Summary of Qualifications

• Skilled Technical Security Analyst with expertise in Cloud Security, Security Risk Assessment, Analysis and Implementation in enterprise environments. Interested to work with team that is driven and committed to identify and solve security challenges.
• 10 years of overall experience in IT Security Risk Assessment, Analysis and Implementation in enterprise environment
• 6 years of experience in high impact emerging technologies accounting for over 400 million in revenue at Exelon - top rated corporation by Security 500 Rankings in Energy and Utilities sector
• Responsible for security of the complete UNIX environment affecting about 350 sites all over the US accounting for about 25 million in revenue at SSA.
• Reliable and competent individual, highly analytical, hardworking and committed team player.
• Self-motivated quick learner with ability to meet pressure deadlines.

Primary Technical Skills

Work Experience

Confidential

Lead Information Security Analyst

• Evaluated vendor proposals for the RFP, especially in the areas of Cloud infrastructure hosting. Reviewed the materials, evaluated their responses, and provided an objective score to assess the vendor's security capabilities.
• Key contributor in developing security framework checklist to review the security posture of a perspective cloud service provider which captures specific cloud security requirements and maps them to various standard control frameworks.
• Assisted in strategic review of high profile business processes or services, policy development, review of high impact emerging technologies and review of emerging regulatory requirement.
• Post-merger activities of providing security requirements for DLP, IronPort, Office 2010, Internet browser, Office 2010 and Windows 7 deployment
• Deployment of comprehensive MDM solution enterprise-wide
• Developed and interfaced tactical solutions including comprehensive security reviews, process development and implementation, technology architecture reviews and vulnerability Remediation for supporting business and strategic plans.
• Security liaison for web redesign/remodel of Exelon supported businesses including web components added over time.
• As a project resource, effectively evaluated charters, business cases, and requirements to ascertain associated risk and provide guidance on reducing such risk to an acceptable level.
• Resolved inquires related to request for best practices and clarifications surrounding Information Assurance Policies or Information Security.
• Developed, updated and presented security training program to associated business unit surrounding Acceptable Use Policy reducing operational risk associated with improper use.
• Researched to provide second tier support for the security policy exception process

Confidential

System Security Analyst

• Automated hardening of new Solaris servers using shell script.
• Implemented UNIX Security Risk Model based on DISA/NIST security checklist.
• Perform security audits and address areas of concern as identified by DISA/NIST scripts which includes vulnerability assessment, correction and documentation of strong business related exceptions without compromising security. Letter of appreciated from SSA Division Director.
• Researched, tested and implemented access control rules for OS and additional software related critical resources/files.
• Worked with vendor developers and SSA directly to resolve any identified security threat.
• Re-engineered entire account management architecture to centralize account management and authorization which dramatically increased efficiency and credibility.
• Monitored system files integrity using Tripwire for servers.

Confidential

System Security Analyst

• Perform regular security audits based on UNIX Security Risk Model 2005 provided by SSA and address areas of concern as identified by ePC. This included vulnerability assessment, correction and documentation to justify any exceptions based on client's business needs.
• Improved audit results from a score of 52 to 98 thus establishing LMES S leading IT security provider to SSA. Recognition from LMES S President for this effort.
• Monitor network connectivity and critical resources with Argent Guardian for Windows and Solaris servers.
• Server Configuration and Hardening of Windows 2000 server network spread across US.
• Built and configured Dell 2650 PowerEdge servers and Dell GX270 workstations.

Confidential

Graduate Assistant

• Assisted professor with graduate courses such as Network Security, Discrete Math and Information Structures for School of CTI.
• Researched using financial model techniques and numerical models, stock exchange data extraction and modification using Excel and SAS for Department of Finance.
• Developed an Internet audio tool to establish two-way audio communication channel over the network using unicast UDP and C over Sun Solaris platform with codec types PCM, H.261 and G.728 extending to include real-time video.
• Hands-on router, firewall and VPN configuration and development of security policies using Cisco, Linux and Microsoft software and hardware. Hands-on Windows 2000 Server/IIS Setup and Hardening, Red Hat Linux 8.0 and Apache Web Server Install with implementation of NetFlow Network Forensics, Intrusion Detection Systems using TCPDump, Snort IDS and ISS RealSecure via 2-factor token authentication.
• Designed and compiled a Network File Client and Server application NFS using C and UNIX Socket programming with added multicasting feature.