SUMMARY:

• A Skilled Information Security Analyst with expertise in wide range of risk management, unauthorized access viruses and vulnerabilities and threats. Well - versed in direct and remote analysis with strong critical thinking communication and people skills.
• Able to thrive in fast-paced and challenging environments where accuracy and efficiency matter.
• Strong Background Knowledge of Networking, Computer systems, Web systems.
• Expertise in network protocols used in different systems.
• Deep understanding of tools like Nessus, Qualys, Kali Linux, Burp Suite, OWASP ZAP, and penetration testing frameworks.
• Experience in SIEM (Security Information and Event Management) - Splunk Administration and analytics development on Information Security, Infrastructure and network, data security, Splunk Enterprise Security app, Triage events, Incident Analysis.
• Experience in dashboards, reports and performance optimization.
• Extensive experience in the below mentioned.
• Authentication and Authorization, vulnerability Assessment & Scan.
• TCP / IP, VPN, Openstack, Shell Scripting, Python Scripting, C/C++, PHP Script, HTML &CSS.
• SIEM, Splunk Enterprise Security, Securonix Apps, SailPoint, Symantec DLP,
• SSL/TLS, Nagios, Cacti, Internet of Things (IoT), Distributed Denial of Service (DDOS).
• LDAP, DLP, Intrusion Detection and Prevention System, Identity and Access Management (IAM), Anti Malware, Network Access Control.
• Troubleshooting skills using Wireshark and Netmon.
• VLAN/Private Vlan/Super Vlan/Community Vlan, and QoS.
• IT as a Service (ITaaS), Software as a Service (SaaS), Network as a Service (NaaS), Security as a Service (SECaaS), Data as a Service (DaaS).
• Information Security, Incident Management, Identity and Access Management, Loss Containment and Mitigation.
• Data Loss Prevention, Data Privacy Management, Data Governance, Customer Impact and Complaints Resolution.
• VPN setup using IPSec, knowledge of AAA and 802.1X.
• Microsoft Windows, UNIX, Linux operating systems.
• Rapid7 Exploitation tools, IBM App scan, Qradar, Qualys Cloud platform, Tenable Security Center, Burp Suite, Nmap, Wireshark, ZaProxy, Google Dorks, BeEF.
• Penetration testing environments like kali Linux Backtrack and Parrot Security.
• Wireless Network setup and Management Skills.
• Microsoft Azure, Amazon Web Services (AWS), Google Cloud Platform (GCP), Openstack.

WORK EXPERIENCE:

Confidential, Dallas, Texas

Threat and Vulnerability Management Analyst

Responsibilities:

• Staged, installed, configured, integrated and tested Splunk Enterprise logging systems in the labs, then deployed to data centers.
• Deployed apps to windows systems and configure to collect windows application, security, audit, user activities, printers and SQL servers event logs inject into Splunk Enterprise System.
• Created advanced dashboards, alerts, reports, advanced Splunk searches and visualization in Splunk enterprise
• Monitored database connection health by Splunk DB connect health dashboards. Working on Splunk ITSI glass tables, deep dives, ITSI modules.
• Develop Splunk correlation searches to identify and address emerging security threats with continuous monitoring, alerting and analytic.
• Created Advanced Dashboards using Regular expressions. Splunk application support to onboard various applications to the command center.
• Worked on installing Universal Forwarders and Heavy Forwarders to bring any kind of data fields into Splunk.
• Managed indexes and cluster indexes, Splunk web frame work, data model and pivot tables.
• Design solutions and concepts for data aggregation and visualization. Splunk deployment, configuration, and maintenance across a variety of UNIX and Windows platforms. Able to troubleshoot Splunk server problems and issues.
• Monitoring abnormal activities internal user with Splunk UBA.
• Analyzed security-based events, risks and reporting instances. Drive complex deployments of Splunk dashboards and reports while working side by side with technical teams to solve their integration issues.
• Troubleshoot Splunk alerts and dashboards for multi-applications. Understands Splunk configuration and able to debug Splunk related issues.
• Help to document best practices in developing and using Splunk run book documentation.
• Developed requirements and specifications for systems that meet customer requirements involving complex and complicated issues.
• Various types of charts Alert settings Knowledge of app creation, user, and role access permissions. Creating and managing app, Create a user, role, Permissions to knowledge objects.
• Experience in operating and monitoring AWS instances and Splunk Enterprise Security (Splunk ES).
• Active monitoring of Jobs through alert tools and responding with certain action w.r.t to logs, analyze the logs and escalate to high level teams on critical issues.
• Engaged with cloud technologies like Amazon AWS, experience with Google Cloud Platform.
• Technical writing/creation of formal documentation such as reports, training material and architecture diagrams

Confidential

Information Security Analyst

Responsibilities:

• Conducted risk assessment, vulnerability testing, assurance testing and provides recommendations for the security issues.
• Develop and ensure technical baselines for secure management of systems across multiple platforms and applications identified and analyzed business violations of security policy and standards
• Performed research, analysis, and troubleshooting to identify, resolve, and explain complex security issues to members of the company.
• Performing vulnerability scanning and identifying the root cause of the vulnerabilities using Nessus.
• Maintain proficiency in computer network exploitation, tools, techniques, countermeasures, and trends in computer network vulnerabilities, network security, and encryption.
• Manage SIEM solution for effective security monitoring of systems. Optimize the performance of log collection and correlation rules. Review SOC alerts and respond to security incidents.
• Define groups can share contacts, tasks and projects, and specify which users can access which reports.
• Create Reports, Pivots, alerts, advance Splunk search and Visualization in Splunk enterprise.
• Researched and developed all aspects of information security engineering with responsibility to assess and mitigate system security threats/risks throughout the program life cycle.
• Administered and maintained user access controls, processes, and procedures to prevent unauthorized access, modification, or misuse of resources.
• Testing with advanced exploitation methods like Metasploit and Nmap on the network application and remediation for the issues.
• Analyzing the companies network traffic for unauthorized traffic using Wireshark and ZaProxy advanced packet analyzers.
• Performed vulnerability assessments, tests, and security audits, produced reports of findings, and worked cooperatively with engineers to implement remedial measures.
• Investigating various security issues in company servers using security assessment tools and recommended security solutions and processes to improve overall company security.
• Central Point of Contact for the configuration, integration, and deployment of all new or improved security solutions and processes in accordance with standard best practices and the company's security policies.
• Participated in the creation of IT security policies, procedures, guidelines, baselines, and standards.
• PCAP analysis using Wireshark at various levels, sniffing network traffic for security issues and troubleshooting.
• Participated in the planning and design of company security architecture.
• Responsible for maintaining up-to-date baselines for the secure configuration and operation of all existing devices.

Confidential

Application Security Analyst

Responsibilities:

• Creating scans and activating the alerts for the schedule’s scans using vulnerability scanning tools like Tenable’s Nessus.
• Research new application security technologies and implement them to improve application security.
• Responsible for doing proof of concept testing in various Endpoint Protection tools and Vulnerability Management tools.
• Work cross functionally to scope schedule and then analyze results from Red Team exercises on software products.
• Documenting findings in reports and working with teams on remediation.
• Reviewed logs and reporting of all existing devices, whether under direct control i.e., security tools, workstations, servers. Interpreted the implications of that activity and devised plans for appropriate resolution.
• Provided detection and response to security events within the network, PCI and web application vulnerability scanning, security log management and monitoring intrusion detection/prevention system operations, vulnerability detection, assessment, and mitigation.
• Working with other scrum teams for security-focused design.
• Providing support for patch management for the products. Assisting in fixing the vulnerabilities found in the scan’s reports.
• Overall security vulnerability testing and management using manual methods and security testing tools.
• Manage and monitor multiple user accounts within the firm and providing remediations on accounts that deem to be vulnerability threat.
• Assessed security and advised on any detected vulnerabilities in the infrastructure (Software, Hardware, Networks).
• Ensure Compliance of operating systems and applications with security polices in a global environment.
• Maintaining and analyzing all the log data from the servers and storage devices using the event management tools.
• Defining and managing all the user roles based on the organization security policy.
• Assisted with implementing solutions for security practices, by performing risk analysis and cost benefit assessments of identified security risk factors.

Confidential

Network Engineer

Responsibilities:

• Install and manage LAN’s across all platforms, Maintain firewall, Virtual Private Network, Web, protocols and security.
• Troubleshooting network issues related to TCP, IP hardware and software level networking issues.
• Configured, troubleshoot, and upgraded Checkpoint Firewalls for Manage clients, which included network and/or resource access, software, or hardware problems.
• Managing Network Connectivity issues in network using layered model.
• Using advanced network analysis tools like Wireshark, LAN Guard to prevent unauthorized access.
• Responsible for collecting and processing data from numerous systems to combine in to desired format and generated for production quality and reporting.
• Analyzing the log data for any unauthorized access to the network systems.
• Monitored performance and analyzed network issues using tools such as Riverbed and HP iMC.
• Installed and configured all VPN solutions for wireless devices, laptops, desktops and networked printers.
• Researching and developing innovative techniques and tools for reliable solutions.
• Executing daily administrative tasks as well as solving network issues.
• Managing improvements, modifications, or replacements of the network components and assisted in managing the server deployments.