OBJECTIVE

• Seeking a security - focused Data Loss Prevention system administration position using McAfee or Symantec

SUMMARY

• Systems Security Engineer with strong experience in the design, implementation, and administration of software and hardware security solutions in enterprise environments.
• Experience in analyzing security logs generated by Intrusion Detection/Prevention Systems (IDS/IPS), firewalls, network flow systems, Anti-Virus, and/or other security logging sources.
• Experience configuring and deploying McAfee modules and products like McAfee ePO, McAfee VSE, McAfee HIPS, McAfee Endpoint Encryption, McAfee Network DLP, McAfee DLP Endpoint, McAfee SIEM.
• Experience in Implementing & managing Symantec Data Loss Prevention.
• Maintaining critical monitoring systems (Splunk - log management systems) measuring system errors logs performance and availability. Evaluation of log management solution Splunk plus open source Linux storage systems.
• Experience in supporting Symantec Endpoint Protection 12.1 workstation clients in an enterprise environment. Installation, configuration, and day-to-day management of Symantec Endpoint Protection

PROFESSIONAL EXPERIENCE

Confidential, Orlando, Florida

Endpoint Security Engineer

Responsibilities:

• Managed on boarding projects such as security hardware/software implementations and updates
• Manually Installed McAfee NDLP Prevent 10.x ISO.file and configured in McAfee ePO server
• Provided assistance to management with administration and configuration of critical enterprise security systems and software such as McAfee ePO, McAfee DLP, McAfee Complete Endpoint Protection-Enterprise, Proofpoint, etc.
• Provided expertise with incident response, security event monitoring, vulnerability management, asset security compliance and Data Loss Prevention utilizing McAfee Nitro (SIEM), McAfee ePO, McAfee DLP
• Managed McAfee ePO A/V environment using ePO console to pull reports to validate security protection compliance via DAT file updates, and take appropriate action to correct issues found within the ePO environment
• Generated security reports utilizing enterprise security systems such as McAfee McAfee ePO
• Provided technical security proposals, security presentation, installing and configuring Checkpoint and Palo Alto firewalls, VPN networks and redesigning customer security architectures
• McAfee WGW / Email Gateway - Managed proxy health and deployment of white and black lists
• Responsible for IMS (Incident Management System), an application for reporting issues
• Reviewed and created the FW rules and monitoring the logs as per the security standards in Checkpoint and Net screen Firewalls
• Researched, designed, and replaced aging Checkpoint firewall with new next generation Palo Alto appliances serving as firewalls and URL and application inspection
• Assist in the implementation, setup, and management of Symantec DLP (Data Loss Prevention)
• Provided real time intrusion detection host based monitoring services using Symantec Endpoint
• Installed and maintained security infrastructure, including IPS, IDS, log management, and security assessment systems. Assessed threats, risks, and vulnerabilities from emerging security issues
• Designed, tested, and implemented security infrastructure including centralized logging, IDS, HIDS
• Performed malware analysis using various tools (e.g. Encase, HBGary FireEye, NetWitness, IDA Pro). Conducted analysis on captured user, computer, and network security events, in a near-real time environment, to determine security vulnerabilities, policy violations, and malicious behavior
• Implemented contained FWSM in HA, NIDS, HIDS, Network virus wall.

Confidential, Melbourne, Florida

Endpoint Security Engineer

Responsibilities:

• Worked on multi-vendor platform with checkpoint, Fortinet and Cisco firewalls requesting net flow for security compliance, coding, and pushing firewall rules after approval and troubleshoot incidents as required
• Worked on Symantec HIDS/ HIPS CSP solution for FIM (File Integrity Monitoring) and prevention policies including detailed policy creation/ application and Alert configuration
• Performed upgradation of Palo Alto firewall from old platforms to new platforms 6.1.5 to 6.1.10
• Configured Palo Alto Next-Generation Firewall mainly VSYS according to client topology
• Actively used SIEM technology for searching and monitoring real time events for network security and compliance
• Performed System Administration Tasks for Symantec Data Centre Security
• Performed security audit support activities for internal and external audits
• Installed updates on new signatures
• Maintained the security standards across the security devices as per the security policies. IDS/IPS Signature updates and CSM Management
• Maintained DNS security via DNS ACLs and other DNS security measures. Implemented IP security measures and cured areas of DNS vulnerability
• Assessed threats, risks, and vulnerabilities from emerging security issues
• Worked with F5 Virtual Clustered Multiprocessing (vCMP) technology, coupled with Clustered
• Multiprocessing (CMP) technology, application delivery software, purpose-built hardware
• Used IPsec VPN tunnelling to provide access to user machines and partners in other network
• Configured and tested Multicast for both IPv4 and IPv6 routing in Data Centre Environment
• Analyzed a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident.
• Monitored and analyzed system health alerts
• Assist and carry out patch management
• Assisted with review of policy, security alerts, guidance, regulations and technical advances in IT Security Management.
• Participated in development and maintenance of global information security policy
• Prepared technical documentation of configurations, processes, procedures, systems and locations.

Confidential

Network Engineer

Responsibilities:

• Assessed and built a data protection program through data classification skills and a clear understanding of privacy standards and regulations
• Data Loss Prevention suit, Symantec DLP Product - Implementation and deployment as the champion team
• Deployment of Data loss prevention across the network - Data in motion, Data in Use & data at Rest servers
• Gained experience with Symantec DLP Software: DLP Cloud Prevent for Microsoft Office 365, DLP Cloud Storage, Cloud File Sync and Share, and security product capabilities
• Deployed in the cloud and on-premises using Amazon Web Services (AWS) and Single- Server support
• Analyzed Symantec DLP events and reports
• Performed tuning of Symantec DLP to reduce false positives and improving detection rates
• Network Access Control - Implementing a secure solution to identify network devices and profiling the Network devices to allow or disallow access based on the device type
• Signature Updates Deployment on the Management Components and all the Individual IPS/IDS devices
• Intrusion Prevention System - IDS/IPS Implementation and Upgrade for SiteProtector
• Refined IPS Policy and Creating Rules according to the Security Standard
• Analyzed the Network Attack, blocks, detects and regular Health Checkups in the real environment
• Prepared the Knowledge Transfer document of Process and Technical specifications guide for the Transition/Internal purpose
• Ensured smooth transition for all the Security Applications, Preparing Team Metrics report and Project status report weekly/monthly presenting to the Customer. Client facing role and Understand the Customer requirement.