Penetration Tester / Incident Responder Resume Profile
NJ
Objective
Software engineer with experience as a web application security auditor and incident responder. Ability to leverage a keen eye for security to provide a holistic view of an organization's security posture.
Work History
Penetration Tester / Incident Responder
Confidential
- Worked on the five person internal CIRT team to monitor the health and security of the entire Cigna network. Directly trusted to protect confidential systems containing sensitive personal health information. Actively reported on and fixed security issues on all aspects of the Cigna computer network.
- Helped to develop and tune rule sets and policies in both Symantec Security Information Monitor and SourceFire IDS/IPS systems to help reduce false positives and catch new exploits. Created rules and policies for SourceFire to protect the enterprise against 0-day exploits. Wrote regular expressions filtering rules that helped save hundreds of man-hours. Ran cloud-based infrastructure vulnerability assessments.
- Specialized in web application security and penetration testing engagements for Cigna and its vendor partners. Was the principal strategist in completely revamping Cigna's application vulnerability assessment process. Implemented modern tools and methodologies to test for web application vulnerabilities. Carried out numerous live, automatic and manual penetration tests against Cigna applications and networked systems.
Technologies Used: Active Directory, RSA Archer, NetWitness, Symantec Security Information Monitor, SourceFire, Metasploit, IBM AppScan, Nmap, Nessus, Medusa, Ettercap, Wireshark, Burp Suite Pro, Nikto
Global Security Engineer
Confidential
- Developed in Perl, PHP, Java, JavaScript, SQL, and C . Supported the Global Threat Operations Center by developing intelligence reporting systems, and building internal automation systems for IBM SOCs across the world.
- Worked with a team of three software engineers to create dynamic, web-based intelligence reporting systems which allowed management to have a clear picture of the current threat landscape. Projects included the creation of an automated integration testing and code deployment system.
- Engineered a web-based virtualized attack laboratory. This system was created to dynamically spawn a choice of network capable operating systems, and easily launch exploits against the sandboxed victim systems. Security software and hardware could be added to the laboratory for testing purposes. A reporting system was implemented to gauge the effectiveness of the security product.
Technologies Used: Nagios, Cisco VOIP, Hudson, JUnit, VMWare, ExtJS, MySQL, SQL Server, Maven, Tomcat, Git, Selenium, LDAP, Remedy, Windows Server 2008, Red Hat Enterprise Linux
Technical Manager
Confidential
- Part-time employment. Managed this on-line computer gaming establishment, fixed equipment, interfaced with customers, and oversaw all aspects during night long lock-ins and general daytime hours. Developed and deployed a server-based disk emulation distribution system designed to share ISOs over a local area network.
Technologies Used: SmartLaunch, Daemon Tools, Windows Server 2000, NFS
Privacy Policy
Resume Categories
- .NET Developers/Architects Resumes
- Java Developers/Architects Resumes
- Informatica Developers/Architects Resumes
- Business Analyst (BA) Resumes
- Quality Assurance (QA) Resumes
- Network and Systems Administrators Resumes
- Help Desk and Support specialists Resumes
- Oracle Developers Resumes
- SAP Resumes
- Web Developer Resumes
- Datawarehousing, ETL, Informatica Resumes
- Business Intelligence, Business Object Resumes
- MainFrame Resumes
- Network Admin Resumes
- Oracle Resumes
- ORACLE DBA Resumes
- Other Resumes
- Peoplesoft Resumes
- Project Manager Resumes
- Quality Assurance Resumes
- Recruiter Resumes
- SAS Resumes
- Sharepoint Resumes
- SQL Developers Resumes
- Technical Writers Resumes
- WebSphere Resumes
- Hot Resumes
