SUMMARY

• Experienced professional with 6+ years of experience in Cyber Security and Network Security.
• A Certified Ethical Hacker.
• Superior Knowledge of TCP/IP, firewalls, routers, IDS and IPS systems.
• Strong Knowledge of Network protocols and technologies.
• Experience with various Vulnerability management tools such as Nessus, Nexpose, GFI languard, Qualys.
• 3+ years of Experience in Qradar, Alienvault, Splunk SIEM tools to secure organization network.
• Experience with Log Management and Event Management.
• Expertise in investigation and incident response of security events.
• Developed strategies to enhance cybersecurity of organization.
• Performed Penetration testing for large enterprise networks.
• Experience with security assessment of PCIDSS, HIPAA, SOX compliances.
• Protected confidentiality, integrity and availability of information and information systems of organization.
• Performed security monitoring of clients, servers, applications and network infrastructure
• Performed internal audits to ensure compliance requirements are met.

TECHNICAL SKILLS

Operating Systems: Windows 10, Mac OSX, Linux, Ubuntu.

IDS/IPS: Snort, Sourcefire.

Firewall: Cisco PIX, ASA

SIEM: Qradar, Splunk, Alienvault.

Vulnerability Management & Penetration testing tools: Nessus, Rapid 7 Nexpose, Qualysguard, Nmap, Retina Security Scanner, GFILanguard, Metasploit, Kali Linux.

Forensic/Malware: Encase, FireEye, Wireshark.

Endpoint Security: Confidential EPS, Confidential EPS, Confidential, Kaspersky.

Security Standards: PCIDSS, HIPAA, SOX

Networking Concepts and Protocols: OSI Model, TCP/IP, UDP, IPV4/V6, Subnetting, RIP, IGRP, DNS, ICMP, SNMP, ARP.

PROFESSIONAL EXPERIENCE

Cybersecurity Analyst

Confidential, Chicago, Illinois

Responsibilities:

• Performed Log collection and monitoring using Qradar.
• Integrate infrastructure devices and security devices to Qradar SIEM.
• Configure network hierarchy and backup retention configuration of Qradar.
• Analyzed offenses generated by vulnerability management tools.
• Performed vulnerability scanning and remediation using Nessus.
• Developed security policies and best practices to maintain confidentiality, integrity and availability of organizational data.
• Performed system maintenance such as antivirus scans and security upgrade using Confidential Endpoint Security to secure workstations and organization network.
• Analyze and respond to malware events on workstations generated my anti - virus scans.
• Analyze logs from firewall, security devices and endpoints to detect possible intrusion.
• Ensured security controls and in place and risks are remediated.
• Calculated risk rating and generate security assessment reports.

Environment: QradarSIEM,Splunk, Nessus VM, Confidential Endpoint Security, SourceFire, Snort.

Security Analyst

Confidential, Arlington, VA

Responsibilities:

• Aggregate, correlate and analyze log data from network devices, security devices using Qradar.
• Analyzed offenses created based on different device logs via correlation rules.
• Responsible for maintaining, reporting and communication of SIEM between event-sources and endpoints.
• Manage incident response and trouble ticket lifecycles.
• Create and maintain support documentation and procedures for IDS/IPS and SIEM solutions.
• Conduct network vulnerability assessment using Rapid7 Nexpose to evaluate attack vectors, identify system vulnerabilities.
• Developed remediation plans and security procedure to combat vulnerabilities.
• Monitored network for intrusion using SourceFire IDS and Snort.
• Monitored and troubleshoot network security issues of corporate network.
• Analyzed outbound traffic patterns at various internet gateway device locations using log analysis tool Splunk.
• Analyzed and monitored logs of Firewalls.
• Managed endpoint security of workstations using Confidential Endpoint Security.
• Capture and analyze network packets with Wireshark to detect possible intrusion.
• Worked with various departments to improve detection of security incidents and intrusions.
• Developed draft process to determine valid business traffic in corporate network.

Environment: Qradar, Splunk, Nexpose, Nessus, Wireshark, SourceFire, Snort, Symatec Endpoint Security.

Information Security analyst

Confidential

Responsibilities:

• Conduct network monitoring and intrusion detection analysis to detect intrusions in system.
• Maintain and manage hosted Alienvault SIEM implementation in organizational networks.
• Investigate suspicious network activity, evaluate risk and propose effective solutions for risks identified.
• Configure snort and create signatures based on intrusions.
• Create company policies and procedures for email, network usage and access control.
• Managed security of workstations in organizational network using Confidential Endpoint security.
• Captured and analyzed network packets to detect possible intrusion using Wireshark.
• Performed Vulnerability management using tools like Nessus, Nexpose, Qualys and generated report on high-level vulnerabilities.
• Conducted security assessment and penetration testing on organizational network.
• Investigate and respond to firewall, security device alerts and escalate to concerned teams.

Environment: Alienvault SIEM, Wireshark, Nexpose, Qualys, Nessus, Confidential Endpoint Security, Snort.

Network Engineer

Confidential

Responsibilities:

• Configure networking devices such as servers, routers, switches, firewall before deployment
• Troubleshoot network related issues in organization.
• Draft monthly reports of network efficiency to observe if changes are needed.
• Perform required network updates on regular basis.
• Perform software updates, system backup, recovery procedures.
• Configure user accounts and password criteria for additional security.
• Configure firewall and restrict network access to unauthorized users.
• Design system configuration and enforce system standards to establish networking environments.
• Design WAN, LAN, internet and intranet.
• Communicate with project managers and stake holders to ensure project is in-sync with customer requirements.

Environment: Cisco Firewall, Windows Servers, Routing Protocols, Switching Protocols, Wireshark.