TECHNICAL SKILLS:

Operating Systems: RedHat 4 - 7, Solaris 8-9, CentOS 4-6, Ubuntu, Fedora, BackTrack5, Kali Linux, Windows Server 2008, 2012, 2016 and Nano Server, Mac OS X

Languages and Web Development: Bash Shell scripting, Python, Ruby, HTML, CSS, PHP, XML

Cloud Infrastructure: OpenStack, Windows Azure (ARM, storage, AD, PaaS,DMA)and Amazon AWS (EC2, S3/Glacier, Route53, VPC, EBS and Security Groups)

Application: Splunk, Puppet, Chef, Ansible, Nginx, Remedy, Apache, Tomcat, MySql, Jenkins, Nagios, Veritas NetBackup, Git, Docker, Vagrant, VMware ESXi and vSphere, Kickstarter and KVM, BigFix, Remote Desktop, Remedy, Microsoft Office Suite (Word, Excel, Outlook, Access and PowerPoint, Microsoft Exchange), System Centre (SCCM)Security Tools: WireShark, Nmap, Zenmap, Metasploit, Armitage, Snort, net stumbler(search unencrypted wifi), Knoppix, Retina, Microsoft Baseline Security Analyzer (MBSA) and Nessus, Rapid7, SoureFire, PaloAlto, linux untangle, Cofee, Encase

PROFESSIONAL EXPERIENCE:

SYSTEM/SECURITY ENGINEER

Confidential, Rockville, MD

Responsibilities:

• Tested new security controls and provided updates in accordance to government guidance.
• Threat evaluation using ArcSight and Splunk live feeds.
• Monitored security posture and security incidents regarding trending outside and inside threat vectors.
• Modify, test, and implement custom HIPS rules and establishes exclusions.
• Implement STIG requirements.
• Performed updates and modified Palo Alto firewalls.
• Review DLP policies and investigate violation via non-approved devices.
• Perform backup and audits of privilege users.
• Timely and accurately generating IR reports, reviewing possible gaps and updating upper management
• Consolidating analysis of suspicious Splunk data security event logs (Windows Defender, AppLocker, Audit Events)
• Performing Windows security administration tasks such Active directory, critical Flash/Java updates, recovery plan, collecting and reviewing Windows logs
• Preparing, researching and generating Incident reports for upper management
• Conducting Installation, configure/maintaining network equipment, end point protection, patching, switches and intrusion detection systems
• Assist in implementation of standards, procedures and guidelines (SOP)
• Endpoint Malware Detection and Prevention using AVs
• Assist to develops and implements security controls supporting the Risk Management Framework approach based on NIST Special Publication rev 4, FIPS 200, and System Categorization using NIST, and FIPS 199
• Supporting audits, maintaining and routing necessary documentation
• Improving diagnosing risk, security and compliance incidents with issues involving extensive analysis
• Assist to recommending security resolutions to management for better malware detection and endpoint security
• Providing Information Security Operations Center (ISOC) support, Analyze a variety of network and host-based security logs (Firewalls, NIDS, HIDS, Syslog, etc.)
• Use Virtualization tools (VMware Esxi 5.5, Hyper-V and Oracle Virtual Box) to host and manage VMs.
• Set up firewall configuration using IPChains/IPTables/Firewall-cmd and SELinux
• Setup, configure and troubleshoot TCP/IP, DHCP, DNS, NFS, CIFS, SMB in multiple server LAN
• Assembled and Puppet Master, Agent and Database servers on Red Hat Enterprise Linux Platforms.
• Configure Apache, Tomcat, Nginx (Proxy + load Balancer), MySQL server on Red Hat 6 for virtual and web hosting,
• Account management using LDAP and Kerboros configurations protocols, ACLs and file management
• Monitoring and Maintaining system configuration and log files and system error with password recovery and performance tuning, perform fault isolation and root-cause analysis of recurring issues.
• Archiving, compression backup and restoration of data from Veritas NetBackup
• Experience in Server monitoring, capacity planning, using Nagios, Cacti, Zabbix, Puppet, Splunk.
• Provided 24/7 support in a production and staging environment, troubleshooting and documentation for future reference
• Responsible in part of the ticketing system running on Remedy
• Use Red Hat Satellite server to deploy, monitor and manage systems updates
• Creating or attaching existing VHD, simple volume, spanned volume or striped volume allocation, and VHD partitioning. RAID 0,1,5 and 10 configuration settings.
• TCP/IP network configuration (IP addressing and Subnetting) and linking servers to central domain server.
• Install and configure Active Directory Domain Services and Active Directory Lightweight Directory Services for deployment of applications, Creating Organizational Units(OU's) and setting up Group Policy Objects(GPO), and Group Policy Containers(GPC)
• Identity management using password management tools such as Cyberark.
• Integrate LDAP running on Linux with Active Directory Services on Windows.
• Deploy and Configure DNS, DHCP Servers, VPN, RADIUS, NAT, DirectAccess
• Implementation of Failover Clustering, Windows Server migration Tools, Windows Server Backup Group Policy Management, SMTP Server,
• Server management using WSUS, WDS, System Center Configuration Manager (SCCM)
• Installation, configuration, and support on front end and back end on splunk
• Provided technical services to projects, user requests and data queries.
• Resolved configuration based issues in coordination with infrastructure support teams.
• Cloud experience on OpenStack private cloud, Windows Azure and Amazon).
• Assist to design, configure, manage, and maintain the deployment and operations in Amazon EC2, AWS, VPC, S3, Elastic Search services and creating security groups.

SYSTEM ANALYST/ADMINISTRATOR

Confidential, Silver Spring, MD

Responsibilities:

• Installation, configuration and connecting RHEL 6, Centos 6.4 and Solaris 10 servers to a network using standard installation and Kickstart.
• Review server platforms, installations and configurations to ensure corporate and industry standard were followed
• Experienced in Virtualization (VMware Esxi 5.5, Hyper-V and Oracle Virtual Box).
• Hardening, and patching both Red Hat 6 and Solaris servers and upgrade new release on standalone servers (using single user mode), and also on production servers.
• Setting up firewall configuration using IPChains/IPTables and SELinux
• Perform multiplatform volume management using LVM and VCS volume manager and manage swap configurations.
• Assembled Puppet Master, Agent and Database servers on Red Hat Enterprise Linux Platforms.
• Use Puppet and Ansible as automation tools for application management and OS management.
• Create cron jobs for periodic processes using crontab or bash scripting
• Manage crash and core dump files, archive, compress files and send to vendors.
• Configure Apache, Tomcat, Nginx (Proxy + load Balancer), MySQL server on Red Hat 6 for virtual and web hosting, install and configure samba for quick publishing using third party web page maker.
• User and security account management using LDAP and Kerboros configurations protocols, and file management using RWX permissions or ACL.
• Monitoring and Maintaining system configuration and log files and system error with password recovery and performance tuning, perform fault isolation and root-cause analysis of recurring issues.
• Responsible for data management using Red Hat utilities for archiving, compression backup and restoration
• Experience in Server monitoring, capacity planning, application monitoring with the help of Nagios, Cacti, Zabbix, Puppet, Splunk.
• Perform backup using Snapshots, Rsync, Veritas NetBackup and Jenkins backup add-on
• Configuration of cisco network Security appliance (NSA) with WAN login, VPN (SSL, IPSec and Site-to-site), SNMP, Intrusion Detection and Prevention Security; IPS and IDS, firewall, DMZ, LAN, DNS, DHCP server, NAT, web Threat protection, Email Security and account management
• Implementing Intrusion using snort
• Configuring TrendNet-BGN for wireless access protocols WAP, MAC filtering, WiFi Protocol Security WPS, LAN settings and user management
• Prevent zone transfers of Active Directory in Windows servers.
• Configure IP Cameras through switch console manager
• Configuring Windows Defender to filter malware within network
• Drive encryption and bitlocker configuration
• Implementing access controls, biometric systems, single sign-on (SSO) configuration, smartcard authentication and NTFS permissions
• Implement IPsec, Remote access deployment using RADIUS and TACACS+
• Encryption using both symmetric and asymmetric methods
• Maintain and managing certificates and Public Key Infrastructure (PKI)
• Implement business continuity Planning (BCP) for disaster recovery plan (DRP) and Data Loss Prevention (DLP)
• Using Access Data Forensic Took Kit to scan compromised hard drives
• Assist to implement environment control mechanisms in server room to help increase life span of servers
• Setup secure mobile and BYOD devices using Mobile Device Management (MDM), Microsoft Intune Cloud, app control using Mobile Application Management(MAM), geotagging and geofencing
• Inspection, IOS, Firewall, bandwidth
• Using Retina, Microsoft Baseline Security Analyzer (MBSA) and Nessus tools to scan rogue hosts, vulnerability assessment,
• Operating system hardening and penetration testing using Knoppix STD,
• Cisco Router and switching configurations; Spanning Tree Protocol (STP), VLANs and interVLANs, Trunking, switch security, remote access, route summarization, Open shortest path first (OSPF), EIGRP, DHCP, ACL, NTP, PPPoE, SNMP, Logs, Netflow

LINUX SYSTEM ADMINISTRATOR

Confidential

Responsibilities:

• Install and configure Red Hat, CentOS, Solaris, and Windows server 2003
• Implemented RAID 5 solution with VERITAS volume manager.
• Administered Backup/Restore Using VERITAS net
• Setup Firewall rules, networks Security and hardening of instances using CIS benchmark and STIG
• Implementation of NFS, SAMBA file servers and SQUID proxy servers
• Log monitoring, monitoring and manage CPU performance, networking and Storage on KVM, swap and File system issues, TCP/IP, NFS, DNS, DHCP, SMTP
• Monitoring ticket trafficking with REMEDY and perform troubleshooting, maintenance and operations of OS's
• Security implementation through ACL, IPTABLES and TCP Wrappers.
• Experience in implementing VMware ESXi to Dell power edge, Hyper V, X86, X84, (RedHat servers), Blade and Sun fire, (SPARC T4-2 and T4-4 models), V210(Solaris).
• Setup logrotate for applications logs and system logs
• Implemented centralized user authentication using OpenLDAP and Active Directory
• Experienced in implementing and maintaining an LAMP stack web service environment; Apache Tomcat /MySQL/PHP. Handled installation and configuration of SQUID Web proxy.
• Installation and configuration of DNS, DHCP, Active Directory, Print Server, Remote Access, VPN, Mail servers, file sharing and network drive mapping on Windows Server 2003