SUMMARY

• Have Great skills in designing and training Security operation Centers (SOC) Both Event Monitoring teams and Incident response teams.
• Have experience in designing and training Data Center Engineering and Operations.
• Have experience with Infrastructure Management Services and Remote Network & Security Management in 24/7 production environment
• Have experience in Designing and Deployment of Network Security and Network Solutions
• Have experience in implementation of various compliances such as Cyber Essentials, PCI Data Security Standard (PCI DSS), ISO27001, and SOX etc.
• Have experience in Penetration Testing tools like NESSUS and NMAP.
• I have experience working in implementing and maintaining different SIEM Tools such as ArcSight, RSA Envision, Confidential, LogRhythm,
• QRadar.
• Maintain knowledge of in Vulnerability techniques, assess risk to enterprise and remediation
• Configure and run automated Vulnerability scanning tools, prioritize remediation and track exceptions
• Have great experience in Role Base Access systems, Risk Analysis, Email Security and Forensic analysis.
• Experience on Symantec Critical System protection Maintenance.
• Experience in TrendMicro application on Deep Security (HIDS) acts as a Host Intrusion Detection System and SCSP in our network.
• Worked on SourceFire Defense Center from the Snort 3D sensors acts as a Network intrusion detection / Prevention System (NIDS/NIPS) in our network.
• Worked on File Integrity Event Management (FIEM) using Tripwire, The job responsibilities include monitoring critical Application files and OS file changes for the Servers.
• I have extensively worked on Firewalls (ASA, Cisco Pix, Check Point, Netscreen, and Snort etc.), IDS, IPS, VPN Concentrators, F5 Load balancer and Cisco, Nortel, Juniper Routers and Switches.
• Have experience with CITRIX NetScalar and Citrix Technologies (Cloud, Virtualization).
• Hands on experience in Linux - Red Hat.
• Has experience with Windows Server 2000, 2003, 2008, Active directories, DNS, IIS etc
• Have experience in Linux and Unix operating systems.
• Maintaining the Anti-virus Such as Mcfee, Kaspersky and Symantec and also updating the patches

PROFESSIONAL EXPERIENCE

Confidential

Information Security Analyst

Responsibilities:

• Developed the bank’s Security Information Event Management (SIEM) system, alarm and Fine tuning of LogRythm SIEM System, reporting capabilities from the bank’s firewalls, intrusion detection/prevention systems, patch management, malware and virus scanning systems, endpoint protection and other security systems to facilitate monitoring, analysis and event correlation for early detection of unusual or unauthorized activities.
• Investigated the suspect events and activity identified by the SIEM Analysis and follow-up on daily/weekly LogRythm alarms/reporting and other security systems drawing on appropriate expertise from across the Information Technology organization, vendors, and support services Monitors access and use of corporate technical services utilizing software tools Creates formal security incidents as appropriate, developing and recommending remediation solutions that expose and/or prevent the perpetrator or source activities.
• Served as second level support to IT-Support (first level support), system and database administrators and software and network engineers, providing security analysis, investigations and solutions to security events and incidents and design and configuration standards for application security settings.
• Managed the information security analysts who support threat and vulnerability management. Analysis and follow-up on weekly Qualys Reporting (Scans)
• Developed monthly performance metrics for threat and vulnerability management, Fine tuning of weekly Qualys Scans both authenticated and unauthenticated scans. patch management and incident response for information security from relevant security systems and processes.

Confidential

Security Specialist

Responsibilities:

• Responsible for managing end to end solutions for Arcsight and RSA Envision which includes monitoring, trouble shooting and Maintenance of the SIEM network and server Farm and also look into vulnerability assessment.
• Implementing and maintenance of Cyber Ark’s PIM (Enterprise Password vault, Application Identity Manager, Discovery and Audit) and integration of all the devices and defining the role based access management system
• Respond to all security breaches and other security incidentsand coordinate with the respective teams to resolve the threats.
• Designing and maintaining the best access management system, data, network security, backup and recovery.
• Ensuring all the security policies are maintainedand updated according to the ISO standards.
• Perform forensic analysis on massive archives of log data forsecurityincident andregulatory investigations. Incidentmanagementprocesses for monitoring and correction ofissues.

Confidential

Senior Security Engineer

Responsibilities:

• Responsible for managing end to end solutions for RSA Envision which includes monitoring, trouble shooting and Maintenance of the SIEM network and server Farm and also look into vulnerability assessment.
• Respond to all security breaches and other security incidentsand coordinate with the respective teams to resolve the threats.
• Designing and maintaining the best access management system, data and network security, backup and recovery.
• Ensuring all the security policies are maintainedand updated according to the ISO standards.

Confidential

Information Security Engineer

Responsibilities:

• Analyzing Security alerts like virus activity, Network security events, Application compliance, Asset monitoring & Firewall alerts.
• Threat Analysis (Virus, Worm, and Vulnerabilities), Checking latest Threats and Risks related for the day, including technical details & giving awareness to the team.
• Involved in activities such as Creation of new Rules, Dashboards, Active channels, Active lists, Reports & also fine-tuning of existing dashboards, rules for better monitoring.
• Experience in TrendMicro application on Deep Security (HIDS) acts as a Host Intrusion Detection System and SCSP in our network.
• Worked on Sourcefire Defense Center from the Snort 3D sensors acts as a Network intrusion detection / Prevention System (NIDS/NIPS) in our network.
• Worked on File Integrity Event Management (FIEM) using Tripwire, The job responsibilities include monitoring critical Application files and OS file changes for the Servers.
• Identification, investigation and resolution of security breaches detected by those systems.
• Participate in the creation of security documents.
• Collect and review security logs and reports of all operational devices.
• Perform trend analysis where there is benefit to do so and suggest improvements to the security of the Project.
• Actively investigates the latest in security vulnerabilities, advisories, incidents, and penetration techniques and notifies clients when appropriate.

Confidential

Security Engineer

Responsibilities:

• Have good hands on experience in NESSUS and NMAP tools, which are used for penetration testing for our company audits.
• Experience on SIEM Solutions in Arcsight.
• Have good hands on experience in Security monitoring tools like IPS Manager Express, Log logic, ACS.
• Log logic: Managing applications with management station, Managing log sources, Managing device types, Managing SSL Certification
• Configuration and Management of VPN's Between Clients and our data Center.
• Coordinate a team, which consists of four network engineers.
• Cisco by CouponDropDown">Unified CommunicationsManager (formerly Unified Call Manager), quality of service (QoS), gateways, gatekeepers, IP phones, voice applications, and utilities on Cisco routers and Cisco Catalyst switches
• In-depth knowledge of LAN/WAN design and implementation
• Tremendous experience with Cisco 700, 800, 1700, 2500, 3600, 7000 (7513) series routers, Pix and ASA Firewalls and VPN Concentrators. Strong experience with 1900, 2900, 3500, 5500 etc series switches, TCP/IP, VPN and Network Security.
• Checkpoint(R65 & R75) and Nortel devices

Confidential

Network Security Administrator

Responsibilities:

• Responsible for all network related changes.
• Bluepal datacenter network infrastructure consists of Cisco routers, switches and ASA.
• Configuration and Management of VPN's between Bluepal offices across the world.
• Remote Monitoring and Management of eight offices in INDIA.
• Worked Windows 2000/2003 Operating System, Active Directory, and Messaging - Exchange 2000/2003/2007 Server, Networking
• Extensive experience in managing critical online production servers of Active Directory, Exchange Server, DNS, DHCP, WINS, SharePoint server, MS Project Server, WSUS, SMS, SQL Server 2000/2005, Laptop’s and PC’s installation and Hardware configuration
• Deployment and managing Windows 2003, 2005, 2008clustering and Storage Area Network (SAN), Firewalls, DSL, VPN, RDP, Group Policies.
• Configuration and deployment of Citrix XenApp or Presentation Server
• Implementing Virtualisation solution using - VMWare ESX Server 3.X and Windows 2008 R2 Hyper-V.
• Support to Desktops and Servers - Dell Power Edge, IBM, HP Blade Servers.
• Have good experience in trouble shooting desktop issues.
• Troubleshoot Server related issues and Monitoring the Network .
• Maintaining the Anti-virus Such as Mcfee, Kaspersky and Symantec and also updating the patches