SUMMARY

• Professional with 8+ years of experience as an IT Security Professional in IT Infrastructure, Risk Security, Information Security and Cyber Security.
• Experienced in Security services such as PIM, AZURE AD, Sentinel, Defender, Cloud App Security, and VWAN.
• Worked in the management and support of the security tooling our Deployed ADF personnel rely on.
• Systems Security and Administration Professional with expertise in Information Security Management, Firewalls, IDS, SIEM, Penetration Testing, DLP and industry security standards e.g. ISO 27001:2013, NIST 800 series, NISPOM, COBIT, HIPAA, SOC, SOX etc.
• Strong experience in risk management and computer forensic tools, technologies, and methods.
• Strong working experience in IT security design and implementation with a solid understanding of disaster recovery, intrusion detection systems (IDS), intrusion protection systems (IPS), and web application firewalls (WAF). Analytical problem solver adept at managing network changes and troubleshooting network issues to ensure maximum up time.
• Experienced in using McAfee best practice standards for OWASP top 10 CIS CSC, DLP, Data classification, and Encryption standards for Contractors and employees.
• Experienced troubleshooting in support of the ADF or our Security Operations Centre, such as why logs aren’t shipping from point A to point B
• Developed horizontal view of risk posture across Cloud Security Domain using Azure.
• Monitoring and escalating potential brute force attempts to client Red Hat servers in Azure cloud by analyzing SSH logs in Splunk ESM and Logger.
• Experienced using McAfee best practice standards for OWASP top 10 CIS CSC, DLP, Data classification, and Encryption standards for Contractors and employees.
• Worked on Security Information and Event Management (SIEM) and Advanced Persistent Threat (APT) hunting, Intrusion Detection & Prevention (IDS / IPS) Fire Eye, malware analysis tools.
• Worked in Utilized Digital Guardian to protect most valuable assets with an on - premises deployment or an outsourced managed security program (MSP).
• Experienced in Remediated vulnerabilities for both Proof point edge gateways, Proof point DLP and Microsoft Exchange Maintenance.
• Performed Driving adoption and increased usage of automated application security testing in CI/CD pipelines
• Experience in Design, implement, and educate on IAM build processes, code migration, and source control use worked with Symantec DLP Policies (DLP templates) compliance and worked on information security standards and risk analysis methodologies, such as: ISO 27001/27002 , NIST, COBIT, and OWASP.
• Experience in Architect, Design, Build and deploy data, application and infrastructure security solutions in AWS, other Cloud environments, such as, Azure, GCP
• Experience in FISMA, HIPAA and NIST, PIA Compliance usage, rules and regulations.

TECHNICAL SKILLS

• Network Management Tools Solar winds
• Data dog
• Firemon
• Cisco NCS
• Wireshark
• NET MRI
• Cisco Prime Infrastructure
• Logic Monitor
• Net QOS Super
• Agent Security Tools IBM QRadar security Manager
• Splunk ES
• McAfee Vulnerability
• Management Solutions
• Burpsuite
• Log Rhythm
• OWASP
• Cyber ARK
• Nmap
• Symantec Endpoint Security Cyber Security Solutions FireEye
• CMS
• NX
• EX
• HX
• IA
• PX Firewalls ASA
• Checkpoint
• WAF
• Palo Alto Forensic Technologies Encase
• FTK Imager
• Autopsy
• Kali Cloud Security AWS
• Azure
• Open Stack
• Docker
• Ansible
• Chef
• Terraform Operating Systems Kali Linux
• Parrot Sec
• Unix & Linux Proxies Burp Suite
• Web Scarab
• Wireshark
• DirBuster

PROFESSIONAL EXPERIENCE

Confidential, Dallas TX

Cyber Security Engineer

Responsibilities:

• Worked with many of the following technologies/roles: Privileged Account Management, Two- Factor Authentication, Web filtering, Web Application Firewalls, Virtualized computing environments, Encryption-at-rest and encryption-in-transit, Vulnerability Management.
• Performing as part of a team in a senior capacity responsible for implementation of information security requirements, policies, standards, guidelines and procedures.
• Involved in Security configuration, audit, and management of applications and databases.
• Leading security incident investigations, including basic forensic analysis and reporting.
• Deploying, automating, maintaining and managing AWS cloud-based production system, to ensure the availability, performance, scalability and security of production systems.
• Working Leading evaluation of process effectiveness and identifies areas for improvement. working knowledge of Cisco wireless LAN controllers, Cisco access points, Cisco ISE, Cisco routers, Cisco L2/L3 switches, Cisco Prime, Generic Routing Encapsulation, load balancing (F5 BIG-IP Local Traffic Manager, Cisco Load Balancer, Citrix, Azure load balancer), QOS, PBR, WCCP, VPN, NAT, VoIP, IPsec, Multicast, DNS services, MPLS networks, LAN, WAN, Juniper Networks Firewall, Cisco ASA firewalls and network and routing protocols (Ethernet, TCP/IP, SNMP, VLAN Trunking, BGP, OSPF, ISIS, EBGP,IBGP,RIP).
• Performed Maintenance and monitoring of network and host intrusion detection and prevention technologies. Implementing security controls. Experience with using a broad range of AWS technologies (e.g. EC2, RDS, ELB, EBD, S3, VPC, Glacier, IAM, Cloud Watch, KMS) to develop and maintain an Amazon AWS based cloud solution, with an emphasis on best practice cloud security.
• Performed Integrate vulnerability standard Principals like CVE, OWASP in to organization security policy.
• Developed physical and procedural safeguards for information resources within the facility. Communicate effectively with senior management, peers, staff, and customers both inside and outside the corporation.
• Great self-starter experience, ability to self-priorities, operate independently and demonstrate end to end accountability.
• Performed full security SOC activities to include protection, detection and correction technologies (Firewalls, IDS/IPS, Content Filtering, WAF, Vulnerability Assessment, Employee Activity Monitoring, Forensic, PACS end protection, etc.)
• Involved on Industry recognized information security qualification (CISSP, CISM, ISO 270001, IRAP, DRAP, etc.)
• Strong contributor to the project cyber security architecture and solution required under the contract and guidance from ISM and PSPF.
• Performed in Review risk assessments completed by security team based on National Institute of Standard and Technology (NIST) and International Standard Organization (ISO) by using its methodology is based on the PDCA cycle, which builds the management system that plans, implements cyber security, maintains, and improve the whole system.
• Worked in a 24 * 7 Security operation center
• Continuous monitoring and interpretation of the threats using the IDS and SIEM
• Use vulnerability Assessment tools such as Nessus, AMAP to preform security testing
• Investigation malicious phishing emails, domains and IPS using open source tools and recommend proper blocking based on analysis.
• Rescan mitigated systems for further infections. If none, commission systems back to the network
• Conduct research on new and evolving threats and vulnerabilities using security blogs
• Research new and evolving threats and vulnerabilities with potential to impact the monitored environment conduct log analysis using Splunk

Confidential, Cincinnati, Ohio

Cyber Security Engineer

Responsibilities:

• Worked in Designed, deployed, optimized Enterprise Security solutions and services e.g. Cyber Threat Management & Intelligence, Security Analytics solutions, SIEM, Malware detection & analytics, APT detection and containment etc.
• Assist with project planning and identification of mitigation activities
• Involved in Troubleshooting issues related to McAfee epos servers (5.x), VSE 8.x and HIPS
• Performed with Risk assessment using Industry standards like NIST Rev3 and Rev4, HIPPA, PCI/DSS and develop Security policy as per these standards.
• Working on Internal External Vulnerability Assessments as required for various regulatory compliance. Mitigated any identified audit items and worked on modules like AML, BSA, OFAC, and participate in fraud investigations.
• Involved in Own all aspects of cloud security product definition including vendor integration, platform integration and monitoring for cloud platforms including but not limited to Microsoft Azure
• Excellent knowledge of Public Cloud security architectures and Azure infrastructure
• Worked in deploying and configuring Firewall Appliances (Barracuda, Palo Alto, Fortinet) to secure Azure Cloud
• Good Experience is defining cloud security controls for an Azure environment at an Enterprise level for SecOps
• Expert with implementation of McAfee ePO on Windows, Linux, vulnerability assessment tools, firewalls, IDS/IPS, Nessus, NMAP, SIEM, DLP, Active directory user's attribute bulk modification in PowerShell, query user's details in PowerShell and export reports.
• Worked on security standards and frameworks, this could include the ISM, NIST, ISO 27001/2 ISO 27702, CIS Controls, OWASP, Confidential ATT&CK, Essential Eight, and C2M2.
• Experienced in Engineered and deployed global McAfee SIEM solution and deployed global Carbon Black Response EDR solution Engineered and having good experience SAST and DAST applications using tools using Check Marx
• Knowledge in Successfully configured ESX servers for HA and DRS capabilities and managed DNS, DHCP, Remote Desktop Session Host, DFS, and Microsoft Failover Clusters.
• Soc Security Analyst Rescan mitigated systems for further infections. If none, commission systems back to the network
• Identify suspicious/malicious activities or codes
• Monitoring and analysis of security events to determine intrusion and malicious events.

Confidential - Bedford, MA

Security Engineer

Responsibilities:

• Involved in Assessing and managing security operations, alerts and incidents, ensuring activities comply with Doshii’s risk policies, and legal and regulatory standards.
• Experience in Engineered and deployed global McAfee SIEM solution and deployed global Carbon Black Response EDR solution Engineered and having good experience SAST and DAST applications using tools using Check Marx
• Involved in Assess current state, input into security engineering strategy, develop CI/CD security guardrails and identify patterns in the security engineering domain
• Provided governance across all development related matters, including participating in internal DevSecOps forums to ensure decisions are aligned to security strategy
• Working in Firewall rule request; review, approval, implementation (Including requirements for NAT, VPN)
• Experienced on multiple RSA Archer solutions i.e., Business Continuity, Compliance, Audit, Policy, Risk and Vendor Management including Findings and Issues Management, Risk Register, Risk Control Self-Assessment and Security Operations.
• Involved in Assist with building out scalable cloud-based solutions to maintain security operations for Doshii, with an emphasis on automation
• Provide leadership and mentorship to the Doshii Technology team to build solutions with security at the forefront
• Experienced in using Splunk best practice GRC standards for OWASP top 10 CIS CSC, DLP, Data classification, and Encryption standards for Contractors and employee.
• Provide expertise to create policies, processes, procedures, documentation
• Worked with Windows, Linux, vulnerability assessment tools, firewalls, IDS/IPS, Nessus, NMAP, SIEM, Splunk, Active directory users attribute bulk modification in PowerShell, query user's details in PowerShell and export reports.
• Strong experience in understanding of enterprise, network, system/endpoint, and application-level security issues and risks
• Identify suspicious/malicious activities or codes
• Monitoring and analysis of security events to determine intrusion and malicious events.
• Investigation malicious phishing emails, domains and IPs using open source tools and recommend proper blocking based on analysis.

Confidential, Chicago, IL

Cloud Security Engineer

Responsibilities:

• Performed in detection and response to security events and incidents within global fortune 500 client networks; utilizing Arc Sight, Splunk, Tipping Point, Virus Total, IPVOID, FireEye, Wireshark, etc. to gather, analyze, and present forensic evidence of cyber malware and intrusions
• Experience in Collaborate with application teams to apply Devops practices in the development lifecycle
• Involved in Coordinated escalations to Forensic Analyst Team with recommendations for remediation
• Good working experience in Acted as liaison and interacted with leadership, account management teams, and engineers to further define the risk and remediation plan
• Involved in Evaluated and fulfilled requests from the Account Information Security Risk & Compliance Officers for each client and aligned with the appropriate runbook procedures to attain Client Service Level Objectives and Agreements
• Experience in incident handling, especially RCA analysis.
• Worked Splunk to monitoring/metric collection for applications in a cloud-based environment.
• Maintaining experience in all shared resource and monitor free and utilized disk space.
• Responsible for setting up projector, audio/video devices for meetings and lectures.
• Involved in Keeping and tracking inventory of all loaner laptops issued to students and staffs.
• Experience in Install and configure the QRadar SIEM including all its components, local & or remote log collectors.
• Experienced on SIEM tool QRadar for reporting and data aggregation.
• Experienced supervisor on information security program s health and industry threat landscape;
• Supported in Incident Response program; Investigated, gathered and documented inappropriate use and internal security incidence.
• Experienced cyber security threat engineering activities with specific focus on countermeasure Tactics, Techniques and Procedures (TTPs).
• Worked in Coordinated with Network Administrator regarding BGP/OSPF/EIGRP routing policies

Confidential, Tampa, FL

Cloud Security Engineer

Responsibilities:

• Create Security Assessment Plans (SAP) to initiate Information Security Assessment.
• Assemble documentations and supporting materials necessary for security control assessment.
• Provide an accurate technical evaluation of applications, systems, or networks, documenting the security posture, capabilities and vulnerabilities against relevant security controls.
• Conducts assessment of the security and privacy controls implemented by an information system to determine the overall effectiveness of the controls and the vulnerability state of components, applications and databases residing within the system boundary.
• Control effectiveness refers to the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system.
• Conduct security assessments and develop risk mitigation strategies.

Confidential

System Administrator

Responsibilities:

• Install, configure, upgrade, and maintain database instances.
• Created various database objects and created users with specific roles and levels of security.
• Worked extensively in Query analyzer and profiler for tuning queries using variable for characteristics and query costs.
• Provided 24x7 production support for SQL Server databases on Clustered Servers with sizes ranging from 20gigabyte up to 2 Terabytes to achieve maximum performance and uptime in production environment.
• Performed Snapshot and Transactional replication
• Performed Daily task to verify the backup jobs and troubleshoot them if the jobs were failed.
• Resolved presented architectural issues with proposed implementation while working with customers on improved understanding of design considerations as regards windows and SQL server
• Performed monitoring, troubleshooting, performance tuning, change management and capacity planning on systems
• Maintained service pack levels and applied Microsoft security hot fixes to SQL Server
• Set up security context and roles to allow web-based application to communicate with database servers and support staff to access production database servers when troubleshooting issues
• Managed multiple databases and provided technical support to a user base of about 6000 people.