SUMMARY

• Cyber Security enthusiast with around 7+ years of professional experience in IT Security and Infrastructure Services.
• Master’s degree in Cyber Security with specialization in Information Assurance and Security Policy.
• Professional working experience within IT and medical industry during master’s and work, Knowledge on Automobile and Manufacturing industry from bachelor’s in mechanical engineering.
• Have strong analytical and problem - solving skills to identify, analyze and mitigate Cyber Security and GRC related risks.
• Experience with IT audits and security frameworks like NIST CSF and ISO framework. Experience with external ISO audits and SSAE SOC1 and SOC2 audits.
• Strong understanding and experience working with security standards like PCI-DSS, CCPA, HIPPA, GDPR, NIST 800 - 53, ISO27001.
• Experience using Microsoft STRIDE, MITRE ATT&CK framework.
• Good understanding on end-to-end product development life cycle. Working experience with project initiation, planning, design, production, review phases of the project.
• Efficient at maintaining documentation for all activities performed and maintain a track of it.
• Experience with Incident response, Risk management and Security governance.
• Experience with Business continuity planning and Disaster recovery planning.
• Efficient at Scanning and Enumeration, Log analysis, Network traffic analysis, Vulnerability Assessment, Risk Assessment.
• Experience working with AWS cloud and DevOps
• Kubernetes works with Docker, Containerd, and CRI-O. Originally, it interfaced exclusively with the Docker
• Knowledge on Open-source intelligence, cryptography, penetration testing techniques, reverse engineering.
• Detail-oriented and hardworking professional.Dealt with Escalation problems for different issues.
• Experience in communicating with customers, solving complex problems in a timely productive manner.
• Excellent Communication and Interpersonal skills with the ability to interface at all levels and cross functional teams.
• Experience in virtualization technologies and different Operating systems - Mac, Linux, Windows.
• Excellent working knowledge of Windows or Linux operating systems - experience of supporting and troubleshooting issues and performance
• Experience with Cloud based hosting solutions (AWS-EC2/S3, Azure, Google Cloud)
• Azure Security Center and Azure Defender for Microsoft Defender for Cloud
• Efficient at the use of MS Office, MS project as technical documentation and presentation tools.
• Efficient at scripting languages C, python, bash, API, PowerShell, regex, JSON.
• Effective in work both active and reactive approaches of cyber security.
• Provided 24x7x365 availability and when required on call support to the projects

AREA OF EXPERTISE

• Cyber Threat Analysis
• Security Architecture & Strategy
• Network Security
• Policy Development & Management
• HIPAA/COBIT/SOX/ Confidential /PCI
• Cyber Security Incident Response
• Security Operations Centers (SOC)
• Vulnerability/ Risk Assessment
• Disaster Recovery Planning Testing
• Forensic Toolkit
• Docker
• Kubernetes
• Vulnerability Management
• Security Awareness Training
• Security Operations Advancement
• Cyber Threat Intelligence
• Unix / Linux
• Devops
• FResponse
• AWS cloud
• Intrusion Detection
• Vulnerability Assessment &Penetration Testing
• Executive Leadership
• Penetration Testing
• SIEM Tools

PROFESSIONAL EXPERIENCE

Confidential, PA

Security Analyst

Responsibilities:

• Worked as a Security analyst for biological raw materials manufacturing industry.
• Provided APIs and implementations to support Service Function Chaining in Neutron
• Expert at implementing network security, SIEM tools, new concepts, identity management, new security technologies, securing cloud architecture, and new security controls as well as in developing innovative security controls and processes that meet business and executive requirements in order to protect information.
• Python for our main application, Node.js for microservices
• Create AMI images of critical EC2 instances as the backup.
• Working as part of DevOps Team for different internal automation and build configuration management.
• Build and configure a virtual data center in the Amazon Web Services cloud to support Enterprise Data Warehouse hosting including Virtual Private Cloud
• Performing a Security Assessment on our client Confidential to understand the security posture of the organization and make required changes to enhance the security.
• Innovated and maintained Bash, VBScript, Powershell, and batch executables to automate server administration tasks.
• Technical experience and administration of Solaris 7,8,9,10, Linux Red Hat, Linux Suse operating
• Developed CI/CD system with Jenkins on Kubernetes container environment, utilizing Kubernetes and Docker for the runtime environment for the CI/CD system to build and test and deploy.
• Participate in the software development life cycle to ensure sound Cloud solutions are implemented.
• Technical experience and administration of Solaris 8,9,10, Linux SuSe and Red Hat operating systems/VM Ware.
• Designs, plans, and integrates cloud computing and virtualization systems using infrastructure as code and modern cloud-native deployment techniques such as DevOps.
• Designed and implemented scalable, secure cloud architecture based on Amazon Web Services.
• Created new CDN API reference and SNMP and Syslog monitoring guide.
• Performed a Vulnerability Assessment on the Client Network using various kali Linux tools like Nmap, sparta, Nikto, air crack-ng. Nessus scanner, John ripper and other tools are also used.
• Used Microsoft threat modelling tool to analyze the project security and made changes as required.
• Created monitors, alarms and notifications for EC2 Cloud
• Enterprise scale networks within cloud environment delivering SaaS solutions
• LANGUAGES: SQL, VBScript, PowerShell, Linux Bash Shell, Perl, Batch Scripting, ASP/HTML, XML, Ruby
• Working knowledge of Amazon Web Services Products & Services, Relational and NoSQL Databases, Caching, Object and Block Storage, Scaling, Load Balancing, CDNs, Networking etc
• Automated Jenkins Job configuration using Groovy scripting, for the better backup and manageability of Jenkins Jobs.
• Design, development, and implementation of Cloud solutions.
• Managed and lead Regulatory & legal security standards such as PCI DSS, Sarbanes-Oxley, HIPAA
• Managed Regulatory Compliance implementation with OWASP, FISMA, HIPAA, PCI- DSS, GLBA, SOX, COBIT, COSO, FFIEC, NIST, ISO 27001, ISO 27002, DFARS NIST SP 800-171 and GDPR
• Triaging emails sent by internal users depending on the categories and responding to the customers after investigating the emails.
• Network health monitoring tools (Cloud Watch, Solar Winds, Logic Monitor)
• Cyber intelligence is used to understand the security risks and mitigation plans
• A vulnerability assessment, physical security assessment, user awareness assessment, risk assessment and compliance check is performed on the client environment.
• Assist with the installation and configuration of a cloud management platform per the requirements of the respective services
• Started with inventory collection and then performed a scan on network to identify security gaps on both wired and wireless networks. Detailed report with recommendations, configuration changes required is provided to the Client.
• Windows 2003 server migrations to Windows 2008/2012 servers. SCCM 2007 to 2012 migration. SCCM administration, OS/software distribution, task sequences, and SQL queries. VMware and Windows systems administration involving 2400 VMs including server builds, V Motion, storage V Motion, DRS, HA and configuring ESX and physical servers. Bash shell and extensive Powershell scripting for automating tasks in Linux and Windows. Active Directory, GPO, DNS, and DHCP configuration. Citrix support.
• Launching Confidential EC2 Cloud Instances using Confidential Web Services (Linux/Ubuntu) and configuring launched instances with respect to specific applications
• F-Response is utilized to connect to a suspected compromised system over a whereby the incident response analyst can utilize FTK Imager to acquire
• Used Splunk SIEM threat analyst in a managed service security operation center (SOC), triaging cyber threats utilizing Splunk and various Cloud security tools.
• A physical security assessment is performed on perimeters, exteriors entry points and interior entry points, camera designs and configuration of the Client location. Access controls are assessed and recommendation to enhance security are provided.
• User security awareness is assessed by conducting multiple phishing attempts on the users using Microsoft Office attack simulator tool.
• Technical experience and administration of Solaris, Linux Suse and Red Hat operating systems/VM Ware.
• Administered and deployed 42 Linux and 110 Windows 2008 servers, including writing PowerShell and Linux shell, Perl and cron job scripts to automate tasks, alerts, data feeds, and encryption. Go to expert building and administering Active Directory, GPOs, domain controllers, IIS/ 2003/2008/2012 , SMTP, SNMP, LDAP, DNS, NAS/SAN storage, Raritan KVM, Citrix presentation, XenApp and Xen Servers. Configured Evault server backups. Developed infrastructure documentation, DR plans, and PCI security compliance. n security. Recommendations are given and required security trainings are conducted regularly.
• VAPT stands for Vulnerability Assessment & Penetration Testing. It is a security testing to identify security vulnerabilities in an application,(VAPT) are both security services that focus on identifying vulnerabilities in the network,
• Information security policies are verified, and changes required are documented and handed overed to client. On client request Ransomware Plan, Disaster recovery plan, etc. were added.
• Risk register, Probability/Impact matrix is prepared for the project. And regularly updated with changes and action plans, severity levels.
• Lead WSUS Windows and Linux patching. Linux CentOS support for java/Apache based websites and package installs. Configured PKI, encryption, SSL, SSH, SFTP, SSH on Linux servers. MS SQL 2008 server configuration. Nagios monitoring and Puppet configuration.
• Experience with Payment Card Industry (PCI DSS, PA-DSS, P2PE)
• Along with technical skills, developed hands-on experience on project management skills.
• Worked on Gantt charts, Work Breakdown Structures, Burndown Charts, Budget Breakdown, Milestone report. etc.
• Maintained active communication and conducted meetings with all the stakeholders regularly in timely manner.
• Proficient with deployment and management of AWS services - including but not limited to: VPC, Route 53, ELB, EBS, EC2, S3
• Areas of Functional Expertise: Cloud Architecture & Engineering of Private /Hybrid/Public clouds, DevOps, Software engineering, product development, cloud engineering best practices, performance and scalability engineering, security, systems engineering and distributed system management.
• Provided Technical Recommendations for Installation and Implementation of Virtual Environments in Industrial Plants. Identified Administrative Standards, Issues and Process Improvements
• Performed real-time proactive Security monitoring and reporting on various Security enforcement systems, such as Splunk (SIEM), Anti-virus, Carbon Black, Malware Analysis, Firewalls, IDS& IPS, Web Security etc.

Confidential, New york city, NY

Cyber Security Analyst

Responsibilities:

• Experience in building a detailed strategy plan ensuring effective security is maintained at the location.
• Created software development framework that streamlined development, simplified maintenance, and generated reusable components to integrate enterprise architecture comprising Microsoft, UNIX, distributed SQL databases and proprietary systems.
• Develop and present business cases to Management to improve security posture to effectively mitigate advanced threats
• Help build/improve an exception process to manage policy compliance deviation
• Work with Information Security team and update Security Standards for all technologies ( Databases, Operating Systems & Network devices)
• Participated as a subject matter expert providing guidance in implementing the best practices, ensuring cyber governance and compliance is followed.
• Prepare project plans for deployment of various security initiatives across the security devices and complete the project on timelines.
• Worked for 5 scrum teams (Java, AEM, Jenkins, Ant, Maven, SVN, git, Agile methodology, cucumber scripts, sonar, XL Deploy and XL Release, SharePoint, CI/CD automation from scratch, Docker)
• Prepare threat modelling plan for any new project setup.
• Have a clear understanding on SLA and client needs and ensure targets are met as planned.
• Perform the security audits at the location and provide the artifacts required.
• Ensure all the security standards are implemented according to ISO27001/NIST frameworks depending on client requirements.
• Provided leadership in architecting and implementing security solutions towards Qualys and SIEM tools like Splunk, ArcSight, Solutionary, LogRhythm, SCCM, Altiris, LanDesk, BigFix, and McAfee/Symantec.
• Subject matter expert (SME) for DLP, Firewall, VPN, Archer, Vulnerability Management solutions, IDS/IPS/WIPS, SIEM and Endpoint Security.
• LVM under Linux Suse and Red Hat operating systems/VM Ware.
• VBScript, Bash, and Powershell scripting. IIS, Apache Tomcat, MS Exchange 2010, Citrix XEN App/Desktop, SharePoint deployments, and system administration. Configured MS Exchange server roles mailbox, hub transport, messaging including transport rules and send connectors.
• Ensure the services are provided in accordance with location policies and laws. Cyber Governance and compliance is ensured.
• Identify any gaps in security standards and plan for mitigation or remediation accordingly. Document all the process followed.
• Monitor regularly and check if all mandatory security applications running active and up to date on all the critical devices.
• Provide Level 2 Operations support for end user resolution investigating RSA SIEM events to determine any true intrusions.
• Ensure regular backup for critical servers is maintained.
• Be a part of disaster recovery/ backup and restoration activities every quarter. Keenly verify the documents and approve accordingly.
• Forensic Toolkit, or FTK, is a computer forensics software made by AccessData. It scans a hard drive looking for various information.It provides comprehensive processing and indexing up front
• Utilize Security Information and Event Management (SIEM), Intrusion Detection & Prevention (IDS / IPS), McAfee Endpoint Encryption Data Leakage Prevention (DLP), forensics, sniffers and malware analysis tool.
• Built, migrated, and administered Windows 2003/2008/2012 , Linux, Solaris, and VMware servers, including ESX, P2Vs, SAN storage, fiber switches, and Commvault backups for 625 servers in multiple datacenters. Provided expert hands-on for Group Policy, Active Directory, DNS, DHCP, DFS, LDAP, IAS, CIFS, NFS, print servers, clustering, load balancing, and firewalls.
• Monitor the progress of initiatives/ solutions provided. Prepare a detailed report on the solution.
• Configured and administered VMware cloud server farms, updating and maintaining 600 virtual Windows and Linux servers. Coordinated and integrated security policies, patches, and vulnerability remediation across multiple platforms. Linux server trouble shooting, virtualization, and system administration.
• Being updated with latest technology and security standards. Be part of corporate calls and vendor management meetings.
• System configuration with Puppet. Financial ecommerce websites performance monitoring and application support. Patching with WSUS and later BigFix
• Review the security posture and assist the management in assessing the risks and controls that need to be implemented. Have strong understanding of the risk register, risk reporting and handling the risk events.
• Ensure cyber security framework is followed and helping team in building a streamline process for identification, detection and protection from threats, responding and recovery solutions are in place.
• Areas of Functional Expertise: Cloud Architecture & Engineering of Private /Hybrid/Public clouds, DevOps, Software engineering, product development, cloud engineering best practices, performance and scalability engineering, security, systems engineering and distributed system management.
• BCP and DR design and testing. Cisco switch, router and load balancing deployment. Windows and Mac desktop support.
• Created and improved documentation for critical infrastructure and to assist in knowledge transfers to teammates and new hires.
• Maintain the asset management of the location and have track of all the inventory including the data center. Assist in decisions on procurements of new infrastructure as required annually.
• Follow configuration management along all the activities performed.
• Articulating the thoughts clearly, plan initiatives, and execute with appropriate urgency.

Confidential, CA

Systems Engineer

Roles & Responsibilities:

• Regular monitoring of all the servers and perform health checks as required.
• Conduct vulnerability assessments and generic security scans of both systems and networks to identify and mitigate security vulnerabilities using Nexpose Vulnerability Scanner. Work on the VA report bi-weekly for the closure of active vulns.
• Maintained logs as a regular backup for DNS, DHCP, Firewall, and routers. Experience to run jobs and monitor regular (Weekly and Monthly) backups using Symantec Net backup client.
• VMware administration in V-Centre. Creation of Virtual machines for the projects on VMware - Nutanix environment and monthly maintenance activity for the Cluster.
• Follow and implement the Hardening checklist document on the critical Devices- Domain Controllers, DHCP, DNS, Linux machines, Server 2016, Server2012R2, Server2008R2.
• Manage all location servers - DNS, DHCP, AD, SCCM, Project application servers. Check if all mandatory security applications running active and up to date on all the critical devices.
• Troubleshoot issues timely to reduce any impact in production environment.
• Demonstrate the features and benefits of Security Initiatives of the organization to the staff and documented the operations.
• Ensure that all the machines are complaint w.r.t security patch. Work on the non- compliant report. Basic Knowledge on SCCM application Configuration Centre -Client Installation, troubleshooting, collection IDs, and deployments.
• Experience in Deployment tools-PDQ Deploy, Push Deployment tool, run batch files, Push through SCCM.
• Maintain location NAS and track file system activities on NAS-Creation of share on NAS and provide permissions as required by the project.
• Knowledge of Encryption agent. McAfee EPO -Encryption Process, Decryption using Wintech/Safetech, Bit locker enabling and disabling, Password recovery.
• Basic knowledge of DLP, Bluecoat, and Commvault, Lansweeper.
• Prepare Daily status report of all the activities and share with Service Delivery Owner.
• Generate daily reports for SLA status and Pending call Dashboard -Share with the team.
• Work on Audit Reports and share the documents as requested with Project teams during External and Internal Audits.
• Prepare Relationship Audit reports monthly and share with the Project Teams and Upload the same in SVN.
• Prepare monthly IST reports related to Servers and upload them in SVN.
• Change Passwords on the Critical Devices on monthly basis and share the closure documents with Corporate.