SUMMARY

• Having 6 Years of extensive work experience in Security Analyst.
• Expertise and support to the Information Assurance Manager in the areas of network security, paths, security standards, security policies and procedures, best security practices, proactive monitoring and risks identification, intrusion detection and protection.
• Familiar in network systems security duties and able to integrate new technologies into new and existing systems, including the transition and migration of corporate systems.
• Audit system’s hardening, Image Patching and pushing of new applications to workstations and servers.
• Ensure compliance of corporate security policies and practices.
• Craft or revise local policies and procedures, as required.
• Ensure all security violations and incidents are reported to the Information Assurance Manager.
• Serve as agent for system vulnerability scanning and compliance checking.
• Ensure system resources are used effectively. Coordinates the resolution of IA - related problems.
• Ensures proper relationships are established between the user community and organization relied upon to facilitate the secure delivery of information technology services. Provide input to security plans on IT projects, and maintains effective communications with management.
• Perform quarterly network security scans on wire and wireless network segments and on demand.
• Perform quarterly IT security best practices audits.
• Expertise for all issues related to Information Assurance for all systems connected to the corporate network. The Network Security Analyst will have responsibilities for ensuring the successful and accreditation of several systems and the authority to operate and to connect to the network LAN and WAN resources. He/she will employ industry best practices and standard IA processes, procedures and techniques to support and maintain existing IT systems.
• Provide accurate and up to date supporting documentation.
• Keep up to date with new technologies and services applicable to the network security field.
• Build and maintain a Network Security lab environment for testing and proof-of-concept tasks.

TECHNICAL SKILLS

Technical Skills: UNIX, Linux, Windows, LAN/WAN, LDAP, Wireless Network, TCP/IP/UDP; ACL tools, DMZ, IDS Snort, Cisco Routers/Switches. Microsoft Office Suite, Power Point, Word, Excel, Access.

Tools: RSA envision, Qrader, Qualys guard, Deep Sight, Backtrack, Encase, wireshark, FTK, Snort, lantern mobile forensic tool, ArcSight, Metasploit, Nessus, NeXpose, Kali, Symantec Enterprise

PROFESSIONAL EXPERIENCE

Confidential, San Jose

Security Analyst

Responsibilities:

• Analyzed Security Incident Event Management (SIEM) logs for compromised/infected hosts on network.
• Experience on Qradar, ArcSight and Splunk.
• Advanced technical analysis for resolution of issues experienced by users Identified and removed malicious software from Firm clients and servers.
• Implemented firewall rules as necessary on both network hardware and host-based software.
• Experience on Cisco PIX and Cisco ASA
• Composed the overall structure of the Security Analyst team to detail roles, responsibilities and escalation procedures.
• Assisted in re-writing numerous procedure documents for Incident Management, reporting, escalation and of new hires
• Worked on IBM SiteProtector system which is a centralized management system that unifies management and analysis for network, server and endpoint security agents and appliances.
• Conduct regular research on current vulnerabilities and exploits using publically available, trusted resources
• Established new processes and procedures on responding to various security incidents, significantly increasing response time and improving overall customer service.
• Worked on Symantec deep sight to know about enhanced global threat and vulnerabilities which helps to identify and block threats before they impact your critical systems.
• Provide primary support for Websense Web Security. Support the firm's Internet URL content filtering security policy, respond to incidents, and assess business requirements and resolution
• Analyze and investigate suspicious activity using log files, IPS, SEIM, network monitoring tools, and remediate accordingly.
• Worked on ServiceNow tool to manage and Security and monitor tickets related to Security.
• Experience on security vulnerability assessment and management tools (Qualys)

Confidential, San Jose

Security Analyst

Responsibilities:

• Administered enterprise IDS/IPS environment.
• Developed vulnerability identification, analysis, and mitigation standards and lead vulnerability management
• Perform penetration testing and exploit verification on gold client image
• Implemented firewall rules as necessary on both network hardware and host-based software
• Experienced in the identification and examination security risks, using Vulnerability/Threat Analysis solutions and Risk Management tools and methodologies available for various platforms and applications (Qualys, Nessus, OpenVAS, Metasploit, etc.)
• Experienced in the creation and maintenance of Policy, Standards, Procedures and Guidelines to promote and effective ISMS and to meet compliance needs for organizations applicable to GLBA, SOX and HIPAA.
• Experience with the latest open source tools, including Snort, Suricata, OSSEC and Snare for system log and traffic analysis
• Solid understanding of networking, architectures and security elements to include firewalls, intrusion detection systems, routers and proxies
• Efficient in maintaining software updates, designing and implementing new system structures, monitoring server activity and auditing server security
• Installed and configured Layer 2 and Layer 3 Cisco switches with VLan's, subnets, and default gateways
• Create mitigation plans to patch vulnerabilities with a large enterprise network
• Assists in the development and implementation of security policies and procedures (e.g., user log-on and authentication rules, security breach escalation procedures, security auditing procedures and use of firewalls and encryption routines).
• Enforces security policies and procedures by administering and monitoring security profiles, reviews security violation reports and investigates possible security exceptions, updates, and maintains and documents security controls.
• Produces detailed documentation on all existing security policies, practices, and technical configurations
• Conduct Security Testing and Evaluation (ST&E) and Penetration testing within the network.
• Experience in assessing compliance against enterprise security controls.
• Experience in implementing security standards and evaluating and supporting desktop security applications (encryption, DLP, endpoint control, and AV)

Confidential, Boston

Security Analyst

Responsibilities:

• Web app penetration testing
• Network penetration testing
• Administering and reviewing security systems such as SEIM, FIM, IDS/IPS
• Security incident response
• Auditing device configurations (e.g. servers, firewalls, VPN)
• Experience with web application security testing techniques
• Practical knowledge and experience with OWASP top ten issues with an understanding of web-based application vulnerabilities
• Assists in the identification of potential internal and external threats and risks that jeopardize the availability of IT systems, to include but not limited too
• Develop and review secure O/S builds for all computing platforms
• Implement systems and controls to prevent unauthorized access
• Global design and deployment of the IT security infrastructure, including management and analysis of security tools
• Assists in the implementation of mitigation strategies and controls
• Prepares enterprise security awareness plans
• Assists in forensic analysis, cyber-crime investigation, incident emergency response and investigations related to information security

Security Analyst

Confidential

Responsibilities:

• Assisted with the testing, coordination and deployment of security Prevention System.
• Enhanced and drafted new policies for Information Security
• Worked with senior staff in creating, tracking and resolving security incidents.
• Created tickets for security issues utilizing Remedy