SUMMARY

• Information Security Analyst wif 8 + years of professional experience in IT industry wif emphasis on Network/Information Security.Strong noledge and understanding of Computer Networks, OSI Reference layer, TCP/IP and other network protocols, Ethical Hacking and OWASP 10 AND CWE 25.
• 8+ years’ experience in Security Information and Event Management (SIEM) investing alerts, rising tickets for incidents, log reviews and audits, event correlation and prioritization.
• Performed network sniffing and analyzing TCP, UDP packets.
• Excellent noledge and working experience wif scanning ports, services, web servers and vulnerable nodes in teh network.
• Experience in working wif VPN and other Tunneling protocols.
• Extensive experience in detecting DOS, DDOS and other types of cyber - attacks.
• Experience in Intrusion Detection, firewall, vulnerability assessment and ethical hacking.
• Excellent understanding of Security Audits.
• Proficient in Event, Alert and Log Management.
• Good experience in NetBios and SNMP
• Strong working noledge of about viruses, worms, Trojans, rootkits and backdoors
• Experience in Risk and Threat Analysis
• Experience in using Compliance Tools
• Experience in tracking penetration test findings/ remediation follow up.
• Strong oral and written communications
• Proven ability to work TEMPeffectively in both independent and team situations wif positive results

TECHNICAL SKILLS

• SmartWhois
• MailTracking
• HP VisualRoute
• McAfee Visual Trace
• Wireshark
• TCPdump
• Sniffdet
• TCPView
• Dsniff
• FportNetBios/SNMP Hyena
• GetAcct
• Teh SMB Auditing Tool
• Teh NetBios Auditing Tool
• User2sid
• Sid2user
• SNScan
• Scanning / Drawing Network diagrams/ Windows Enumeration
• Sam Spade
• NMAP-Zenmap
• SuperScan 4
• Vulnerability Assessment/OS Fingerprinting
• Nessus 5
• Nexpose
• Metasploit
• File Integrity
• Tripwire
• SQL Injection Detection/XSS
• HP Scrawlr
• Database Platforms
• SQL
• NoSQL
• Oracle Teradata
• Hadoop
• IDS/IPS/Honeypot
• Snort
• Snare
• Honeyd
• KFSensor
• SourceFire
• Juniper
• Cryptography/DLP
• John Teh Ripper
• Cain&Abel
• RSA
• SIEM
• Solarwinds
• IMB QRadar
• RSA Envision
• HP ArcSight
• Qualys Guard
• Log Management
• Splunk

PROFESSIONAL EXPERIENCE

Confidential, Foster City

Information Security Assurance Analyst

Responsibilities:

• Tracked and updated Penetration Test Findings manually.
• Updated Pen Test Reports which include Vulnerability Assessments/Remediation Reports/Retest Reports/Amended Reports or closure reports/Security Architecture Reports.
• Contacted Project Managers/Application Technical Contacts to acquire go- live dates/production status of applications & infrastructures and updated notes.
• Calculated Required Resolution Dates for findings based on their severity (Critical, High, and Medium & Low) and updated notes.
• Sent coming due/overdue notifications to Project Managers/Application Technical Contacts based on RRD.
• Escalated overdue findings when their was no required timely response.
• Pursued Project Managers/Application Technical Contacts/Security Assessors to get BCWG/TSR Exceptions for overdue unresolved findings in production (findings out of compliance per Key Controls).
• Tracked teh status of BCWG/TSR Exceptions and updated notes.
• Hosted and participated in in-person/live webex meetings wif PMs/ATCs/Business Owners/Pen Testers regarding required changes in pen test reports/ unresolved pen test findings.
• Tracked findings in application/infrastructure which are decommissioned, never moved into production, projects cancelled & replaced/migrated to new environment and updated notes.
• Tracked old viper tickets and saw through their closure.
• Tracked High and Critical findings on a daily basis.
• Tracked findings wifout APD, RRD on a daily basis.
• Pursued Project Managers/Application Technical Contacts to submit vHelp ticket to issue updated retest pen test reports.
• Tracked INCs (Incidents) and CRQs (Change requests) in Viper.

Confidential, Pleasanton, California

Information Security Analyst

Responsibilities:

• Analyzed operating systems/third party patches and vulnerabilities, report findings to various platform groups for remediation using IBM QRadar.
• Maintained user accounts and access to system resources across teh network for all users.
• Installed, configured, and maintained Websense Web Filtering application in accordance wif established policies.
• Documented teh results of teh baseline security assessments based on severity levels, vulnerabilities, IP addresses, and whether teh servers are decommissioned allowing information to be easily obtained by teh client
• Identified users who violated Internet privileges to teh Chief Information Security Officer
• Administered and monitored compliance for all systems to ensure corporate security policy is enforced using HP ArcSight.
• Conduct Security Incident Analysis, HR security, incident/intrusion source tracing, monitor and analyze network and host intrusion detection systems to identify security threats for remediation

Confidential, Los Angeles, CA

Data Security Analyst

Responsibilities:

• Interpreted and mitigated security alerts using SourceFire, Juniper firewalls.
• Performed vulnerability testing, documented findings and recommendations to management using QRadar.
• Administered teh facility access control systems for all corporate locations and administered teh assignment and removal of access
• Assisted in identifying, evaluating, testing and implementing appropriate security products, tools, and systems for implementation wifin teh environment
• Perform teh daily operation of teh in place security solutions and teh identification, investigation and resolution of security events and incidents detected by those systems wif HP ArcSight.
• Data Loss Prevention wif RSA.
• Identified problems specific to application, user, computer, or network and develop a plan to implement a solution, as well as trained and developed end users on teh use of hardware, software, and peripherals.
• Assist in completing security reviews of networks and applications; analyze and document system security analysis and develop Information Assurance solutions and risk mitigation strategies.

Confidential, Mountain View, CA

Information Security Analyst

Responsibilities:

• Worked in Security Operations Center
• Managed HP ArcSight SIEM.
• Worked on and monitored Hosts, networks and protocols based on Java, Tomcat, Apache webservers.
• Conducted numerous investigations on high risk incidents across multiple operating systems
• Performed malware analysis on infected machines to assess data exfiltration, data loss prevention.
• Implemented and maintained several security applications, including Snort, FireEye.
• Daily log review, audit liaison to provide compliance evidence for PCI, SOX, GLBA, CAS, and IRSA
• Involved monitoring security incidents, processes, procedures and risk assessments.
• Work wif subject matter experts in intrusion detection and prevention, data loss prevention, vulnerability assessments using QRadar, and file integrity monitoring to gather information and assess risk to confidential data.

Confidential, Santa Clara, California

Jr. Information Security Analyst.

Responsibilities:

• Contributed to teh establishment of organizational guidelines to streamline internal operations and boost overall productivity.
• Conducted live port scans using nMap to identify target operating system types, versions, open ports, and closed ports while analyzing networks for potential security vulnerabilities and exploits.
• Analyzed network packets and protocols to target, identify, and eliminate malformed and encrypted packets.
• Conducted vulnerability assessments using Tenable Nessus and developed reports of network nodes dat were running at-risk software applications.
• Monitoring, incident response, problem isolation, and service/repair coordination for cyber attack's and related events on enterprise platform like Cyrus-IMAP, Postfix.
• Monitor ArcSight event security manger to identify potential, successful, and unsuccessful intrusion attempts through incident detail and summary information.
• Performs fault isolation diagnostics, assessments to include determination and execution of corrective action(s) on real-time basis by monitoring networks and assets and determining appropriate courses of action.