SUMMARY:

• Cyber Security Specialist with experience in: external and internal Security Assessments, Penetration Testing, Vulnerability Assessment, Gap Analysis and Risk Assessment.
• Verified compliance with regulatory requirements and provided guidance for correcting the noncompliance issues.
• Performed network security assessments of Windows and Linux systems, Web Applications, IOS and Android smartphone applications, databases and wireless networking, using a variety of network (TCP/IP) protocols.
• Monitored and detected Network Vulnerabilities, Application Security Vulnerabilities, Viruses and Penetration Attempts to Confidential computer networks located in 86 countries. Evaluated for Confidential Top 10 vulnerabilities and the Treacherous 12 Cloud Computing Top Threats. Deployed and monitored the security of the infrastructure. Performed Malware Analysis and removal.
• Performed static and dynamic security testing for Android and IOS mobile devices using MobFS framework.
• Provided compliance with PCI DSS, Confidential 27001 and 27031 and conformance to other audit requirements. Developed Disaster Recovery Plans for Confidential and Confidential offices worldwide.
• Developed Identity Management architecture and deployment using Salesforce and Oracle Enterprise Single Sign On. Performed Salesforce Developer and Security Administrator roles.
• Performed Penetration Testing and Vulnerability Scanning using Acunetrix, Qualys, Nessus, OpenVAS, MobSF, Burp Suite, Back Track and Kali. Experienced with QRadar, Blue Coat, Splunk, Snort, Suricata, and Alien Vault/OSSIM, for security information and event management (SIEM) .
• Performed static and dynamic computer forensic analysis using FTK, Autopsy, Silent Runner and Helix, including malware forensics and reverse engineering. Developed, implemented and monitored Active Directory security measures, on premises and in the cloud. Deployed and monitored VoIP.
• Developed architectures using Open Stack and applications using WEB2PY, PHP, Python and Ruby on Rails. Developed and administered MS SQL, Oracle, MongoDB and Hadoop databases, including encryption.
• Migrated users to Office 365 and SharePoint on Azure Cloud. Designed Cloud Computing on AWS, to program applications and to automate common tasks using Python, capacity planning and performance management.
• Experienced in designing and operating secure systems with a strong knowledge of firewall systems ( Confidential ASA and Check - Point 1), and network architectures (including Routers, Switches and IDS/IPS ). Designed, tested and approved firewall rules. Developed configurations and performed configuration management.

EXPERIENCE:

Confidential, New York

Cyber Security Specialist

Responsibilities:

• Monitored and detected Network Vulnerabilities, Application Security Vulnerabilities, Viruses and Penetration Attempts to Confidential computer networks located in 86 countries.
• Deployed and monitored Symantec Endpoint Protection Manager (SEPM).
• Evaluated for Confidential Top 10 vulnerabilities and the Treacherous 12 Cloud Computing Top Threats.
• Deployed and monitored the security of the infrastructure.
• Developed the presentation of the results on a Map of the World with sources of attack, protocols and the exploited vulnerabilities detected on hosts on the Confidential computer network. Managed incidents. Performed Malware Analysis and removal.
• Performed static and dynamic security testing for Android and IOS mobile devices using MobFS framework.
• Provided compliance with Confidential 27001 and 27031 and conformance to other audit requirements. Developed Disaster Recovery Plans for Confidential and Confidential offices worldwide.
• Developed Identity Management architecture and deployment using Salesforce and Oracle Enterprise Single Sign On. Salesforce Developer and Security Administrator.
• Provided PCI DSS compliance using Qualys. Performed internal and external Qualys scans for Compliance, WebApps, Vulnerability and Mapping, including manual verification of potential vulnerabilities. Established remedial action plans based on severity. Developed Remediation Policies and operated the Vulnerability Remediation Reporting System.
• Performed Penetration Testing and Vulnerability Scanning on Windows and Android, using Acunetrix, Metasploit, Nessus, MobSF, Burp Suite, Back Track and Kali. Experienced with QRadar, Blue Coat, Splunk, Snort, Suricata, and Alien Vault/OSSIM for security information and event management (SIEM) .
• Performed static and dynamic computer forensic analysis using FTK, Autopsy, Silent Runner and Helix, including malware forensics and reverse engineering. Deployed and monitored VoIP. Developed, implemented and monitored Active Directory security measures, on premises and in the cloud.
• Developed architectures using Open Stack and applications using WEB2PY, PHP, Python and Ruby on Rails. Developed and administered MS SQL, Oracle, MongoDB and Hadoop databases, including encryption.
• Migrated users to Office 365 and SharePoint on Azure Cloud . Designed Cloud Computing on AWS to automate common tasks, capacity planning and performance management.
• Experienced in designing and operating secure systems with a strong knowledge of firewall systems ( Confidential ASA and Confidential vASA, Check-Point 1 and monitored them using Nagios), and network architectures (including Routers, Switches and IDS/IPS ). Designed, tested and approved firewall rules. Developed configurations and performed configuration management.
• Monitored for new vulnerabilities detected through scanning and received alerts from industry vulnerability databases. Validated alerts generated through automatic testing, and escalated accordingly. Coordinated the vulnerability remediation process in accordance with the existing vulnerability management policy.

Confidential

Security Architect / Systems Engineer

Responsibilities:

• Provided Cloud Security Assessments, in compliance with the Microsoft Azure and Amazon Acceptable Use Policy. Evaluated compliance with the requirements applicable for the respective type of business (PCI DSS, HIPAA, FedRAMP and SAS-70). Performed Confidential 27001/BS 17799 Risk Assessments with Statement of Applicability, Risk Treatment Plan and Gap Analysis using vsRisk, RA2, RiskWatch and CRAMM. Provided follow up reviews or managed the implementation, as a project manager.
• Deployed and Monitored Splunk (SIEM) and Alien Vault/OSSIM for monitoring of application logs, web access logs, configuration files and databases
• Performed Security Architecture reviews and analyzed proposed designs. Performed firewall rule approvals and responsible for integrating security best practices into projects.
• Performed Web application vulnerability scanning to prevent SQL injection, directory path traversal vulnerability, Cross-site scripting, Redirection and header injection attacks, Leakage of query string parameters in the Referrer header, Integrity of Access Controls and Session Management, Session hijacking, capture of credentials and other sensitive data, Buffer overflows, Client-side Login with focus on validation and authentication and Common configuration weaknesses, known software bugs. Performed log monitoring (using Splunk and OSSIM) and configured intrusion detection and prevention systems (IDS/IPS) including operations and maintenance.
• Advised customers on how to implement Security Hardening measures for Servers, Databases, Routers and Switches, as suggested by U.S. N.S.A. to control access, help resist attacks, and help protect the integrity and confidentiality.
• Published a book on “Cloud Computing Security”, Confidential: 1461194067
• Participated in Cloud Security Alliance (CSA) working groups to develop cloud-specific standards, to improve current standards. Contributed to the Cloud Audit specification, currently reviewed by IETF, which is an open, extensible and secure interface that allows cloud computing providers to expose Audit, Assertion, Assessment, and Assurance (A6) information for cloud infrastructure (IaaS), platform (PaaS), and application (SaaS) services to authorized clients.
• Monitored for new vulnerabilities detected through scanning and received alerts from industry vulnerability databases. Validated alerts generated through automatic testing, and escalated accordingly. Coordinated the vulnerability remediation process in accordance with the existing vulnerability management policy.

Confidential

Senior Security Analyst / Consultant

Responsibilities:

• Experienced with Firewall and VPN Remote Access Technologies, E-mail and Instant Messaging Security, Intrusion Detection & Prevention, Vulnerability Assessment and Management, Wireless Security, End-Point Security, DDoS Protection
• Used the Waterfall Methodology, in the beginning, and then converted my programming to the Agile Methodology, including Extreme Programming.
• Managed Web Servers running on Linux/Apache and Microsoft platforms.
• Performed firewall rule approvals and coordinated the annual PCI DSS certification process
• Phishing and Spear Phishing Security Assessments (pTest)
• Monitored for new vulnerabilities found by scanning or industry vulnerability alerts, and validated alerts generated through automatic testing.
• Assessed the validity of identified vulnerabilities. Coordinated the vulnerability remediation process in accordance with the vulnerability management policy.
• Regulatory Compliance Consulting using vs Risk, for Confidential 27001/BS17799
• Security Engineering, including implementation of information security awareness programs, Incident Response, Computer Forensics, Reverse Engineering of Malicious Software, Network Traffic Analysis and log review

Confidential

Information Systems Manager

Responsibilities:

• Deployed and operated Intelligent Transportation Systems infrastructure, consisting of 9 video cameras and 18 Variable Message Signs. Provided system analysis, development, implementation and support for Windows, Linux and Novell networks, consisting of nine web, streaming video, mail and file servers and three dozen workstations.
• Developed and implemented network security measures using Confidential PIX firewall, Internet Security and Acceleration Server and Microsoft Proxy 2.0. Developed and implemented Security Policies, access control, network and telecommunications security, business continuity and disaster recovery planning and related security management measures, for hudsonvalleytraveler.com.
• Performed Security Audits for compliance with the Security Policies and Penetration/Vulnerability Analysis to validate the network against the security policy and the known Internet attacks. Tested networks with a wide variety of hacking tools. Documented any exploits found and suggested security solutions. Monitored network traffic with Ethereal and provided Intrusion Detection with Snort 2.0.
• Designed, developed, configured and administered daily operation of the above mentioned infrastructure. Managed and supervised a staff of three.