilities.
• Management of systemsecurityand file systemsecuritypolicies and analyzing systems to determine ways of improving performance
• Conducting routine checks, warranty claims, hardware failure, replacement, software up-gradation, download patches and hotfixes.
• Infrastructure deployment from the very basis to complete function and InformationSecurityPolicy as per PCI-DSS Audit Compliance.
• Review controls related to various business process of entity for compliance with COSO framework.
• Responsible for conducting structuredsecurity and accreditation (C&A) activities utilizing the Risk Management Framework and in compliance with the Federal InformationSecurityModernization Act (FISMA) requirements
• Performing OS updates and upgrading application.
• Used Splunk to monitoring/metric collection for applications in a cloud-based environment.
• Maintaining all shared resource and monitor free and utilized disk space.
• Responsible of setting up projector, audio/video devices for meetings and lectures.
• Keeping and tracking inventory of all loaner laptops issued to students and staffs.
• Responsible of writing and updating manuals.
• Install and configure the Qradar SIEM including all its components, local & or remote log collectors.