Vulnerability Scanning: (Nessus & Rapid7) - Threat Detection, Malware Detection
Security Patching:: Vulnerability Patch Management (Windows 10)
End point protection: Cylance PROTECT and SOPHOS End point protection
Network security: Palo Alto (Firewall, Web-filtering and SSL decrypt), FortiNAC, Bradford, IPS IDS
SIEM tools: SPLUNK, LogRhythm, Manage Engine - Security Event Activity
MDM/MAM: Office365, MobileIron GO Cloud for iPhone encryption
Data Loss Prevention: Symantec DLP (Data Loss)
Email security: Exchange Protection EOP, Proofpoint
Encryption: Bit locker, MobileIron Go
Forensics: Encase Investigator 8
Information Security Auditing and compliance: Vulnerability Patch Management, User access review, weekly review of device encryption, anti-virus, DLP, LAPS and design review
Security standards: FFIEC, GLBA, FDIC standards, SOX Risk Management (Risk assessment), Gap Analysis, Business Impact Analysis and BCP OWASP Top 10 (Reviewing)
Operating Systems: Windows, LINUX (Ubuntu) and OS X
Virtualization: VMware, vSphere, ESXi 6.5/6.7
Servers: HPE Gen 8, 10 ProLiant
Microsoft: Specializing in Windows Servers (2008/2010/2013/2016 )MS Active Directory (2008 and 2012R2), GPO, DNS, DHCP, IIS, ADFS, LDAPMS Exchange and OWA (2013), SharePoint
Deployment Tools: SCCM, Symantec Altiris and PDQ
Scripting: PowerShell scripting
SAN Storage: SAN Nimble
Imaging: Windows 7 and 10 with PXE boot using Server and Symantec Altiris
Email Filtering: Proofpoint journaling and archiving
Ticketing System: ServiceNow, ManageEngine
VOIP: Cisco Call Manager (Unified and Unity)
IP Video Conferencing: PolyComm
Network monitoring: SolarWinds, Wireshark
Networking: Cisco Certified Network Associate etwork protocols, DNS Architecture, Load Balancers
Routing/WAN: IP, BGP, EIGRP, OSPF
Switching: VLAN, STP, RSTP
Firewall: Palo Alto 850 NextGen (Firewall, Web-filtering and SSL Decrypt) and Cisco ASA
VPN:: Cisco AnyConnect, Palo Alto Global Protect
Cloud Networking Architecture: using Meraki products. meraki Cloud Managed Access Points MR16, MR22, MR24, MR34, MR62, MR72 (Bluetooth)
VOIP: Cisco Unified Call Manager (CUCM) and Unity Voicemail. Cisco 7900 series and 8800 series Specialist on Cloud based AP Meraki Cloud Managed Access Points MR16, MR22 and MR24, Troubleshooting Cisco Meraki Dashboard
MS Azure: Design and implementation of hosting complex application workload
MS Azure PaaS: SQL server, Web server Azure Admin Center, Office365 (Hybrid configuration), ADconnect, Azure Active Directory Amazon Web Services (AWS)
Securing and architecting cloud: based infrastructures (Amazon AWS and Google) AWS Service integration for Windows OS EC2 instance log forwarding to log correlator, S3 storage service
Internal webbased tools or front: end/back-end software Operating applications with either demanding scalability or availability requirements.
PreSales Cisco Cloud APs: Working with Customers, Sales and Marketing Team and Tier 3 Tech teams
Systems Engineer/Cyber Security
- Managed infrastructure for over 600 users (on-site and remote) - Windows 10 (x32 & x64) / COLO and DR
- VMware infrastructure vSphere EsXi 6.7 (Colocation and DR) - 150 VMs / 30 Hosts
- Azure environment: Active Directory, VM, Intune for 300 endpoints
- Security patching - Running bi-weekly Nessus scan and installing hot fixes using Symantec Altiris Management Suite/Batch-patch as per FDIC regulatory requirements
- Active Directory and Group Policy
- Microsoft Exchange maintain / admin and OWA Environments across multiple sites
- Software deployment and Data Management: Symantec Altiris and PDQ
- Administer Proofpoint Cloud Email Archiving
- Commonly used tools include: ArcSight Console/Logger, Wireshark, TCPdump, the SILK environment, and various other in-house Python programs
- Performed vulnerability scanning on web applications and databases to identify security threats and vulnerabilities.
- Ensured security policies, procedures, and recommendations comply with NIST, FISMA, organizational guidelines, and technical best practices.
- IT Security practices to corporate framework built on COBIT 4.1
- Analyzed the Information Security Program to ensure alignment with ISO27002, also reviewed COBIT framework to determine relevance for the program.
- Responsible for Information Security (IS) Disaster Recovery planning and testing of assets
- Evaluates POA&M activities to ensure identified vulnerabilities and risk are managed efficiently.
- Assists in developing the ATO package for accreditation decision to be made.
- Perform ongoing gap analysis of policies, procedures, and practices as they relate to established guidelines outlined by NIST, OMB, and FISMA.
- Conducted system security assessments based on HIPPA/PCI DSS Compliance.
- Other contracts involved assessing threats to resources by identifying vulnerabilities to loss of resources and protecting from threats/reducing the risks/exposures by utilizing appropriate security design, strategy, & architecture.
- Perform Risk Assessment and drive the closures of identified risks.
- Perform ISO 27001, PCI, and SOX Audits and drive them to the closure of findings.
- Vulnerability Management: Configured Qualys Guard Tool for Vulnerability Analysis of Devices and Applications. Monitored them constantly through the dashboard by running the reports all the time.
- Created Asset Groups, scheduled Scans/Reports for smooth remediation process and assigned the correct sensors to those scanners placed in the network.
- Managed all the scans including discovery maps, authentication scans to ensure proper scheduling, reporting and smooth functioning of IP’s.
- Responsible for identifying the cause of security incidents, monitor user activity, thwart data breaches and meet regulatory compliance requirements and mitigating advanced cyber threats. Worked with other team members to complete special projects and achieve project deadlines.
- Hands-on experience with major big data platforms such as Securonix and Symantec IT analytics
- Conduct analysis, cyber threats, the discovery of IT vulnerabilities, monitoring for cyber intrusions, troubleshoot and response to security incidents detected from HP ArcSight or related SIEM. IDS/IPS, and other security applications
- Managing Information Security Transitions, Security Controls Gap Analysis, Service Assurance Programs, help team for Internal and External IT Audits, Security Consultation, Information Risk Assessment
- IT support for over 600 users (on-site and remote) - Windows 7 & 10 (x32 & x64)
- Administrating Windows 7 and 10 Security patching - Running bi-weekly Nessus scan and installing hot fixes using Symantec Altiris Management Suite as per FDIC regulatory requirements
- Administrating Active Directory working on User Accounts hierarchy, departments, groups, service accounts and workstations. Responsible for maintaining availability, reporting and communication of the SIEM between it, its event-sources and the endpoints
- Responsible for the creation of the logic to correlate attacks across multiple event sources and attempt to decide of the possible outcome.
- Regularly review standard operating procedures and protocols to ensure SOC continues to effectively meet operational requirements
- Monitored events, responded to incidents and reported findings.
- Utilized Security Information and Event Management (SIEM), Intrusion Detection & Prevention (IDS / IPS), Data Loss prevention.
- Ticketing System develop / Implement ServiceNow (Migrated from ManageEngine) Express and Enterprise:
- Incident, Changes, Problem Management and Vulnerability Patch Management records
- HR requests (New Hire/ Transfer/ Terminations), General Affairs request
- Asset Management (Discovery Configuration Mgmt. Data Base) - Software & Hardware
- User Administration of Banking Applications: FISERV (navigator and Director), ElliMae Encompass
- Admin / Implementation Network Access Control - Bradford
- Cisco VOIP: Cisco Unified Call Management and Cisco Unity for All series 7000 & 8000
- Admin / Implementation Polycom IP Video Conferencing
- Cisco Certified Network Associate and Cloud Network Engineer
- Implementing wireless architecture Meraki Cloud Managed Access Point MR16, MR22 and MR24
- Document all network set-ups.
- Routing/WAN: EIGRP, OSPF, IP ROUTING, HDLC, PPP, ISDN, VoIP, QoS
- Switching: VLAN, STP, RSTP, HSRP, GLBP
- Security: ACL, NAT, FIREWALL (Palo Alto & Cisco ASA), RSA security
- Virtualization: VMware (Vcenter vSphere)
- Salesforce admin for 68 users in 2 regions
- Worked on various Salesforce.com objects Accounts, Contacts, Cases, Opportunities, Leads, Campaigns, Reports and Dashboard
- Accomplishes financial objectives by forecasting requirements; preparing an annual budget; scheduling expenditures; analyzing variances; initiating corrective action.
- Maintains quality service by establishing and enforcing organization standards.
- Provided custom reports and dashboards to support the needs of the users and executives
- Giving on-site tutorials /demonstration to clients on all MERAKI products using the DASHBOARD.
- Gather and collate network requirements by working with clients and colleagues.
- Liaise with support teams, working together to resolve customer issues.