Skills
TECHNICAL SKILLS:
Qualys Continuous Monitoring Vulnerability Management, Web Application Scanning, Threat Protection, Policy Compliance, Cloud Agents, Asset Management, Governance, Risk Management and Compliance.
Vulnerability Management Qualys, NESSUS, Insight VM, Defender TVM, HCL App Scan, Burp Suite Pro, Vera code, OWASP Zap, SoapUI Pro, NMAP, Wireshark, Kali Linux suite, Metasploit.
Protocols TCP/IP, L2TP, PPTP, IPSEC, IKE, SSL/TLS, SSH, UDP, DHCP, ARP, DNS.
Cyber Security Solutions FireEye CMS, NX, EX, HX, IA, PX.
Packet Capture Netflow integrator, Wireshark, SolarWinds, Tcpdump.
E-Mail Security FireEye email security (EX series).
Security Tools OWASP ZAP Proxy, Dirbuster, Splunk, Nikto, Metasploit, Burp Suite, App Scan, Veracode.
Event Management Splunk, RSA Archer, Blue Coat Proxy, ArcSight, LogRhythm, IBM QRadar security manager.
Security Software Nessus, Metasploit, Snort.
Frameworks NIST SP 800-53, NIST SP 800-171, ISO 27001/31000, HIPPA, HITRUST CSF, PCI DSS, PKI-RSA, CVE, SANS 25.
Security Technologies Whitehat Web Security, iDefence, NTT Security, LogRhythm, McAfee Nitro (SIEM), McAfee ePO, McAfee Endpoint Protection Suite.
SIEM IBM QRadar security manager, Splunk, LogRhythm, IBM QRadar 7.3.2, McAfee Nitro.
Security Tools IBM QRadar, McAfee Vulnerability Management Solutions, Nessus, SolarWinds, LogRhythm, CyberArk, Nmap, Symantec Endpoint Security.
Firewalls WAF, Checkpoint, ASA
Scripting Languages C, C++, Python, XML, Java, Shell Script, Perl, .NET Framework (C#).
Operating Systems Windows (2016, 2019), Oracle Linux, RedHat Enterprise Linux, Ubuntu Linux.
About
Professional Summary:
• Over 8 years managing and optimizing Sentinel One and CrowdStrike Falcon for endpoint detection and response (EDR), improving threat detection and prevention across enterprise environments.
• I specialize in Cloud Security, Information System Audit, Networking, Identity and Access Management, Threat Analysis/Intelligence, Risk Assessment, IT Control implementation, product and tools support, Security and Compliance Analysis.
• Self-motivated problem solver with extensive experience in incidence response, vulnerability management, NIST and SOX Audit.
• Led the deployment of Zscaler for a complex enterprise environment, ensuring seamless integration with existing network infrastructure to enhance web security and enforce access controls.
• Extensive experience in SIEM operations and implementation, administration, implementation and monitoring. Working as a part of the Threat Intelligence team performing, data security, Triage events, Incident Analysis, malware analysis, advanced cyber threat detection & security advisory integration with RSA Netwitness.
• Led teams in troubleshooting complex security and infrastructure challenges, finding efficient and effective solutions for both cloud and on-premises environments. Architected secure, resilient service models that support business objectives.
• Experience with network monitoring using SIEM Splunk/IBM QRadar and Solarwinds, Information Security & Network security configuration and functions.
• Performed troubleshooting and resolution (TRB) of deployment-related issues during the installation of Zscaler, Tanium, Qualys, and Defender, coordinating with vendors and internal teams to resolve compatibility or performance issues.
• Developed and implemented application security controls such as input validation, authentication mechanisms, and encryption to prevent security breaches. Regularly updated security measures to meet evolving threats and regulatory standards.
• Designed service architectures for cloud and on-prem infrastructure, optimizing for security, scalability, and performance. Applied best practices for data protection, disaster recovery, and multi-cloud integration.
• Experience in planning, monitoring, and updating security programs and advanced technical information security solutions.
• Customized Policies, Procedures, and security settings per individual client requirements in CISCO Umbrella.
• Hands-on experience with EDR platforms, threat analysis, threat hunting, and incident response, leveraging frameworks such as MITRE ATT&CK.
• Designed Incident Response Plan and worked with Director to build a SOC team to implement various monitoring solutions and handling security incident for on premises and in cloud.
• Knowledge of Computer Networking Basics, SOC Components, OSI model, TCP/IP protocols, Data Backup Basics, Information Threats and Attacks.
• Experience in Palo Alto Firewall, VPNs, and networking with protocols i.e. NetBIOS, SNMP, telnet, SSH, ARP, etc.
• Perform Risk Assessment, Gap analysis & create Risk Mitigation plan.
• Strong understanding of enterprise, network, system/endpoint, and application-level security issues and risks.
• Oversee Vulnerability assessment / penetration testing of scoped systems and applications to identify system vulnerabilities.
• Experienced using various security End-Point Protection tools.
• Worked on data loss and prevention tools - McAfee DLP and McAfee FRP
• Experience developing strategic plans for agency-wide implementation to address the operations of client services, product support, and quality assurance.
• Hands-on experience writing correlation rules based on business use cases independently. Experience in handling cyber security risk management framework assessments; ensuring enterprise cyber security policies fully support all legal and regulatory requirements.
•Experience in supporting and maintaining cybersecurity tools and technologies, including IDS/IPS,
UTM, WAF, NAC, DLP, SIEM, and other management and threat detection technologies.
•Perform User Behavioral Analytics through (Advanced Threat Analytics) to identify suspicious activities on the network in several phases of Cyber Attack Kill Chain.
Profile Photo
