SUMMARY

• Working knowledge of OWASP Top 10 and SANS Top 25 software guidelines, Federal Financial Institutions Examination Council's (FFIEC) regulations, including Payment Card Industry (PCI - DSS), HIPAA and Sarbanes-Oxley Section404 (SOX).
• Analyze the results of penetrations tests, design reviews, source code reviews and other security tests.
• Decide on what to remediate and what to risk accept based on security requirements.
• Highly analytical computer security analyst with success both defending and attacking large-scale enterprise networks.
• Working knowledge of SSO implementation for the applications deployed in MS Azure cloud platform.
• Experience using a wide variety of security tools to include Kali-Linux, Metasploit, HP WebInspect, HP Fortify, BurpSuite Pro, Wireshark, L0phtcrack, Snort, Nmap, Nmap-NSE, Cain and Abel, Nitko, Dirbuster, IBM App Scan, OWASP ZAProxy, Nessus, Open Vas, W3AF, BeEF, Etthercap, Maltego, Wifi-Security, SIFT, SOAP UI, FOCA, Havij, Aircrack-ng suite,
• Involved in implementing and validating the security principles of minimum attack surface area, least privilege, secure defaults, avoiding security by obscurity, keep security simple, Fixing security issues correctly.
• Worked on database security / Vulnerability scanner using Imperva Scuba.
• Strong knowledge in Manual and Automated Security testing for Web Applications.
• Analyze the results of penetrations tests, design reviews, source code reviews and other security tests. Decide on what to remediate and what to risk accept based on security requirements.
• SOX Compliance Audit experience on controls like User access management, Change Management, Security monitoring.
• Good Experience in exploiting the recognized vulnerabilities.
• Penetration testing based on OWASP Top 10 and SANS25.
• Experience in Threat Modeling during Requirement gathering and Design phases.
• Experience with Security Risk Management with TCP-based networking.
• Experience with TCP/IP, Firewalls, LAN/WAN.
• Experience in implementing Security Incident and Event Management System (SIEM) using HP ArcSight and Splunk.
• For a large agency, architected and implemented PCI solutions for P2P encryption, tokenization and Network Enclaving/Zoning.
• Designed PKI and Encryption systems
• Worked with CASB such as NetSkope and Skyhigh
• Quick Learner, Committed team player with interpersonal skills and enjoy challenging environment with scope to improve self and contribute to the cause of the organization.
• Excellent problem-solving and leadership abilities.
• Experience in Web UI Development implementing web development tools like HTML 4.0/5, XHTML, DHTML, CSS/CSS3, JavaScript, and jQuery, AJAX, JSON and XML.
• Knowledgeable about Document Object Model (DOM) and DOM Functions along with experience in Object Oriented Programming Concepts, Object Oriented JavaScript and Implementation.

TECHNICAL SKILLS

Security Tools: IBM AppScan Enterprise (ASE), Standard & Source editions, HP WebInspect, QualysGuard, BurpSuite Pro, Acunetix, Fortify SCA, SQLMAP. CHEKMARX ( Code Analysis) AppDetect, AppRador, SafeNet/Gemalto, Oracle Identity Manager, Oracle Access Manager,JHijack, Metasploit Pro, ZED attack proxy, Firemon, SQLMAP, Wireshark, WebScarab, Paros, BlueCoat Proxy, Nmap, BMC BladeLogic, Nessus, Rapid7 Nexpose, Tripwire, Symantec Vontu, DBProtect, ArcSight SIEM, e-DMZ Password Auto Repository (PAR), Varonis, Amazon Web Services (AWS) Cloud security. Imperva

Programming Languages: Java, .NET, C, C++

Scripting Languages: Python, Basic shell Scripting

Web Technologies: HTML 4.0/5, XHTML, DHTML, CSS2/CSS3, JAVASCRIPT, JQUERY, AJAX, JSON and XML

Web Services: RESTFul/SOAP, SOA, UDDI, WSDL

Operating System: Linux/Unix (Red Hat Enterprise Linux, Debian, Ubuntu, Fedora, Santoku, Kali Linux), Windows.

Databases: MySQL, Oracle, MSSQL

PROFESSIONAL EXPERIENCE

Sr. Security Engineer

Confidential, Sunnyvale, CA

Responsibilities:

• Developed security policies and standards and made sure the business applications are in compliance with the standards.
• Performed code analysis using Checkmarx (CxAudit) and AppScan Source.
• Conducted application penetration testing of 80+ business applications.
• Conducted Vulnerability Assessment (DAST and SAST) of Web and Mobile (iOS and Android Applications, including third party applications. The tools IBM AppScan, ZAProxy, BurpSuite Pro have been utilized for scanning the applications.
• Performing risk assessments throughout cloud DevSecOps / CICD pipelines including automated & manual source code reviews and OWASP manual penetration testing of mobile & web applications on AWS/Azure.
• Penetration testing a variety of systems including mobile / web applications and services, operating systems and databases (hybrid, automated and manual penetration testing).
• Penetration testing web applications, web services and mobile applications.
• Performing Dynamic Application Security Testing (DAST) & Static Application Security Testing (SAST) as well as penetration testing (hybrid, automated and manual penetration testing).
• Manual penetration testing using Burp Suite Pro, Metasploit, parameter tampering, cookie poisoning, and session hijacking, and crafting python scripts and manual exploits to commandeer websites.
• Advanced manual penetration testing bypassing general OWASP testing techniques looking for business logic vulnerabilities, deep dive analysis of website architecture, malicious threat vectors, and Threat Modelling.
• Penetration testing of Web Apps with SSO, OAuth, OpenID, JWT, LDAP, API, GraphQL, REST, AJAX, J2EE, PHP, C# .NET, Spring Framework, AWS, Azure
• Red Team Leader. Lead penetration testing attacks on critical corporate infrastructure, cloud, and applications.
• Lead Red Team efforts on Application security, penetration testing, and risk assessments of mobile platforms for J2ME, Android, iOS, and Blackberry.
• Conduct penetration tests of enterprise information security systems, cloud platform infrastructure, and high risk applications.
• Conducted IT security risk assessments including, threat analysis and threat modeling (STRIDE, DREAD).
• Configured SafeNet/Gemalto ProtectDB to enable column level encryption for securing confidential customer data.
• Implemented Secure Software Development Life Cycle (S-SDLC) processes; developed secure coding practices for web, mobile applications, including database and middleware systems.
• Implementation experience on patching Windows servers and workstations using Solarwinds Patch Manager Software.
• Participated in the implementation of Splunk Phantom to automate security operations as part of Security Orchestration, Automation and Response (SOAR) project.
• Implemented Single Sign-On (SSO), MFA, and user provisioning for enterprise applications using Okta, SAML, OAuth2.0, OpenID Connect (OIDC) flows.
• Enabled security controls for APIs to secure RESTful and SOAP based web services from various security attacks.
• Integrated Prisma Cloud Compute Native Security Platform into CI/CD pipelines to continuously scan and monitor for security anomalies of host, container, and serverless functions.
• Established best practice framework for the creation of an enterprise Email Protection Program that reduces security risk, measures effectiveness and supports governance to maintain success.
• Led development of professional service offering Email Security Practioner to reduce resource impact and streamline implementation for accounts.
• Key contributing member of Trusted Email Engineering teams with responsibility for selecting, designing and implementing Proofpoint Email Protection gateway essential to maintain platform currency, align new security control capability and position Aetna to address emerging email driven security threats.
• Investigated emails using various tools such as Email Protection Systems, Malware Sandboxes, and Anti-Virus Engines.
• Triaged security vulnerabilities to eliminate false positives and worked with the developers for remediation.
• Acquainted with various approaches to Grey & Black box security testing.
• Hands-on with database security/vulnerability scanner using Imperva Scuba.
• Developed Security API and deployed to development teams which helps them write lower risk applications in a secure manner.
• Implemented Single Sign-on (SSO) deployments.
• Working knowledge of SSO implementation for the applications deployed in MS Azure cloud platform.
• Implemented Tripwire to detect unauthorized access to confidential data files in production environment. Installed and configured Splunk and set up search filters, tags and help security teams in investigating security incidents.
• Experience with Splunk in investigating various events related to security incidents.
• Working knowledge of Splunk in developing search queries including, knowledge objects such as Event Types, Tags, Database Queries etc.,
• Implementation experience on patching windows servers and workstations using Solarwinds Patch Manager Software.
• Participated in the implementation of Splunk platform to automate security operations as part of Security Orchestration, Automation and Response (SOAR) project.
• Hands on experience with the Deployment of Imperva Web Application Firewall (WAF) installing, configuring including the administration of SecureShpere portal.
• Author of iRules for F5 WAF to automatically block the excessive bad web requests from cyber security attacks that causes web deny of services and generates thousands of F5 WAF alerts jamming Splunk SIEM cyber security incident response.
• SOC on-call integration and automation with cyber security tools of F5 WAF, CloudFlare WAF, PaloAlto firewall, Splunk SIEM, DarkTrace, InsightUBA, Reliaquest, Carbon Black, ProofPoint, ESET, PRTG, VictorOps, and JIRA.
• Responsible for source code and binary repository management tools. Implemented their secure automated CI/CD pipeline in adherence to the latest DevSecOps initiatives.
• As a Senior DevSecOps Engineer that works with cloud technologies to deploy and maintain applications in a secure production environment.
• Perform all cloud engineering and DevSecOps services.
• Senior a team of Cloud and DevSecOps engineers serving a large diverse team of multidisciplinary professionals defining and supporting the DevSecOps and CI/CD platforms across a portfolio of systems.
• Drive DevSecOps Adoption Strategy of the provided platform with your vision and industry experience
• I have an excellent working knowledge of DevSecOps engineering, tools & technologies, like Kubernetes, Jenkins, SonarQube, etc.
• Design and implement AWS/Cloud based DevSecOps processes and tools like (Security Monkey, UptimeRobot etc)
• Work closely with product and platform teams to engineer and implement Cloud security controls with a focus on DevSecOps
• Hands-on with database security / Vulnerability scanner using Imperva Scuba.
• Extensively used Imperva Scuba for database security / Vulnerability scanning.
• Working knowledge of AWS Cloud Security in implementing Web Application Firewalls (WAF).
• Strong AWS platform experience in securing CloudWatch, S3, ELB/ALB, Lambda, EC2, Landing Zone, Control Tower, and Subnets.
• Identifying the critical, High, Medium, Low vulnerabilities in the applications based on OWASP Top 10 and SANS 25 and prioritizing they based on the criticality.
• Implemented database activity monitoring (DAM) using Imperva Scuba
• Proficient in understanding application level vulnerabilities like XSS, SQL Injection, CSRF, authentication bypass, cryptographic attacks, authentication flaws etc.
• Conducted security assessment of PKI Enabled Applications
• Skilled using Burp Suite Pro, HP Web Inspect, IBM AppScan Standard, Source and Enterprise, NMAP, Dirbuster, Qualysguard, Nessus, SQLMap for web application penetration tests and infrastructure testing.
• Developed and enhanced ArcSight SIEM rules, queries, filters, dashboards, reports, channels, and custom active lists.
• Developed correlation rules for Security Incident and Event Management (SIEM) system. Reviewed the solution implemented for “log forwarding” from various network devices to ArcSight central logging for alerting and security monitoring.
• Participated in the deployment of Security Incident and Event Management (SIEM) system. Reviewed technical specifications for SIEM, logging and proposed recommendations to improve the overall deployment of the solution.
• Performing onsite & remote security consulting including penetration testing, application testing, web application security assessment, onsite internet security assessment, social engineering, wireless assessment, and IDS/IPS hardware deployment.
• Capturing and analyzing network traffic at all layers of the OSI model.
• Monitor the Security of Critical System (e.g. e-mail servers, database servers, Web Servers, Application Servers, etc.).
• Performed the configuration of security solutions like RSA two factor authentication, Single Sign on (SSO), Symantec Vontu DLP and log aggregation and analysis using HP ArcSight SIEM.
• Change Management to highly sensitive Computer Security Controls to ensure appropriate system administrative actions, investigate and report on noted irregularities.
• Conduct network vulnerability assessments using tools to evaluate attack vectors, Identify System Vulnerabilities and develop remediation plans and Security Procedures.
• Risk Management Framework (RMF) Using NIST as a guide, assessments and Continuous Monitoring: Performed RMF assessment included initiating meetings with various System Owners and Information System Security Officers (ISSO), providing guidance of evidence needed for security controls, and documenting findings of assessment.
• Expertise in National Institute of Standards and Technology Special Publication (NIST SP) documentation: Performed assessments, POAM Remediation, and document creation using NIST SP Rev.1 and NIST SP rev.4.
• Security Documentation: Perform updates to System Security Plans (SSP) Using NIST as a guide to develop SSP, Risk Assessments, and Incident Response Plans, create Change Control procedures, and draft, review, update Plans of Action and Milestones (POAMs).
• Knowledge of SAN-20 and ISO 27001 Security controls and Mapping with NIST.
• Monitor, analyze and respond to network incidents and events. Participate in disaster recovery implementation and testing under NIST framework, PCI standards.
• The technologies applied to GCRC applications utilized at the time met HIPAA security standards for subject (patient) confidentiality.
• Design role includes experience with frameworks such as PCI, HIPPA, NIST, and other standard regulations that drive controls that create enterprise architecture, with secure installation or testing of applications, systems (virtual and physical), routers, firewalls, IPAM - IP/DNS, and switches for client development and to enhance security posture.
• Significant experience with AWS, GCP and Azure Security.
• Implemented all components of AWS, Azure and GCP security standards.
• Used Google Cloud Platform (GCP) Services like Compute Engine, Cloud Functions, Cloud DNS, Cloud Storage and Cloud Deployment Manager and SaaS, PaaS, and IaaS concepts of Cloud computing and Implementation using GCP.
• Setup GCP Firewall rules to allow or deny traffic to and from the VM’s instances based on specified configuration, used GCP cloud CDN to deliver content from GCP cache, drastically improving user experience and latency.
• Architected DevOps deployments in AWS, Microsoft Azure, and Google Cloud Platform, including deployment of platform offerings (Cloud Formation, Elastic Beanstalk) and third-party (Puppet, Chef, Terraform, Salt, Ansible) products
• Assisted customers in the migration of Amazon Web Services deployments (IaaS/SaaS/PaaS) to Microsoft Azure and Google Cloud Platform.
• Lead, designed, and implemented greenfield cloud deployments for customers in Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform, to include development of full-cloud/cloud-native infrastructure and platform solutions.
• Implemented CASB solutions for DLP, IAM and VA for an agency.
• For a large agency conducted a PCI, NIST and FISMA based security assessment. This included developing an application security framework and a GRC framework
• Implemented DLP solutions for WebSense, Symantec and RSA over cloud environments
• Developed a DLP strategy for a large manufacturer.
• The experience has enabled me to find and address security issues effectively, implement new technologies and efficiently resolve security problems. With having strong Network Communications, Systems & Application Security (software) background looking forward for implementing, creating, managing and maintaining information security frameworks for large scale challenging environments.

Sr. Information Security Engineer

Confidential, Omaha, NE

Responsibilities:

• Managed security assessments to ensure compliance to firm’s security standards (i.e., OWASP Top 10, SANS25). Specifically, security testing has been performed to identify XML External Entity (XXE), Cross-Site Scripting and SQL Injection related attacks within the code.
• Conducted security assessment of Cryptography applications including the apps that use Hardware Security Model (HSM).
• Conducted Vulnerability Assessment for various applications.
• Performed the penetration testing of mobile (Android and iOS) applications, specifically, APK reverse engineering, traffic analysis and manipulation, dynamic runtime analysis was performed.
• Implemented HP ArcSight ESM including, correlation rules, data-monitors, reports, event annotation stages, case customization, active lists, and pattern discovery.
• Performed pen testing of both internal and external networks. The pen testing scope included O/S (Windows and Linux) and external facing web apps and database servers that store customer confidential information.
• Participated in Web Application Security Testing including the areas covering Mobile, Network, security, WIFI.
• Conducted pen testing for the Web Services (SOA) used by various travel agency partners to connect to Wyndham for booking and reservations.
• Hands on experience with Lightweight Directory Access Protocol (LDAP) in installing, configuring for MS Active Directory.
• Skilled using Burp Suite, Checkmarx, HP Fortify, NMAP, Havij, DirBuster for web application penetration tests.
• Generated and presented reports on Security Vulnerabilities to both internal and external customers.
• Security assessment of online applications to identify the vulnerabilities in different categories like Input and data Validation, Authentication, Authorization, Auditing & logging.
• Configured 3rd party LDAP servers for User Administration.
• Vulnerability Assessment of various web applications used in the organization using Burp Suite, and Web Scarab, HP Web Inspect.
• Experience with Identity and Access Management (IAM) and development of user roles and policies for user access management.
• Analyzed correlation rules developed for Security Incident and Event Management (SIEM) system. Reviewed the solution implemented for “log forwarding” from various network devices to HP ArcSight central logging for alerting and security monitoring.
• Administered users, groups, Organizational Units (OU) with MS Active Directory
• I assisted in the integration of DevSecOps pipeline components to include, using a code repository, an artifact repository, security assessment platform, and an orchestrated integration and delivery platform to enable automated application building, testing, securing and deployment.
• I was part of the team that design and integrate of capabilities to establish a DevSecOps pipeline, utilizing lab and cloud resources to design, build, test and evaluate functional components and technologies.
• As an experienced hands-on DevSecOps Engineer directly reporting into the CTO, I had been tasked with managing and refining Client Technology team and service offerings. Responsibilities included building and leading a team responsible for supporting and securing best in class SaaS platform (DecisionPoint).
• Training the development team on the most common vulnerabilities and common code review issues and explaining the remediation.
• Remains current on cyber security best practices, news, issues, vulnerabilities and threats
• Supplying actionable recommendations to other teams within the Cyber Security Center, to bolster cyber security efforts.
• My primary focus has always been as a Cyber Security Analyst and using the other fields as a force multiplier for security in one way or another.
• Adhering to Cybersecurity practices within all applications. Maintained key relationships across corporate verticals spanning the enterprise with an emphasis on Technology Management.
• Experience in Cybersecurity in Penetration Testing, Intrusion Detection and Prevention, Vulnerability Management, Incident Management & Response. Cloud Security experience in AWS. Preferred DevOps/Development background.
• Security auditing accountability for recording and reporting access in RACF.
• Security assessment of online applications to identify the vulnerabilities in different categories like Input and data Validation, Authentication, Authorization, Auditing & logging.
• Engineering Owner responsible for the firmwide Cyber Security Data Protection Standards, Procedures & Assurance Processes, and critical Cyber Security Data Protection applications.
• Led and completed the uplift of Cyber Security Data Protection Standards & Procedures by consolidating more than 30 standards and more than 100 Control Procedures into 3 standards and about 30 Control Procedures.
• Contributed and reviewed the critical Data Protection and Key Management related sections of the standards on Public Cloud Security Standards for firmwide adherence.
• Coordinated and managed annually the review of Application Risk Control and Application Control.
• Assessment questionnaire as applied to Data Protection Controls, as part of the Data Protection Standards and Control Assurance processes.
• Penetration Testing of web, infrastructure and mobile applications
• Perform vulnerability assessment and Penetration Testing on Networks and Applications.
• Strong experience of Web Application Vulnerability assessments, penetration testing. Ability to conduct penetration testing for well-known technologies and known security flaw concepts SQL injection, XML injection, XSS, CSRF, IDOR, Path Traversal, etc. Ability to exploit recognized vulnerabilities.
• Experience in vulnerability assessment and penetration testing using various tools like Burp Suite, DirBuster, OWASP ZAP proxy, NMap, Nessus, HP Fortify, IBM App Scan enterprise, Kali Linux, Metasploit.
• Provided guidance on data network system selection, remediation policies, and best practices for HIPPA, PCI, SOX and CDM compliance/deployment for the organization.
• Experience and also have strong working knowledge on various information security standards and compliances such HIPPA, HITRUST, PCI-DSS, FISMA, GLBA, SOC2, NIST and other GRC's. Additionally, passionate in Enterprise Data Classification, Identity and Access Control management (IAM) deployment solutions, IT Risk Management, Governance, Security Compliance Methodologies.
• Create processes/procedures for environment compliance to PCI, SOX, and HIPPA & ISO27002.
• Assist with SOX & HIPAA audits and compliancy issues. Also performed evaluations to ensure compliance with stated corporate security stance and goals.
• Architect enterprise-wide wireless rollout using latest secure implementations.
• Advise many internal divisions on security/firewall/network related scenarios/questions.
• Follow up and ensure the closure of the raised vulnerabilities by revalidating and ensuring 100% Closure.
• Update with the new hackings and latest vulnerabilities to ensure no such loopholes are present in the existing System

Sr. Security Engineer

Confidential, St. Louis, MO

Responsibilities:

• Extensive Interaction with Onsite Coordinator in understanding the business issues, requirements, doing exhaustive analysis and providing end-to-end solutions.
• Conducting Web Application Vulnerability Assessment & Threat Modeling, Gap Analysis, secure code review on the applications.
• Conducted security assessments of firewalls, routers, VPNs, BlueCoat Proxy, IDS/IPS and verified its compliance to internal and external security standards.
• Worked on Migration projects from IIS 6.0 to 7.5 and IIS 6.0 to IIS 8.5 and IIS 7.5 to IIS 8.5.
• Working on setting up SSO policies on policy server side. Successfully implemented Site minder.
• Hands on experience in configuration of Single Sign on (SSO), LTPA and User Registries.
• Configured AWS Identity and Access Management (IAM) Groups and Users for improved login authentication
• Solid knowledge and experience in Identity and Access Management (IAM), Single Sign-on solution design and implementation.
• Managed client relationship and project delivery for IAM migration project in Microsoft Azure cloud environment, working closely with the client business managers to plan, prioritize and execute software maintenance requests, leading a team of six developers and two test engineers.
• Analyzed IAM migration impacts on availability, performance and future production support process.
• Installed and cloned Azure Active Directory (AD) Office 365 Connector using Application Onboarding (AOB) method, configured schema, validation groovy scripts, developed migration documents.
• Interacted with other component leads and architects for comprehensive design, Code and Unit test plans.
• Managed client relationship and project delivery for IAM migration project in Microsoft Azure cloud environment, working closely with the client business managers to plan, prioritize and execute software maintenance requests, leading a team of six developers and two test engineers.
• Analyzed IAM migration impacts on availability, performance and future production support process.
• Doing multiple level of testing before production to ensure smooth deployment cycle.
• Creation of Generic Scripts for testing and reusability.
• Application Security Review of all the impacted and non-impacted issues.
• Providing guidance to Development team for better understanding of Vulnerabilities.
• Assisting customer in understanding risk and threat level associated with vulnerability so that customer may or may not accept risk with respect to business criticality
• Identifying the critical, High, Medium, Low vulnerabilities in the applications based on OWASP Top 10 and SANS 25 and prioritizing them based on the criticality for remediation.
• Assisting in review of solution architectures from security point of view which helps avoiding security related issues/threats at the early stage of project
• Ensuring compliance with legal and regulatory requirements.

Java Developer

Confidential

Responsibilities:

• Designed and developed a suite of applications used by the internal audit department, including BPlanner, OATS, and Time tracking systems.
• Developed stored procedures, views and triggers using Oracle PL/SQL.
• Design and implementation of RESTful Web services.
• Developed application presentation layer, which is based on Spring MVC framework involving JSP, Servlets and HTML, CSS
• Developed this web application to store all system information in a central location. This was developed using Spring MVC, jQuery, JSP, Servlet, Oracle 10g, HTML and CSS
• Developed Servlets and Utilized JQuery to create a fast and efficient chat server.
• Implemented the Scrum Agile methodology for iterative development of the application.
• Developed server side business components using Java Servlets, JSPs, and Enterprise Java Beans (EJBs)
• Automated code deployment to production environment by creating tasks using ANT deployment tool.
• Involved in system design, enterprise application development using object-oriented analysis in Java/JEE6.
• Used Spring Framework for Dependency injection and integrated with the Hibernate framework for interacting with the Oracle database.
• Analyzed performance issues in the application, related system configuration and developed solutions for improvement.
• Involved in WebLogic and Tomcat application server installation and configuration in production, development and QA environments.
• Conducted training sessions to the rest of the development team on advanced technologies, code reviews and discussion sessions to ensure that coding standards are followed.