SUMMARY:

• Proven Success in Cyber Security, System Optimization, and Strategic IT Solutions
• Cyber Security Architect/Engineer or Analyst for more than 5 years of experience providing comprehensive security design and solution by optimizing security posture in all stages of system development including testing, encrypting, and support
• System administrator and Integrator for 8 and more years of experience to manage server - client infrastructures and system optimization across multiple platforms (Windows, Linux/Unix)

TECHNICAL SKILLS:

SIEM Tools: Splunk, QRadar, ArchSight, FireEye

Scanning Tools: Tenable Nessus, Retina, Qualys Guard, Kali, NMap, MetaSploit, IBM X-force

Network and Hostbased IPS/IDS: Symantec SEP, IBM BigFix, Carbon Black, MacAfee DLP

Networking Tools/system: Firewall, OSI layers, TCP/IP, VPN, LDAP, AD, IAM

Enterprise Firewalls: Palo Alto, Cisco ASA, Checkpoint, Blue Coat, Juniper

Industry Standards: FISMA, FedRAMP, NIST SP, NIST SP, NIST SP, NIST SP, FIPS-140.2, FIPS-197, ISO 27001/ ISO 27002, PII, HIPPA, STIGs

Scripting Languages: Python, PowerShell, JavaScript

Utilized Platforms: Windows, Unix, Linux distros (Red Hat, Ubuntu, CentOS, Kali)

Cloud Environments: SaaS, HaaS, IaaS/PaaS

Virtualization Technologies: VMware, Microsoft Hyper-V

Storage Technologies: RAID, SAN, NAS, Cloud computing

Web Technologies: REST API, SOAP

PROFESSIONAL EXPERIENCE:

Splunk Engineer

Confidential, Washington, DC

• Managed distributed Splunk architecture and components including search head, indexer, forwarder.
• Managed Splunk user accounts and license usage for Splunk core, enterprise, and CDM.
• Developed Splunk queries, create alerts, reports, and dashboards with visual metrics to client.
• Installed and configured add-ons, apps and implement heavy forwarders deployment in Windows and Linux platform.
• Ingested various data inputs and integrate onboarding process to Splunk centralized platform.
• Established and ensure adoption of best practices and development standards.

Cybersecurity Architect

Confidential, Herndon, VA

• Performed onboarding of logs from various internal and external IBM customers into IBM QRadar SIEM to look for deeper visibility and security analytics.
• Ingested logs from different sources into IBM QRadar SIEM and create alerts and reports.
• Implemented QRadar SIEM use cases, tuning, and monitoring alerts QRadar dashboard.
• Performed security architecting through the use of firewalls, IDS/IPS, Symantec/MacAfee DLP, DLP rules creation and management, tuning DLP and integration with ICAP.
• Configured IPS and DLP features on the firewalls for added security purposes.
• Implemented zone based firewall and security rules on Palo Alto and Checkpoint firewalls.
• Maintained corporate network security policy, addressing server security issue, and timely application of appropriate security patches and upgrades.
• Performed onsite and remote security consulting including application testing, web security assessment, onsite internet security assessment, social engineering, and wireless assessment.
• Conducted hands-on and management roles for day-to-day data security operations, new data security projects, policy development, and risk assessment and management.
• Provided system/product owners a guideline and how and where to send their logs to IBM QRadar SIEM for security analytics (SA).
• Performed with Log stash data collector engine, Elasticsearch database, and Kibana dashboard to provide security solution for log collection infrastructure and architecture.
• Experienced of IBM Tivoli security suits, such as access manger/, federation identity manager, and directory integrator.

Cybersecurity Engineer

Confidential, Chantilly, VA

• Provided hands-on Splunk architectural design and create alerts, reports, and dashboards.
• Managed and configure Splunk applications on distributed environment (Linux/Windows) to perform customized functionalities. Passionate about machine data and operational intelligence.
• Performed Splunk use cases creation, tuning, and correlation of events.
• Coordinated and conducted event collection, log management, compliance automation, identity monitoring activities using ArcSight ESM and Splunk platform.
• Evaluated cybersecurity risks to mitigate system vulnerabilities.
• Performed vulnerability assessments including port scanning, ethical cracking, and web application testing, and wireless security assessments.
• Coordinated vulnerability testing with tenable Nessus, NMAP, and IBM web scanner to detect and remediate potential risks on a single or multiple assets across the enterprise network.
• Conducted Nessus vulnerability scanner and NMap to generate reports in Plain text, HTML and XML.
• Performed network monitoring and protocol inspection via Wireshark sniffer and snort rule.
• Generated soft token code for two-factor authentication to tighten the security posture.
• Performed Printer remediation in person and remotely.
• Evaluated the development of acquisition plan and gap analysis.

System Integration and Deployment

Confidential - Washington DC

• Developed PowerShell scripts in deploying patches to Windows Enterprise.
• Managed multi-tiered environments supporting web-based and client applications.
• Upgraded and deployed Windows servers and workstations for 150+ users.
• Tested and validated system design, reliability, and scalability.

System Consultant

Confidential - Alexandria, VA

• Designed and implemented LAN and WAN Networks.
• Resolved complex LAN/WAN network problems.
• Configured and operated routers and switches.