SUMMARY

• 8 + years of IT security professional with relevant years developing application security solutions within businesses that contain, 000 endpoints. Organized and detail - oriented individual who exemplifies professionalism, and an ability to manage multiple projects and tasks at any given moment. Demonstrated history of enterprise application risk management, while providing high-quality security guidance and timely issue resolution. IT Security Professional in IT Infrastructure, Risk Management, SOC Analyst, SIEM, Vulnerability Management, Penetration Testing, Validation, Information Security, and Cyber Security.
• Strong experience with cloud security strategy, cloud provider ecosystems AWS, Microsoft Azure & migrating Enterprise from traditional data center Infrastructure, Application and Data designs to hybrid or fully-cloud enabled practices.
• Experience in IT industry with the ability to accomplish all aspects of Different Cloud Services, Analyze IT security threats and make valid recommendations for remediation. Enforce and sustain IT controls in the areas of cyber security (cyber complexity), governance, risk management, vulnerability management, and compliance in a cost-effective and efficient manner.
• Information Security Consultant with expertise in malware analysis and security information management systems. Performed static & dynamic analysis of malware and its delivery mechanism (malicious documents e.g. pdf, doc, etc.). Utilized custom sandbox environments such as Joe Sandbox, Crowdstrike and Lastline to isolate malware and identifying malware C2 communication channels. Used MISP (Malware information sharing platform) to track, correlate and share the collected IOC’s.
• Deploy, manage and effectively maintain security systems and their corresponding or associated software, including firewalls, intrusion detection systems, IPS, cryptography systems, and anti-virus software. Experience in Python, PowerShell and JavaScript programming language.
• Responsible for our corporate security monitoring architecture, development of SIEM use cases and SIEM content for our focused operations team to identify, track, and remediate advanced targeted attacks against the enterprise.
• Hands on experience on various end point security technologies like McAfee Epo 5.3.0, Symantec SEPM 12.1.5, Microsoft Forefront Endpoint Protection, Malware analysis and reverse engineering on various threats and its attack vectors as well as providing counter measures in customer environment. Configuring and Managing ISA/TMG firewall in customer environment.
• Provided support for transportation security equipment including network, software, configuration, data and user administration.
• Experience with many of the following technologies/roles: Privileged Account Management, Two-Factor Authentication, Web filtering, Web Application Firewalls, Virtualized computing environments, Encryption-at-rest and encryption-in-transit, Vulnerability Management.
• Performed digital fingerprinting to determine foreign adversary/actor behind malware/spear phishing, and correlated the data back with the Intelligence community.
• Worked as a Cyber Security Analyst for to secure the client's cloud hybrid infrastructure aws, azure, Hadoop Primarily on In House Proxy like BlueCoat and possessing strong experience in Zscaler Cloud proxy security.
• Gained strong experience in Network Integration, Implementation, Support and Monitoring. Involved in various projects, including the migration to an integrated Ethernet / Wireless Network infrastructure. Also implemented VOIP for a campus consisting of 1,500 users.
• Having hands on experience of Internal & External, Web App scanning & Penetration testing (Manual as well as tools Automated) Handled VAPT i.e Vulnerability Assessment & Penetration Testing Projects
• Utilized Enterprise vulnerability scanner (like Qualys, Tenable, Nexpose) to identify and remediate vulnerabilities
• Hands-on experience using scripting/automating tools such as PowerShell, Python, Unix Shell scripting and operating Active Directory and enterprise authentication and authorization mechanisms
• Strong working knowledge of industry security frameworks and standards (such as NIST, ISO, SOC, etc) as well asdata privacy regulations and compliance requirements for NYDFS and other compliance regulations (SOX, GDPR, PCI DSS, etc)

TECHNICAL SKILLS

Security Tools: Metasploit, Burp Suite, Kali Linux, Wireshark (Once known as Ethereal) Nmap, Nessus, IBM AppScan, Web Inspect, Splunk, Tripwire, Snort, SAST, DAST, Fortify.

Network Tools: N-map, Tenable Nessus, Rapid7 Nexpose, InsightVM, Qualys

Policy and standards: NIST, PCI DSS, CIS, HIPPA, FDCC

Firewall: Cisco Firewalls (ASA 5505, 5545x, 5550), Juniper Net screen 6500, 6000, 5400, Juniper SSG, SRX5600, SRX5800, Checkpoint (NGX, R65, R70 and R71), Palo Alto Networks (PA-2K, PA-3K and PA-5K).

Programming Languages: Java/J2EE, SQL, PL/SQL, HTML, DHTML, JavaScript, Perl, UML, XML, XSL, XSLT, jQuery

Database skills: PL/SQL, SQL, Oracle 11g, MySQL, Ms SQL Server, SnowFlake

Web Technologies: HTML5, XML, CSS, XSL, AJAX 2.0, .Net, XSL, XHTML, JSP.

Web/Application Servers: Apache Tomcat7.1, IBM WebSphere.

Scripting languages: Python, PERL Scripting, Shell scripting

Version control tools: SVN, Git, Clear Case Bit bucket.

Frameworks: Spring 1.2/1.3/2.0/3.2 , MVC, Hibernate 2.0/3.0, Validator.

Operating system: Linux (Red Hat, CENTOS & SUSE), Ubuntu, Windows.

Cloud Environment: AWS, AZURE, GCP

Automation & Configuration Tools: Chef, Ansible, Jenkins

Enterprise vulnerability scanner: Qualys, Tenable, Nexpose

Networking Protocol: TCP/IP, DNS, DHCP, Cisco Routers/Switches, LAN, FTP/TFTP, SMTP

DLP: Symantec Data Loss Prevention

End Point Security: McAfee Epo 5.3.0, Symantec SEPM 12.1.5, Microsoft Forefront Endpoint Protection

Penetration Testing Software & Tools.: Metasploit, Burp SuitePen Tester, Netsparker

Other tools: BurpSuite, DirBuster, SQLMap, Kali Linux, OpenVAS, HPWebInspect, IBM AppScan, HPFortify, Checkmarx, OWASP, ZAP, SCA, Checkmarx

(SIEM) Event Management: Splunk, RSA Archer, Blue Coat Proxy, NetWitness, LogRhythm, HP Arcsight, Dell Secureworks

PROFESSIONAL EXPERIENCE

Confidential, Dallas, TX

Cyber Security Engineer

Responsibilities:

• Performed regular review recertification of JDA Policies, TLS Domain whitelisting, SOP with BU Risk.
• Skilled using Burp Suite, Acunetix Automatic Scanner, NMAP, Dir-Buster, HP Fortify, Qualys-guard, Nessus, SQL Map for web application penetration tests and infrastructure testing.
• Helped in automating the DDP report in McAfee to see the machines that are out of Risk compliance ITRM.
• Helped the SOC team and Cyber security team to see what are the Vulnerabilities and Risks that are hitting the environment and see what are machines that have vulnerabilities.
• Monitor performance of network and servers (Microsoft and Linux) to identify potential problems and bottleneck.
• Performed testing and vulnerability assessment scans using Retina and installed patches. Implemented STIGs via Windows PowerShell and AD GPOs.
• Experience in Palo Alto Networks and Firewall
• Narrow down anomaly traffic with Wireshark for hostile string or Domain.
• Monitored controls post authorization to ensure continuous compliance with the security requirements.
• Performed Risk compliance checks against industry standard and regulatory mandates such as SOAR, FISMA, DISA, HIPAA, SCAP.
• Worked with the Log reviewers’ team to create and modify use cases for auditing purposes, SplunkCyber Securityuse case management and Migrated data from Palo AltoXSOARand CortexXSOAR.
• Updated the controls changes from NIST rev 3 to NIST rev 4 and control assessment changes from NIST A to NIST.
• Responsible for creatingPKIcertificate request and implementing server mutual authentication.
• Worked on FedRAMP / WebEx Infrastructure vulnerability, POA&M remediation / compliance and general maintenance of Linux environments, VMware, RSA Archer, Qualys, including customer requests and break-fix situations.

Confidential, TX

Cyber Security Analyst

Responsibilities:

• Review risk assessments completed by security team based on National Institute of Standard and Technology (NIST) and International Standard Organization (ISO) by using its methodology is based on the PDCA cycle, which builds the management system that plans, implements cybersecurity, maintains, and improve the whole system.
• Monitoring using Splunk/ Wily Introscope and setting up WebSphere Global Security for access to the admin-console. Configuring the HTTP Server for various clustered application servers using virtual hosting and enabling SSL security.
• Consult clients on automating business processes & risk management activities in the RSA Archer GRC.
• Developed Contingency plans, Disaster Recovery Plans and Incident Response plans for Information Systems using NIST SP .
• Worked extensively in Configuring, Monitoring Elk, Extrahop, Palo Alto Firewall
• Built proof of concept (POC) for Localization to use AWS for some transcoding workloads. AWS services used were EC2, S3, Lambda, Elastic Transcoder. Second phase would be to add Captions and Digital Rights Management (DRM).
• Responsible for automating the SOC Incidents using Azure native SOAR capabilities.
• Prepared risk-based test plans and perform security testing (tool-based testing, l penetration testing, source code review, etc.) on the different layers of those information systems in support of the Certification & Accreditation.
• Created Security authorization package (SSP, SAR and POA&M).
• Performed continuous monitoring on Information systems using NIST SP .
• Conducted vulnerability assessment and validated remediated vulnerabilities.
• Conducted Assessment on Contingency plans using NIST SP .
• Performed regular review and recertification of DLP Policies, TLS Domain whitelisting, SOP for enhancement with ITRM (Information Technology Risk Management) and Risk assessment.
• Utilized Threat Intelligence Platform and other OSINT sources such as news articles and research papers to pull IOCs and conducted searches in LogRhythm.
• Utilized McAfee Threat Intelligence Platform and other OSINT sources such as news articles and research papers to pull IOCs and conducted searches in LogRhythm.
• Security Engineer for the deployed SIEM tool (LogRhythm) including troubleshooting, updating/patching, configuration and availability of the SIEM.

Confidential

Cyber Security Analyst

Responsibilities:

• Used McAfee ePolicy Orchestrator to monitor and identify potential intrusions and attacks for the Cyber Security Operations Center (CSOC).
• Involved in standardizing Splunk Phantom SOAR POV deployment, configuration and maintenance across UNIX and Windows platforms.Set up and maintained Logging and Monitoring subsystems using tools loke; Elasticsearch, Fluentd, Kibana, Prometheus, Grafana and Alertmanager.
• Established infrastructure and service monitoring using Prometheus and Grafana.
• Examine enterprise artefacts for malicious content and malware analysis.
• PSM and CPM hardening scripts were reviewed and modified to meet enterprise compliance standards. Worked on PKI certificates on CyberArk windows servers, web applications, RDP SSL/ TSL handshake, and client-server trust model, and created self-signed certificates for EPV.
• Implementation and maintained intrusion detection/ prevention (IDS/IPS) system to protect enterprise network and sensitive corporate data. For Fine-tuning of TCP and UDP enabled IDS/IPS signatures in Firewall.

Confidential

Cyber Security Analyst / Web Penetration Tester

Responsibilities:

• Use tools like New Relic and Splunk for application monitoring, analyzing application performance and checking logs respectively.
• Detected and mitigated of DDOS attacks
• Conducted network monitoring and intrusion detection analysis using various Computer Network Defense (CND) tools, such as Intrusion Detection/Prevention Systems (IDS/IPS), Firewalls, SIEM, NAC, and Vulnerability Management tools.
• Experience in Python, JavaScript programming language.
• Managed InfoSec projects with task lists, timelines, implementation and testing plans, status reports and appropriate project management documentation
• Experience in different web application security testing tools like Burp Suite, SQL Map, and Dir Buster.
• Good understanding and experience for testing vulnerabilities based on OWASP Top 10.
• Capable of identifying flaws like SQL Injection, XSS, Insecure direct object reference, Security Misconfiguration, Sensitive data exposure, Functional level access control, CSRF, Invalidated redirects.
• Experienced in Dynamic Application Security Testing (DAST) & Static Application Security Testing (SAST).
• Performed Dynamic Application Security Testing (DAST) using tools such as HP Web Inspect, HP Fortify.