| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidate
Name: Candidate's Name
E-mail: EMAIL AVAILABLE
Phone No: PHONE NUMBER AVAILABLEProfessional Summary:
Over 7 years of experience in designing, architecting, deploying, and troubleshooting Network & Security infrastructure. Proven ability to lead cyber security service request management, ensuring high levels of service and adherence to SLAs. Proficient in advanced cyber security techniques, network-based intrusion detection systems, and various vendor equipment. Proven track record of successfully implementing and managing cybersecurity projects from inception to completion. Skilled in utilizing SIEM tools for managing security events and conducting big data analytics. Strong problem-solving skills and ability to quickly troubleshoot complex security issues. Experienced in implementing Single Sign-On (SSO), Two-Factor Authentication (2FA), and Multi-Factor Authentication (MFA) for web-based applications. Demonstrated ability to stay updated with the latest trends, technologies, and best practices in cybersecurity. Strong proficiency in scripting languages such as Python, Shell Scripting, and Perl, alongside technical expertise in Oracle SQL, CSS, HTML, and Auto Hot Key. Exceptional communication and interpersonal skills, with the ability to effectively collaborate with cross-functional teams and stakeholders. Dynamic leader with expertise in change management and a proven track record of building and leading cyber defense organizations. Experience in conducting comprehensive risk assessments and developing strategies to mitigate security risks. Expertise in configuring correlation searches, notable events, and risk scores in Splunk ES. Ability to translate technical concepts into easily understandable language for non-technical stakeholders. Hands-on experience with FireEye NX, EX, HX, PX, and IA, along with configuring secure web gateway technologies like Zscaler and Symantec. Experience in leading and mentoring junior team members, fostering a culture of continuous learning and development. Skilled in managing and developing content for QRadar SIEM, deploying SAML-based highly available solutions using Ping Federate, and integrating applications using SAML 2.0 protocol. Strong project management skills, including the ability to prioritize tasks, meet deadlines, and adapt to changing priorities in a fast-paced environment. Experienced in troubleshooting high-severity issues related to McAfee ePO and McAfee endpoint products. Experience in regulatory compliance frameworks such as GDPR, HIPAA, or PCI DSS, and ensuring organizational compliance with relevant regulations. Proactive approach to security, including the ability to anticipate and mitigate emerging threats before they impact the organization.TECHNICAL SKILLS:Log Analysis ToolServer 5.x/6.x, Splunk Universal Forwarder 5.x/6.x, Splunk DB Connect, Splunk PhantomCyber security solutionFireEye CMS, NX, EX, HX, IA, PXIDS/IPSCisco FMC1500, FMC2000, FMC3500Compliance toolSymantec control compliance suitePacket captureNet flow integrator, Wireshark, SolarWinds, TcpdumpE-Mail securityFireEye email security (EX series)Event ManagementRSA Archer, Blue Coat Proxy, ArcSight, Splunk, LogRhythmSecurity TechnologiesWhitehat Web Security, NTT Security, LogRhythm, McAfee Nitro (SIEM), McAfee ePO, McAfee Endpoint Protection SuiteSIEMIBM QRadar security manager, Splunk, LogRhythm, IBM QRadar 7.3.2, Basic knowledge on MacAfee nitroSecurity ToolsIBM QRadar, McAfee Vulnerability management solutions, IBM Tivoli Access Manager 6.1.1, Nessus, SolarWinds, LogRhythm, CyberArk, Nmap, Tripwire, Symantec Endpoint Security, IBM Identity Management and p6Scripting LanguagesPython, XML, Shell script, Perl, JavaScriptProgrammingSQL/PL SQL, HTML, DHTML, XML.Operating SystemsUNIX, Linux, Ubuntu, IBM-AIX 5.Databases MS SQL, Sybase.Education Details: Bachelors in information technology | 2010Government Girls college Sheikhupura Punjab | PakistanWork Experience:Client: Maximus- Austin TX (Feb 2022- Present)Cyber Security Engineer Developing organizational policies and procedures using ISO 27001, PCI-DSS, SOX, CIS control document as a guide. Performing PCI-related audits and PCI DSS assessments. Providing IT security risk management consultancy to clients in preparation for PCI DSS assessments. Experience in Python, PERL, and Ruby general scripting, with hands-on experience in secure coding. Responsible for creating fine-grained access control in ISAM, including Policies, Resources, ACLs, and POPs. Experienced in implementing Docker containerization as part of Continuous Integration/Continuous Deployment (CI/CD) pipelines. Leverage threat intelligence feeds and hunting techniques to identify and investigate potential security threats. Implementing context-based and risk-based authentication for applications using second-factor authentication (2FA) and multi-factor authentication (MFA) in ISAM. Developing and enforcing access control policies within Tine, ensuring adherence to the principle of least privilege. Expertise with GitHub, Gitlab, Terraform, Pulumi, Ansible, or other CI/CD tools. Working with IBM teams to gather requirements and designing and implementing solutions to migrate applications from IBM to Ping Access. Automate security configurations, vulnerability scanning, and incident response processes using tools like Ansible. Integrating CyberArk Conjur with Infrastructure as Code (IaC) tools such as Terraform, Ansible, and Chef to automate provisioning and configuration securely. Cybersecurity and security remediation in Linux, CentOS, Windows cloud environments. Experience in Azure infrastructure management, including Virtual Machine Backup and Recovery from a Recovery Services Vault. Providing basic details on BitLocker, Zscaler, and McAfee Native Encryption 4.1 products, and troubleshooting issues. Design and implement security controls for cloud environments, ensuring compliance with standards and regulations. Integrated Docker with monitoring and logging solutions such as Prometheus, Grafana, ELK stack, or Splunk for proactive monitoring and troubleshooting. Facilitating Change Management planning and implementation across interdisciplinary development teams. Extensive experience with Symantec DLP and RSA DLP architecture and implementation for enterprise-level security. Creating Ansible playbooks to automate pre-configured instance deployment on AWS infrastructure. Experience with risk assessment using industry standards like FISMA, NIST 800-53 Rev3 and Rev4, HIPAA, PCI/DSS, and developing Security policy as per these standards. Manage IBM QRadar configuration files and upgrading the IBM QRadar Enterprise and security patching. Building and patching operating systems in Red Hat, Windows, and VMware environments. Configure firewalls, IDS/IPS, VPNs, and secure network architectures to protect against network-based attacks. Performing system security lockdowns as required by Information Assurance Manager and DISA IA requirements. Develop risk management strategies and mitigation controls in alignment with business objectives. Perform secure code reviews and penetration testing to identify and fix security flaws in applications. Writing policies, alerts, and configurations using SIEM tools. Developing and maintaining scripts using Python, Ruby, or Shell scripting to automate processes and integrate CyberArk Conjur with existing systems and workflows. Develop incident response plans and procedures for detecting and responding to security incidents. Writing and testing various exploits using Python and Ruby languages to locate system vulnerabilities. Resolving escalated tickets in Jira to ensure clients have uninterrupted access to web applications. Managing and coordinating activities for multiple data privacy information security. Supporting IT teams based on the latest risks and possible remediation, including integrating Splunk with Service Now, Active Directory, and LDAP authentication. Performing network and host Active Directory (LDAP) services monitoring and logging. Leveraging RESTful APIs to integrate CyberArk Conjur with various tools and systems for seamless access management and enhanced security.Client: Advinow AZ (Sep 2019 Nov 2021)Information Security Engineer Conduct cloud security assessments and audits to identify and remediate vulnerabilities and misconfigurations. Excellent ability to influence internal and external stakeholders and build consensus, driving cross-functional teams. Experience breaking down technical problems and providing effective solutions to management. Identifying security problem areas for compliance, accuracy, and productivity improvement. Integrate security testing and compliance checks into CI/CD pipelines for secure software delivery. Detecting security issues, creating customer tickets, and managing problems until closure, including Disk/File Encryption, Data Loss Prevention, and Enterprise Rights Management. Contract systems administration with LINUX & BSD UNIX, Red Hat, Fedora, RHEL Centos, including grid computing. Conducting Docker training sessions and workshops to promote adoption and proficiency in Docker technologies. Implementing encryption algorithms, key management practices, and cryptographic protocols to safeguard sensitive data managed by CyberArk Conjur. Experienced in integrating Splunk ES with other security tools and platforms to enhance visibility and response capabilities. Conduct digital forensics investigations to collect and analyze evidence from compromised systems. Utilizing pdadmin commands, Web Portal Manager, and LMI console for day-to-day ISAM administration tasks. Perform risk assessments and analysis to identify and prioritize security risks to the organization. Analyze security events and logs to detect patterns, trends, and emerging threats proactively. Creating Access Control Items, Services, and scheduling reconciliations on integrated resources in ISIM. Proficiency working with Windows, Linux, vulnerability assessment tools, firewalls, IDS/IPS, Nessus, NMAP, Splunk, ArcSight, Routers, Switches, LAN/WAN, TCP/IP protocols, VMware, Endpoint Security, and Cloud Security. Deploy security monitoring tools and SIEM solutions to collect and analyze security event data. Take snapshots and install fix packs for ISAM periodically as needed. Performing analysis of events/incidents and providing remediation suggestions. Installation and configuration of Microsoft Windows Server 2016 components like DHCP, Active Directory, DNS, Group Policies. Conduct network security assessments and penetration testing to identify and remediate vulnerabilities. Interpret and implement regulatory compliance requirements, preparing for audits and assessments. Hands-on experience with automation tools like Ansible. Creating comprehensive incident reports detailing findings, analysis, and recommendations for executive management and stakeholders. Experience in routing/switching, WAN/MPLS/VPN, SD-WAN, Cisco ACI, WLAN, Load Balancing, Zscaler. Designing and implementing security policies using ACL and IP Tables, configuring Cisco Routers using OSPF, EIGRP, etc. Performing white-box vulnerability assessment for applications developed in Microsoft Technologies for OWASP Top 10 vulnerabilities. Planning, drafting, and executing global IT/change management-related communications initiatives, projects, and programs. Follow secure coding principles to mitigate common vulnerabilities such as SQL injection and XSS. Assisting ISIM support personnel as needed in troubleshooting issues and implementing bug fixes. Configuration of major features like LAN IP Configuration and DHCP Server Configuration, Services, Port forwarding, and Rules, Firewall, and analyzing Diagnostics and Logs. Setting up Virtual Private Networks with appropriate user access control. Performing Vulnerability Assessment and Penetration Testing of Web Applications and Web Services following OWASP & WASC methodologies. Collaborating with cross-functional teams to assess requirements and design solutions leveraging CyberArk Conjur. Experience in setting up SAML flow for applications with custom IDP chaining requirements, OIDC, OAuth 2.0 flows. Using Microsoft Azure Security center to monitor the cloud environment. Deploying and configuring JIRA for issue tracking, workflow collaboration, and tool-chain automation. Providing guidance and assistance in setting up repositories in Bitbucket and maintaining code. Applying Option Packs and Servlet Exec on IIS for Federation with other PHP Products and SAML 2.0. Delivering detailed functional CIAM requirements that led to competitive RFPs to select future CIAM platforms. Collaborate with stakeholders to demonstrate compliance with GDPR, HIPAA, and PCI DSS. Systems administration experience with UNIX, LINUX, Windows, Solaris, LDAP, Active Directory. Experience with Automation Configuration tools like Ansible, Terraform, and CloudFormation. Installation and configuration of CyberArk and ForgeRock Identity Platform in POC environments. Initiating global projects deploying Zscaler, Symantec Endpoint Encryption, Qualys, and Sourcefire NIDs. Conducting application PKI enabling and performing testing of vendor products. Assisting in the configuration and use of Jira and Confluence. Maintaining PKI-related installation and training documentation. Install equipment cabinets, cables, hardware, firmware, and software, and manage Unix, Red Hat, and 2008R2 systems. Experience implementing/architecting cloud-based Active Directory solutions for Azure and AWS. Knowledge of Design, development, and implementation of highly scalable Identity and Access Management solutions using ForgeRock's Open Identity Suite. Penetrating networks, Firewalls, Mobile devices, and Web applications using various tools. Developed scripts to update attributes in E-directory using ice import and scheduled chrono jobs to run LDIF scripts. Configured Web servers with SiteMinder Single Sign-on (SSO) and migrated user store and policy store data from Active Directory to LDAP.Client: EviCore- Franklin (TN) (Feb 2017 - Jul 2019)Security Engineer
Assessed technology infrastructure to identify key risk areas and implemented controls to mitigate risks. Deployed and configured McAfee products, serving as a subject matter expert for McAfee suite of products. Profiled web and desktop applications for deployment into the ISAM-ESSO environment using Access Studio. Utilized Symantec DLP for monitoring the transmission of confidential data in corporate emails sent via Microsoft Exchange. Managed multiple change management initiatives, establishing communications processes, plans, and timelines. Configured Samba in a diverse network environment between Fedora, CentOS, and Windows systems. Conducted network and server vulnerability assessments and tracked risk mitigation using Nessus OpenVAS. Implemented security tools including Symantec DLP and QRadar SIEM. Stayed updated with the latest security threats and incorporated them into Splunk ES deployments. Conducted security incident investigations and monitored network traffic for unauthorized services. Maintained and upgraded IDS systems, creating custom reports to alert on anomalous traffic patterns. Worked on projects migrating to cloud services such as Azure, Office 365, and Amazon Web Services (AWS). Analyzing threat intelligence feeds to identify emerging threats and vulnerabilities. Developing strategies for proactive threat detection and response based on threat intelligence insights. Designing and implementing security architecture solutions to protect against advanced threats and vulnerabilities. Conducting security architecture reviews and recommending enhancements to existing infrastructure. Developing incident response plans and procedures to effectively mitigate and respond to security incidents. Conducting incident response exercises and simulations to test the effectiveness of response plans. Implementing security controls and best practices for cloud environments (e.g., AWS, Azure, Google Cloud). Configuring and monitoring cloud security services for threat detection and compliance. Ensuring compliance with industry standards and regulations (e.g., GDPR, HIPAA, NIST). Conducting security audits and assessments to identify compliance gaps and remediate findings. Developing and delivering security awareness training programs for employees to promote security best practices. Creating security awareness materials and resources to educate employees on cybersecurity risks and mitigation strategies. Conducting penetration tests and vulnerability assessments to identify weaknesses in systems and applications. Providing recommendations for remediation and risk mitigation based on assessment findings. |
