Security Engineer Resume ATLANTA, GA - Hire IT People

SUMMARY

Six plus extensive experience in varying areas of security that includes vulnerability testing, security assessment, and implementation of security systems. Have extensive knowledge in vulnerability testing of web application that includes intelligence gathering, vulnerability scanning, exploiting and reporting.
Good interpersonal skills, commitment, result oriented, hard working with a quest and zeal to learn new technologies and undertake challenging tasks.
Knowledge of OWASP exploitation methodology and web application vulnerability standards.
Experience executing, ethical hacking and penetration testing.
Knowledge of advanced cyber threat actor tactics, techniques and procedures (TTP),and emulate these TTP to assess vulnerability and risk
Knowledge and experience with penetration testing and ethical hacking product.
Experience with web - based programming, protocols, best practices, and cryptography
Knowledge on Windows, Linux, Unix Operating System Configuration, Utilities and programming.
Experience with various security tools and products (Fortify, AppScan, etc.)
Knowledge of hardware, software, and networking technologies to provide powerful combination of analysis, implementation, and support
Familiarity with common programming or scripting languages.
Ability to plan, develops, and executes security tests.
Knowledge of TCP/IP ports and protocols.
Understanding of Software Development Life Cycle (SDLC).
Work Status: Green Card (Lawful Permanent Resident)

TECHNICAL SKILLS

Application Security tools: Kali Linux, IBM AppScan, Metasploit, SQL Map, Nessus, Nmap, HP Fortify, Burp Suite, OWASP ZAP, Wireshark, Acunetix.

Operating System: Linux, Unix, Windows, Mac

Programming: C, C++, Java Script, CSS, HTML

Applications: MS Word, Excel, PowerPoint, Service Now, Word Press.

PROFESSIONAL EXPERIENCE

Confidential, ATLANTA, GA

Security Engineer

Responsibilities:

Working in collaborate team of both networking security teams.
Identifying the critical, High, Medium, low vulnerabilities in the application based on OWASP top 10 and SANS 25 and prioritizing them based on the critically.
Performed penetration testing over different business application and network devices of the organization.
Enforced Password Cracking tests over the administrator and user accounts to evaluate the strength of password used
Uncovered high vulnerabilities at the infrastructure level for internet facing website.
Using Kali Linux to do web application assessment with tools like DirBuster, Nessus, and Nmap.
Update with the new hackings and latest vulnerabilities to ensure no such loopholes are present in the existing system.
Conducted testing over the application to comply with PCI DSS Standards.
Capturing and analyzing network traffic at all layers of OSI model.
Created detailed report written reports on the assessment findings and recommendations.

Confidential

Security Engineer

Responsibilities:

Perform and lead application and networks security vulnerability assessments.
Identifying the critical, High, Medium, Low vulnerabilities in the application based on OWASP TOP 10.
Conducted application penetration testing of 15+ business application.
Work on improvements for provided security services, including the continuous enhancement of existing methodology material and supporting assets.
Perform validation and verification. Recommended process improvements.
Test form factors and technologies based on scopes of work.
Creating comprehensive security assessments reports.
Design, develop and implement penetration tools and tests and also use existing ones to handle penetration testing activities.
Designed a series of penetration tests as a basis for more advanced testing, resulting in ease of strategic tests development.

Confidential

Application Security Analyst

Responsibilities:

Networking monitoring, IDS/IPS, Firewalls, Proxy servers, load balancers.
Served as the primary responder for managed security incidents pertaining to the client firewalls and all network infrastructure components.
Configuration and management of network systems, network design, and integration of security technologies.
Identify key indicators of malicious activities on the network and end user workstation.
Perform analytical support of security incident calls across the enterprise.
Analyze raw PCAP data to validate security events, interpret network traffic and extract indicators.
Provide cyber threat analysis to support development and research teams.
Work with security operation teams to collect data for incidents metrics reporting.
Assists network services, software systems engineering and/or application development in order to restore service and/or identify problems.