We provide IT Staff Augmentation Services!

Information Security Consultant Resume

SUMMARY

  • Having experience in networking, installing, configuring and maintaining network devices.
  • Strong knowledge in implementing IP addressing schemes, LAN/WAN protocols, IP Services, to fulfill network requisites in different environments.
  • Expertise in the implementation of optimization, analysis, troubleshooting and documentation of LAN/WAN networking systems.
  • Proficient in Configuring Virtual Local Area Networks (VLANS) using Cisco routers and multi - layer Switches and supporting STP, RSTP, PVST, RPVST along with trouble shooting of inter-VLAN routing and VLAN Trunking using 802.1Q.
  • Worked on CyberArk Enterprise Password Vault and PVWA
  • Setup site-to-site IPSEC VPN tunnel and Remote VPN (SSL) within and across platforms like Checkpoint, Cisco ASA, Palo alto and Fortigate Firewalls and Cisco Router devices.
  • Experience with Windows, Linux, vulnerability assessment tools, firewalls, IDS/IPS, Nessus, NMAP, SIEM, Splunk, Arc Sight, Rapid7, Routers, Switches, LAN/WAN, TCP/IP protocols, VMware, Endpoint Security, Cloud Security
  • Network consists of Heavy Cisco equipment such as: Cisco 3560 2950 2924 switches, Cisco 6509 6513 5500 series Layer 3 switches, Cisco 3825 3640 7200 series routers, Cisco Pix firewall 500 series and Wireless Access points Cisco 1230.
  • Experience in installation and administration of Arista 7150 series and Cisco 3500, 3600, 3700, 6500, 5500, and Nexus 1-7k series, 3850.
  • Involved in Security Operation, Vulnerability and Risk Assessment, alerting report generation and analysis with various security tools (Splunk, McAfee ePO, Symantec DLP, Imperva, Sourcefire (IDS/IPS), FireEye. Bluecoat Proxy, etc
  • Experience with F5 load balancers - LTM, GTM series like 6800 and 8900 for the corporate applications and their availability.
  • Services monitored included, but are not limited to SIEM, IDS/IPS, Firewalls, Web Application Firewalls, Windows Servers, Cisco ASA Firepower, and Sourcefire.
  • Hands on and have gotten hands dirty with Cloud platforms including GCP and AWS, as well as On - Prem data centers including EC9 with F5 and BlueBird for deployments .
  • Involved in Cloud Security Infrastructure and design for client's in-house Azure Applications
  • Worked with IBM Qradar SIEM Integration and responsible for integrating the log sources with IBM Qradar.
  • Well versed and experienced in routing and switching protocols RIP, OSPF, EIGRP, BGP and VLAN
  • Experience with integrating and managing Dell Secure Works IPS/IDS appliances
  • Configure all Palo Alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale firewall deployments
  • Experience deploying in the cloud and on-premises using Amazon Web Services (AWS) and Single- Server support
  • Expert Level Palo Alto, Check Point and Juniper SRX Firewalls Administrator.
  • Manage Palo Alto Networks and juniper SRX firewalls.
  • Strong experience on Juniper SSG series Firewalls and Checkpoint R75, 76 Firewalls.
  • Expertise in the utilization, configuration, and implementation of industry capabilities including web content filters, email security capabilities, IDS, IPS, Host Based Security System (HBSS), SEIM security practices.
  • Exposed to handling and troubleshooting issues on NAT

TECHNICAL SKILLS

SIEM tools: Splunk ES, Alien Vault, QRadar

Cisco Firepower: IDS/IPS, Confidential NX

Endpoint Protection: Symantec (SEP), Carbon Black, Dark trace

Vulnerability assessment: Nessus Quays Guard, Open VAS, Nexpose.

Cisco Routers and Switches: R1841, R2960, 2950, Catalyst 3550

Windows Desktop Administration: XP, Vista, 7, 8, 8.1, 10

Programming Languages: Python, C++, Java script, and various other TCP/IP ports and protocols

PROFESSIONAL EXPERIENCE

Confidential

Information Security Consultant

Responsibilities:

  • Monitor and analyze network traffic, IDS/IPS, security events and firewall logs and perform triage analysis to identify security incidents and false alarms using Source fire, Fire Eye & Iron Port.
  • Symantec Firewall VPN, Symantec AntiVirus Enterprise Gateway, NetRecon, SonicWall Firewall/VPN, McAfee, Veritas Backup, Blue Socket wireless LAN solutions.
  • Migrated 9 micro services to Google Cloud Platform from skava and have one more big release planned with 4 more microservices.
  • Build servers using GCP, importing volumes, launching EC2, RDS, creating security groups, auto-scaling, load balancers (ELBs) in the defined virtual private connection.
  • Utilize FortiManager, Forticlient and FortiAnalyzer to maintain and optimize FortiGate firewalls.
  • Ensures adequate security solutions and controls are in place of Cloud platform, services, and solutions
  • Automate cloud security solutions and controls
  • Part of a team of DevOps engineer for infrastructure support on AWS cloud. Creating cloud formation scripts for hosting software on AWS cloud. Automating the installation of softwares through powershell script
  • Installed and configured IBM QRadar Network Insights appliance to enables attack prediction through real-time network traffic analysis.
  • Designed, Implemented and Maintenance of Forescout Counter ACT NAC Solution across Wireless, SSL-VPN and Wired Networks.
  • Responsible for IT Security services such as Vulnerability Scanning, Penetration Testing, AntiVirus, Security Assessments, Active Directory / Group Policy, Data Encryption, Intrusion Prevention Systems IPS, SEIM/SEM/SIM and Event Correlation, Enterprise Patching, Web Filtering, Application Security, Enterprise Monitoring, Active Directory Services, IIS, SharePoint, Single Sign On SSO using Kerberos/LDAP/SPN's, UNIX/WebLogic, PKI/Certificate Authority design and admin, Cisco ASA FW review and more.
  • Tools and applications include Tipping Point IPS, Sophos Safe Guard HD Encryption, Qualys Vulnerability Scanning, Web Sense web filtering, patching w/ Shavlik NetChk Pro/ WSUS / Secunia, Retina, Metaspliot, Trend Micro Sophos AntiVirus, PowerShell and Visual Basic Scripting, Active Directory - DNS/Group Policy Admin/ADUC/Forest/Domain/FSMO design, Incident Response, VMware, Application Scanning, ISO 20001:2005 / SOX, HIPAA, GLBA, GAMP5, Host Validation FDA, Auditing, password vault, AD Security, working w/ Federal Agencies, etc.
  • Responsible for coordinating and leading information technology security activities across Gen-Probe worldwide which includes information technology IT risk management, IT security policies, IT security awareness, and IT security architecture.
  • Switching related tasks included implementing VLANs, VTP and configuring and maintaining multi VLAN environment and inter-VLAN routing on Fast-Ethernet channel.
  • Responsible for the health and growth of Active Directory to include DNS management, GPO's, Policies, Directory Replication, Site-to-Site configuration/replication, Security management, Domain Controller build-outs and maintenance, DHCP creation and management, User and Group management, ILO/KVM support, LDAP expertise, packet analysis for network troubleshooting, IIS support and training of team members.
  • T-Mobile SME for Microsoft Operations Manager MOM . Enterprise monitoring of Domain Controllers, Exchange Servers, DHCP / DNS servers and SMS servers.Maintained the Web Reporting features to facilitate trending reports for all servers and services. Ran SQL scripts for grooming Reporting database.
  • Successfully achieved main goal of project: Played an Integral role in migrating company’s security firewall environment from FortiOS 5.4 firewall platform to Fortigate 1500D and FG 100D and Checkpoint firewall.
  • Enterprise Public Key Infrastructure PKI design for T-Mobile network. This included building out a model that supported multi-level Certificate Authorities, Intermediate CA's and Issuing CA's. Designed IPSec Offline VPN certificates and designed other certificates and policies, auto-enrollment via Active Directory for domain clients, Web enrollment for non-domain members, Hardware Security Modules HSM's for highest level of private key protection and security.Implemented and Maintained SIEM infrastructure using QRadar and Splunk in AWS environment.
  • Technical support and design of MS SharePoint Portal Services SPS / Windows SharePoint Services WSS on production portal sites. Included SSL, Certificates, security, network design DMZ, Firewall and Exchange OWA/OMA, Load Balancing, SAN/Clustering, etc. Also managed OWA environment, Directory Synchronization between sites Aelita/Quest, integration with Smart Phone technologies.
  • Use Microsoft Operations Manager MOM and Systems Management Server SMS to manage enterprise servers. Using these tools allowed for centralized administration and troubleshooting for the entire enterprise.
  • Managed MS Exchange Server 2003 Enterprise environment to include F/E and B/E Clustering Failover and SAN connectivity. Troubleshoot SAN connectivity and configuration.

Confidential

Cyber Security Analyst / SOC Analyst

Responsibilities:

  • Provide network intrusion detection expertise to support timely and effective decision making of when to declare an incident.
  • Conduct proactive threat hunting a related threat research.
  • Configure and administer security rules and policies to permit and/or deny user traffics based on company. security policy with F5 BIGIP, Fortigate 1500D, Checkpoint, Cisco ASA, and Palo alto firewalls
  • AWS cloud server management - cloud formation, EC2, S3,IAM,Ops Manager
  • HP Cloud remote data center hosting
  • Setup Alerting and monitoring using Stack driver in GCP .
  • Cloud Migration Projects - from On Premise to Cloud and vice versa Gathered and analyzed risks according to information security risk assessment models for IS security plans
  • Manage and deploy enterprise level wireless communications for Datacenter.
  • Experience with configuring Virtual Server and Configuring Load balancing methods in F5 LTM.
  • Support senior wireless network engineer in researching, planning and implementing wireless network security protocols and technologies.
  • Review security events that are populated in a Security Information and Event Management (SIEM) system
  • Analyze a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident.
  • Configure checkpoint and fortigate firewall to authenticate users based on user identity, user group, session and PC-User Authentication.
  • Configuring switching and routing protocols (OSPF, MPLS, RIPV1, RIPV2, EIGRP, BGP, VLANS, IPV4, IPV6, STP, LACP, IPS, IDS and DHCP).
  • Trained clients on technologies including Windows NT/2000, DNS, legacy OS's Win3.x/DOS/Win9x, IPSec, L2TP/PPTP, DNS, RRAS, Active Directory Services OU's, Sites Domains, MS Exchange, IIS/Web hosting, Security, switching, routing / submitting, VLAN's, x.500, LDAP, VTP, ISA Firewall, encryption, Novell Netware server and clients and many other technologies.
  • Configured MS ISA Firewall for perimeter security while allowing internal servers Web, Mail, etc to be published through the firewall.
  • Configured MS Exchange 2003 w/ OWA and SSL for remote users wanting encryption/security.
  • Install and configure Windows 2003, Active Directory configuration.
  • As a Microsoft Certified Trainer, I trained MCSE students on Active Directory, DNS, Security, Fault Tolerance, Backup, Disaster Recovery, OU, Site and Domain architecture, TCP/IP, NTFS / ACL's, etc.
  • Provided network consulting to clients. Experience with Firewalls, Email Systems, Novell, Cisco and other 3rd party solutions.
  • Created partnerships with Microsoft as a MS Solutions Partner and Certified Training Educational Center.
  • Managed 15 full time staff employees and several contracting engineers for various projects.
  • Experienced with SLA's, helpdesk environments, escalation and tiered support models.

Confidential

Cyber security Analyst

Responsibilities:

  • Managed a multisite environment with more than 200 Palo Alto firewalls.
  • Managed Palo Alto devices by implementing security rules and mitigating network attacks.
  • Updated daily schedules to update security, threats, Wild fire update from Palo Alto.
  • Build Logical design and Implementation of Wireless Solution.
  • Back up, Restore and upgrade of CheckPoint and Fortigate firewall appliances.
  • Writing MOPS for adding new Firewall rules, running reports on the unused and vulnerable rules.
  • Utilize various security tools (e.g., Splunk, Splunk Enterprise Security, Palo Alto Networks, Source Fire, Cisco ASA) to identify potential incidents, network intrusions, and malware events, etc. to ensure confidentiality, integrity, and availability of VA architecture and information systems are protected.
  • Analyze data from corporate security systems including external third-party vendors from Dell Secure Works, Tenable Security Center Continuous View.
  • Worked with application / platform hardening especially on public cloud platforms.
  • Configured templates, device groups and created policies using APP-id, user-id on Panorama and pushed them into Palo Alto firewalls.
  • Experience with deployment of Symantec DLP- Endpoint Prevent, Network Prevent for Email, and Network Prevent for Web, Network Discover, and ITA. In-depth experience with Symantec DLP in an enterprise environment. Experience with architecting Symantec DLP Platforms. Experience analyzing Symantec DLP events and reports. Experience tuning Symantec DLP to reduce false positives and improving detection rates
  • Devices monitored, assessed and maintained included Cisco ASA's, Check Point Firewalls and F5 Load Balancer.
  • Implemented Zone-Based Policies and authentication profiles on the Palo Alto Network Firewalls.
  • Manage, troubleshoot, and administer changes to Palo Alto (using Panorama)
  • Migration of Cisco ASA to Palo Alto firewall with over 45000 security rules.
  • Configuration and administration of firewalls, which includes Checkpoint, Juniper, and Cisco ASA firewalls.
  • Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitor the Sync status for stateful replication of traffic between active and standby member.
  • Developed a list of best practices and coding standards for Power Shell development.
  • Crafted Power Shell scripts for troubleshooting and problem-solving analysis.
  • Working with customers Site-to-Site and Remote Site VPNs using Cisco routers to Cisco routers, ASA Firewall to Palo Alto Firewall, Cisco Router to Palo Alto Firewall and troubleshoot and modify existing VPN.rector for management. Install, upgrade, troubleshoot, design, etc.
  • Managing health check of Network devices this is involves upgrading IOS on every quarter after checking the vulnerability of IOS and reviewing the configuration.
  • Configured of Cisco PIX/ASA firewalls, IPS/IDS, F5 load balancers, AAA (TACACS+ & RADIUS).
  • Manages reporting for IPS/IDS by monitoring suspicious user activity, network attacks, high bandwidths users, and suspicious websites
  • Configured ACLs to prevent access to internal network from unauthorized users on ASA firewalls.
  • Advanced knowledge in Cisco ASA 5000 series, Palo Alto VM-300 series installation, configuration and maintenance.
  • Responsible for deploying various network security & High Availability in Checkpoint Firewall.
  • Network security involves web filtering on internet sites (User's restriction) checkpoint Firewalls.
  • Configuring routing protocols OSPF, EIGRP, RIP, MPBGP, LDP and BGP V4.
  • Configuring HSRP between VLANs, Configuring Ether-Channels, Port Channel on 6500 catalyst.
  • Build Logical design and Implementation of Wireless Solution.
  • Responsible for Cisco ASA firewall administration across our global networks.
  • Configured various BGP attributes such as Local Preference, MED, Extended Communities, Route-Reflector clusters, Route-maps and route policy implementation.

Hire Now