SUMMARY:

• More than 10 years of IT experience and in - depth knowledge of security operations & managed IT security services. Good understanding of infrastructure architectures, Cloud data management and network topologies. Experience in performing incident response, network monitoring, malware analysis, Cloud data security and cyber incident related digital forensics.
• Extensive knowledge and experience in CASB (Cloud Access Security Broker) to handle the risks in cloud applications and Data in Cloud storage.
• Experience in performing "deep dive" analysis and correlation of log data from multiple sources including forensic artifacts
• Experience in working with Incident Response involving APT threat actors and ongoing pervasive intrusion sets
• Performed day-to-day activities to respond to Incident alerts and worked on fine tuning and developing enterprise cyber security solutions to reduce false positives.
• Experience in network defense and in-depth technical knowledge/mastery with intrusion detection systems.
• Interacting with different IT teams to troubleshoot and debug security applications configuration and deployment issues.
• Strong oral and written communication skills. Ability to effectively communicate and translate highly technical information in a professional manner at all levels, including high-ranking executives
• Aptitude for learning, self-directed and capable of working in a fast-paced operations environment
• Ability to produce high-quality, executive-ready deliverables while working independently

TECHNICAL SKILLS:

CASB (Cloud access security broker): Netskope

SAAS/PAAS:: Azure, O365, OneDrive, Salesforce and MS Teams

Vulnerability Management Tools:: Confidential, Nessus Manager, Nopsec UVRM

SIEM: Dell Secureworks, Splunk

Antivirus AV: Trend Micro, Windows Defender ATP & Carbon Black

Data Protection Tool:: Varonis

Ticketing System: - Service Now

Firewalls: - Palo Altos, Zscaler

Web Security:: Zscaler

Multiple Factor Authentication:: OKTA

Hypervisor: - VMware, VSphere client, Hyper-V, VDI's

Operating Systems:: Windows XP/7/8/10, Windows Server 2003/2008/2012/2016, Linux, Kali Linux, MAC OS X

Scripting Languages: : Batch files, Power-Shell Script, Java Script, Wise Script, Python and VB Scripting.

PROFESSIONAL EXPERIENCE:

Sr. Security Operations

Confidential,Agawam, MA

Responsibilities:

• Designed and implemented CASB Netskope framework in the enterprise for Multiple Associations.
• Responsible for Netskope Agent deployment to desktops & servers and made configuration changes to restrict cloud data only to the Trusted\Managed devices.
• Worked on Integration of Netskope CASB API with Cloud Applications to gain visibility into data and activities within Managed Application.
• Configured API-Enabled Protection Policies to continuously monitor sensitive Content data at rest and took corrective actions in near real time.
• Created Quarantine instance and Legal hold instance for DLP enabled API protection to quarantine or deep inspect on copy files in legal hold that was alerted.
• Created Real Time Protection Inline DLP and NON-DLP policies for each association based on their need.
• Worked in Netskope to improve risk insights by using CCI Index to improve granularity with Sanctioned and Unsanctioned Apps.
• Integrated API Enabled protection for Salesforce, O365 and One drive.
• Implemented Continuous security assessment for Azure and DLP protection on data in Blob Storage.
• Worked on remediation of malware incidents and anomalies.
• Interfaces with Senior Management in Netskope to help set strategy and participated in varied roles to support Security for data in Internal business Cloud Applications.
• Developed and executed in CASB Netskope to proactively identify risk and drive remediation according to each association need.

Vulnerability Management

Confidential

Responsibilities:

• Created Active Scans to scan the Network & End point devices for Vulnerabilities and Scheduled them to run weekly / monthly based on requirements.
• Created multiple Dashboards for depicting the vulnerability Statistics for different criteria’s.
• Created high level reports for board management to review the vulnerability data and also created monthly reports to review metrics
• Involved in installation and deployment of Nessus agents to all windows and Linux devices.
• Created Nessus groups based on associations and created Nessus scans for each associations and device groups such as workstations and Production servers etc.
• Scheduled to import Nessus scan results to Confidential weekly so that they can be corelated with security center scan results.
• Imported tenable Security scan results to Nopsec UVRM and created Metrics dashboard for monthly analysis
• Used Nopsec extensively to instant search on set of devices and vulnerabilities and reiterating the criticality of the vulnerabilities.
• Responsible for monitoring the installation of Snare Agent (SIEM agent) on devices to forward logs to Counter Threat Appliances (CTA) for logs Processing and sending events to the portal.
• Monitored to validate if any disrupted logging in the devices and worked on resolving the Issues related to it.
• Responded to incident tickets generated and created service tickets for the responsible teams to remediate.
• Involved in log vault setups for logs storage and responsible to request for additional storage contracts if needed.
• Worked on Implementation of O365 and Azure logging in Secureworks.

Endpoint Detection and Response

Confidential

Responsibilities:

• Responsible for installation and implementation of Confidential devices on Production servers.
• Monitored to make sure all the production devices have Confidential and worked on resolving any connectivity issues related to it.
• Responsible for monitoring notable events & incidents and responsible for initiating incident response based on the type of incident.
• Worked on Security event log analysis, reporting, and incident management.
• Daily monitoring of potential incidents, cyber threats and malware events.
• Investigating all identified threats and escalate to appropriate IT teams as defined in process outlines.
• Working closely with Network and Systems teams, to ensure security threats are properly identified, analyzed, remediated, and reported to Management, as part of the security incident escalation process.
• Working to identify vulnerabilities in internal systems and develop plans to address and validate results.
• Documenting internal processes and procedures related to duties and responsibilities.
• Interacting with internal Security, Systems, and End User/Application Support teams on a daily basis.

Environment: Netskope 81.0, Confidential 5.5, Nessus Manager 8.6.0, Nopsec 5.0, Dell Secureworks, Red Cloak, Varonis, VeloCloud, TrendMicro Apex, Service Now, SCCM, Windows Server 2008/2012 R1/R2/2016, Win7/Win8/Win10, VB Script, Power Shell, VM V Sphere, Active Directory.

Sr. Windows Admin/ Security Analyst

Confidential Miami, FL

Responsibilities:

• Responsible for handling all security alerts - Review the alerts and handle them as per the process. This involves working with different groups and ensuring that all the alerts are closed in a timely manner. Also contributes to the process improvements.
• Security Log Analysis - Monitor and analyze the logs from various security tools and correlate events
• Investigate, analyze and contain malware incidents
• Created Progress Reports, Policies and Procedures that were implemented in the environment
• Managed network security exploits, IPS, firewalls, network traffic analysis.
• Performed hands-on administration, monitoring, and troubleshooting of Local Area Network (LAN), resulting in optimum performance and minimum downtime
• Monitor networks to ensure security and availability to specific users
• Conduct network vulnerability assessments using tools to evaluate attack vectors, identify system vulnerabilities and develop remediation plans and security procedures.
• Applying Patch Management for Microsoft Patches via SCCM and ZENworks.
• Migrated from Zenworks Suite to SCCM 2012 Win 10 Software deployments and reporting/ Client management
• Plan, Design, Develop, Test and Maintenance of Software Applications on Win10 and Win7.
• Responsible in Evaluating/Validating and resolving the end user requests/Support
• Monitored service and incident requests and assigning tickets appropriately.
• Power shell App Deployment kit is used to deploy packages from SCCM 2012. (as Wrapper)
• Tested applications with client to confirm the install meets their needs.
• Familiarity with service management tools such as Hp Helpdesk
• Created Bundles for application packages in ZENworks control center and Deployed to Systems.
• Utilized Admin Studio for creating application packages and also used Install Shield Tuner for Transform (MST) files.
• Generated reports for old device configurations to replace them with new configurations.
• Created policies in the Zen works for secure functioning at end user point.
• New systems are provided with specific images based on their assignment and pushed to them automatically using Novell Zen works.
• Used VB script, Java Scripts and Batch Scripts for Custom Installations, registry edits and forcing policies on systems.

Environment: Windows Server 2008/2012 R1/R2, SPLUNK, Flexera Admin Studio 2015, Orca, Win7/10, App-V 5.0, Citrix XenDesktop 7.6, Xenapp Server 6.5, VMware, SCCM 2012, VB Script, Wise Script, PowerShell. Novell Zen works Suite 11 sp3, Active Directory.

Sr. Desktop Engineer/Application

Confidential,Miami, FL

Responsibilities:

• Worked to determine tactical and strategic solutions to applications to be packaged to complete the windows 7 deployment in the proposed timelines.
• Extracted Filfiles and AOT/AXT files from Novell Zenworks to create MSI’s for Win 7 Migration.
• Validating the raw media and install instructions provided.
• Utilized Install Shield Admin Studio 10/11.5 for creation of packages and Install Shield Tuner for Transform (MST) files.
• Used SCCM 2007 as a deployment tool for deploying applications on to local machines.
• Used SCCM 2007 for advertising, deploying and creating distribution points.
• Used VB script and Batch Scripts for Custom Installations.
• MS App-V 4.6 is being used for virtualization of applications using sequencing process.
• Re-packaging, testing, Deployment and support of software Packages
• Created Terminal Server (TS) packages to deploy the packages in the Windows 2008 R1/R2 servers.
• Used Quest Vworkpace Management Console 7.5 to publish the applications from Terminal servers
• Published Web URL’s and Web applications in Vworkspace Console
• Published Databases (DB) with MS Access 2000/2003/2007/2010 in Vworkspace Console.
• Created new groups in Active directory to add users to the published applications.
• Used JAMF Composer to create packages using snapshots or monitoring for Apple Applications
• Used JAMF Software Server (JSS) to distribute Mac apps to computers and users.
• Worked with the app owner on any issues / questions regarding the app
• Worked with the app owner to move the app from the Assessment phase through packaging, through UAT / remediation and finally to ready for deployment
• Update all of the appropriate databases used for tracking of the application.

Environment: SCCM 2007, Windows XP/7, Windows Server 2008 R1/R2, Novell Console One and Novell Zenworks 4.0, Active Directory, Admin Studio 10/11.5 Professional, Install Shield 2011, Quest Vworkspace 7.5, JAMF Composer, JSS, MS Access, Application Compatibility Toolkit, VB script, Win batch and Java Script.

Sr. Desktop Engineer/Application Packager

Confidential, Des Moines, IA

Responsibilities:

• Working on the Line of Business (LOB) applications and build MSI packages and Patches (MSP) according to the company requirements using Install Shield 2011 and Admin Studio 10.0.
• Working on upgrading the Line of Business (LOB) applications which were previously SMS installer packages.
• Being a part of the monitoring Team, I am involved in User Requirement Review, Tech Review, Packaging, QA, UAT, and Deployment to Distribution Servers.
• Responsible for creating, testing and deploying the MSI packages of the LOB applications.
• Working on Silent Installs of all the applications to automate them for the software distribution.
• Created custom actions using Install Shield and VB script to for automation and add extra functionality for the applications.
• Worked with software vendors to resolve installation conflicts.
• Monitored the updates of the internal Software “DSL (Definitive Software Library)” which keeps the Track of all the Applications.
• Used VMware for having clean base OS for packaging and testing.
• Involved in Internal Testing of the packaged applications for standards and functionality before actually submitting to the Validation Team
• Involved in documenting the standards and procedures employed for packaging and testing the packages.
• Repackaged several third-party Vendor applications into MSI (Windows Installer)
• Application Virtualization using AppV and publishing them through Soft Grid Management Console.
• Deployed multiple MSI and Virtual applications using MS-SCCM 2007.
• Created Change Requests (CR) in BMC remedy User to deploy the applications to distribution servers.
• Supported team with “on-demand” support, which included packages that needed last-minute alterations.

Environment: Windows XP/7, Wise Package Studio 7.0, Admin Studio 10 Install Shield 2011, Microsoft App-V 4.5, Active Directory, VMware workstation 7, SCCM 2007, Orca, Wise script, VB script

Software Consultant

Confidential, Fremont, CA

Responsibilities:

• Worked on Windows XP to Windows 7 migration.
• Created Windows Installer packages (MSI) for corporate distribution and transforms (MST) for customizing and rationalizing MSIs.
• Wise Package Studio has been used for MSI re-packaging for deployment on Windows XP.
• Created, modified and customized MSI packages using Wise script and Orca tool.
• Admin Studio is being used for MSI re-packaging and deployment on Windows 7.
• Created custom VB scripts to perform automation, installation and configuration tasks within MSI packages
• Filemon and Regmon are being used to find the files and registry entries that need to be modified to make the application to function properly.
• Adobe packages distribution on both Windows XP and Windows 7 is being worked.
• An application called ‘Dashboard’ which drives the business of the company is being updated on a weekly basis.
• Any remediation process related to this particular application after deployment is also successfully completed.
• SCCM has been used for advertising, creating distribution points and deploying to User machines.
• Coordinated with different groups to deploy software packages successfully.
• Microsoft App-V is being used for virtualization of application by sequencing process.
• User Support on applications issues have been handled successfully by performing root cause assessment and solving the tickets according to their priority.

Environment: Windows XP SP3 / Windows 7, Wise Package Studio 6.0, Admin Studio 10, Microsoft App- V, Active Directory, VMware workstation 7, SCCM 2007, Orca, Wise script, VB script, Batch files, and Beyond Compare, HP Service Manager, Microsoft Outlook.