Skills Summary

Professional Experience

Confidential

Senior Network Security Engineer

• Deployed, implemented, configured and managed Cisco FWSM and ASA Firewalls, Cisco IDS/IPS, Cisco ISE, Wireless Controllers/APs and Cisco Meraki Cloud Wireless Security on high volume critical production environment.
• Conducted and performed security review and testing of Cisco ASA, Cisco FWSM Firewalls, Cisco Routers, Cisco WLANs Controllers/APs and Cisco Meraki Cloud WLANs based on NIST, SOX, ISO 27001 and PCI DSS compliance standard.
• Configured and performed automation, manual, dynamic and static testing of Cisco Devices and Web Security Appliances with Perl and Java Scipt for security vulnerabilities and attacks mitigation.
• Configured and managed OSPF, BGP, HSRP, VRRP and ARP security vulnerabilities defense and mitigation.
• Deployed, configured and implemented Imperva SecureSphere WAF and DAM, WebInspect, Appscan, OWASP for Web-based application vulnerability analysis and code review process.
• Conducted and Performed Vulnerability Assessment and Penetration Test on the perimeter network, systems and applications based on SOX, ISO 27001 and PCI DSS Compliance Standard.
• Deployed and implemented Wireshark, HPING, Retina Iris, Nessus, NMAP, Netflow, Device Engine Firewall Analyzer and Solarwind for security vulnerability event monitoring, packet and traffic analysis.
• Reviewed and analyzed application codes for Cross-Site Scripting, CSRF, SQL Injection, parameter manipulation and brute-force attacks.
• Coordinated and managed Network, Systems and Application security vulnerability activities with developers and engineers both in the US and India to evaluate and analyze software and application codes security threats and risk.
• Analyzed and Coordinated security vulnerability activities with Cisco Security Incident Management Team on latest and emerging security vulnerabilities.

Confidential

Security Engineer

• Deployed and configured IBM AppScan, HP Fortify and Web Inspect for Web application vulnerability management and code reviews.
• Trained systems administrators, network engineers and Infosec personnel to solve and troubleshoot security and network issues more efficiently.
• Actively investigated latest security vulnerabilities, advisories, incidents, and network protection techniques.
• Protected and defended against Web and Internet applications security vulnerabilities such as cross-site scripting, CRF and SQL injection.
• Designed, recommended and built solutions and mitigation to address security issues, risk and vulnerabilities.
• Developed, deployed and implemented Business Continuity and Incident Response Management Plan, and leveraged MS/SIM Method to validate compliance with business, legal, and regulatory security requirements.
• Configured, secured, managed and updated AirWave with walls, pillars, windows, and other obstacles to wireless transmissions. Input existing Access Points into Airwave and place in correct locations on imported floor plans and identified locations requiring additional APs to ensure wireless density and security standards are met.
• Conducted and Performed Vulnerability Assessment and Penetration Test on the perimeter network, systems and applications based on SOX, ISO 27001 and PCI DSS Compliance Standard.
• Configured, managed and implemented Aruba Wireless Controller, RAPs and Juniper SBR Radius Authentication for Wireless Security management.
• Configured and performed automation, manual, dynamic and static testing of web based application with Perl and Java Scipt.
• Deployed and implemented WebInspect, Appscan, MetaSploits and OWASP for Web-based application vulnerability analysis and Code reviews.
• Managed and implemented best practice firewall rules for Security Policy and Regulatory Compliance Standard. And worked with Network Engineers on VLAN Switch , Router Routing Protocols and Firewall rules and policies security.
• Deployed, configured, managed and implemented Juniper Firewalls SSG, SRX, NSM, and Juniper SSL VPN, LAN-LAN IPSEC VPN and Cisco IDS/IPS on high volume critical production environment.
• Configured, managed, monitored and analyzed IDS/IPS Signatures Attacks, Wire Shark, Firewall logs, Systems, Applications and Security Event Incident Management Logs for comprehensive security vulnerability monitoring.

Confidential

Network Security Engineer

• Deployed, configured, managed and implemented Cisco Routers and Switches, Cisco ASA 5500 series Firewalls, Cisco VPN Concentrators LAN-LAN IPSEC VPN and Cisco IDS/IPS on high volume critical production environment.
• Deployed, implemented and managed Web Application Firewall to block intrusion attempts before they interact with back-end web application.
• Stayed informed about industry best practices, researched new and developing security attack methods, and presented insights regularly to managers and development teams.
• Performed malicious code control analysis and security compliance testing and responses.
• Deployed and configured ISS Vulnerability Scanner, WebInspect, Wikto, Microsoft ISA/SMS Server, TripWire and BindView for vulnerability and security management.
• Performed information security assessments and audits of internal networks/systems to meet SOX with ISO 27001 Security Audit and Regulatory Compliance Standard.
• Configured, managed, monitored and analyzed IDS/IPS Signatures Attacks, Firewalls log, Systems, Applications and Security Event Log for comprehensive security monitoring and vulnerability management.

Confidential

Network Security Engineer

• Deployed, managed, configured and implemented Login, AD, GPO, Users, E-mail, Groups, Domain, LDAP, Components and Software Application Accounts.
• Performed information security assessments and audits of internal networks and systems based on SAS ISO 2701 Security Audit and Compliance Standard conducted by Deloitte Touche.
• Pro-actively protected the integrity, confidentiality and availability of Freddie Mac data and assets with Cisco Firewalls, Single Sign-on, Tripwire for Servers, IPSec, VPN, DMZ and IDS/IPS for access control and security monitoring and analyses. Developed, deployed, managed and enforced Network and Systems Security Policy, Standard, Procedure and Disaster Recovery and Business Continuity Plans.
• Deployed, Configured and managed Cisco Firewall, Routers and Switches in a high volume production environment.
• Secured and hardened Windows NT, 2000, 2003, 2008 and Unix servers in a high transaction production environment.
• Worked with other engineers to develop, deploy and implement Business Continuity and Incident Response Management Plan, and leveraged MS/SIM Method to validate compliance with business, legal, and regulatory security requirements.
• Deployed and configured IDS signature attacks, ISS Vulnerability Scanner and Nessus for vulnerability and security management.

Confidential

Network Security Engineer

• Conducted and performed vulnerability scanning and security assessment of all computer systems, networks, software application and databases in order to ensure maximum security of data. And recommended proper security solution for known vulnerabilities.
• Pro-actively protected the integrity, confidentiality and availability of data and assets with Cisco Firewalls, Tripwire for Servers, IPSec, VPN, DMZ and IDS/IPS for access control and security monitoring and analyses.
• Trained various personnel and tech support to troubleshoot network and security issues more efficiently with minimum downtime thereby maximizing productivity and providing highly available network most of the time to the end user as well as to the Top Tier customers such as Bank of America, Citi Bank, Chase, Lending Tree and Freddie Mac.
• Secured and hardened Windows servers and workstations in a high transaction production environment by working with Microsoft Windows Security Developer.
• Attended security trainings and seminars at Microsoft Microsoft Security Clinic and MS SDLA.

Confidential

Network/Internet Engineer

• As a Network and Internet Engineer, I deployed, configured, managed and implemented secured web codes and Internet software applications on a high transaction production environment.
• Managed, maintained and secured critical production data on the Internet from intrusions, worms and virus attacks.
• Configured and managed web servers and sites on a critical production environment.
• Configured and managed Web Application Firewall to prevent Internet attacks and intrusion.
• Tested and certified web applications and sites with Quality Assurance Engineers.
• Monitored web applications and sites for security, downtime, performance and availability.
• Troubleshot custom web applications written for Apache and IIS using application and operating system logs and other technique.
• Monitored and reviewed logs of computer systems and network activities for possible unauthorized intrusion and Worms/Virus, and troubleshot/tested web applications with QA Engineers.