| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name
Security EngineerPROFESSIONAL SUMMARYTXAccomplished Security Analyst with over 3 years of experience specializing in cybersecurity, cloud computing, and DevOps technologies.Proficient in designing and implementing robust security measures, including Vulnerability Assessment and Penetration Testing(VAPT) procedures, leading to a significant reduction in high-risk vulnerabilities.Skilled in AWS cloud services, with a track record of optimizing resource utilization and reducing costs through fine-tuning services like EC2, S3, and RDS.Expertise in DevOps methodologies, with a focus on automating server build management, monitoring, and deployment using Ansible, resulting in a 40% reduction in build and deployment times.Strong identity and access management (IAM) background, including Single Sign-On (SSO), Role-Based Access Control (RBAC), and compliance and auditing technologies, enhancing security infrastructure design.Proficient in using Python for security-related tasks, such as scripting and automation of security processes, allowing for efficient management of security controls and tasks.Experienced in managing Linux and Windows virtual servers on EC2 and familiar with Cloud and Elastic environments, contributing to efficient cloud operations.Deployment, support and management SME for Cyber Ark EPM software on endpoints, including but not limited to, upgrades, single machine policies and software removal.Configured and maintained firewall rules, conducted regular audits, and implemented intrusion detection and prevention systems(IDPS) to enhance network security and restrict unauthorized access in alignment with security policies.Managed and configured proxy servers, including the implementation of content filtering policies to regulate internet traffic and restrict access to specific websites or content categories.Experienced as a Splunk Engineer configuring, implementing and supporting Splunk Server Infrastructure across Windows, UNIX and Linux environmentsExperienced in branching, tagging and maintaining the version across the environments using SCM tools like GIT and Subversion(SVN) on Linux and Windows platforms.CORE QUALIFICATIONSLanguages:Python, C++, Vulnerability Scanner (Nessus, Acunetix, Nexpose), Adversary Emulation (MITRE Engenuity,Caldera), SIEM (Splunk, Log Rhythm), AWS, Docker, Virus Total, Kibana, SQL, RegEx, SigmaFramework:NIST, MITRE ATT&CK, PCI-DSS, HIPAA, ISO 2700x, CCPA Tools:Burp Suite, Nmap, Fiddler, Metasploit, Wireshark,Spiderfoot, TestSSL, OpenSSL, Sqlmap, Dir-buster, OWASP- ZAP, Shodan, Nikto, MobSF, Drozer, JD-GUI, Postman, EDUCATIONNetworking:Firewall, WAF Configuration, Proxy Gateways,Network Protocols, Network Access Control,SIEM Tools, Network Security PoliciesOperating Systems:Windows, macOS, Ubuntu, Kali Linux, Parrot OSOthers:Web Security, OWASP Top 10, Attack & ThreatSimulation, API Security and Thick Client Security Assessment and Penetration Testing, VulnerabilityAnalysis, Intrusion Detection & Prevention - IDS/IPS, Network Security, Cloud Security, Digital Forensics, Configuration Audits, Security Operations. Certified Master of Science (MS): Cybersecurity, May 2024University of Texas at Dallas - TexasBachelor of Technology: Computer Science and Engineering, Jun 2022 Bharat University - Chennai, IndiaCERTIFICATIONSCertified Ethical Hacker (CEH) from Sytech Labs - CompTIA Security+ Certified - Qulays vulnerability management and cloud configuration from Qulays Official Website - Azure Database administration by LinkedIn - Certified Information Security Manager by LinkedIn - Certified Information Security Manager by LinkedIn - Certified Forensic Investigator from Ucertify - Vulnerability Assessment and Penetration Testing (VAPT) from Sytech Labs EXPERIENCEInformation Security Analyst Jan 2024 to CurrentAmerisource Bergen - TXEngineered a Jenkins-based CI/CD system on a Kubernetes container environment, reducing build and deployment times by 40%.Developed and executed new incident response procedures, leading to a reduction in mean time to resolution (MTTR) for high- severity incidents.Conducted extensive Vulnerability Assessment and Penetration Testing (VAPT) on the company's web-based applications and network, identifying and mitigating 25 high-risk vulnerabilities within the first quarter.Managed all Advanced Cybersecurity Center (ACC) systems using Defender ATP, leading to a 20% reduction in security incidents related to endpoints.Developed custom Python scripts for log analysis and security monitoring, enabling real-time detection of security incidents and reducing response time by 25%.Implemented and fine-tuned AWS services such as EC2, S3, and RDS, resulting in a 15% cost reduction and a improvement in resource utilization.Investigated and successfully blocked sources of malicious network traffic at the perimeter firewall, enhancing network security.PHONE NUMBER AVAILABLE- EMAIL AVAILABLEGhidra, Frida, FTK Imager, Autopsy, Volatility, Hydra ServiceNow Expertise, LAN/WAN, configuring, Cisco routers switches, firewalls (ASA), VPNs, VLANs, and VoIP phone, Cyber Gate Applications and spynote for android devices(RATS)Implemented and continually fine-tuned WAF rules to safeguard web applications against prevalent security threats, including SQL injection and XSS attacks. This proactive approach resulted in a 25% reduction in successful security breaches and ensured robust protection for web applications.Successfully eradicated and escalated issues related to VPN logins and ATP unauthorized endpoints, improving the companys cybersecurity posture by resolving over 200 incidents within the first month of implementation. Cyber Security Analyst and Penetration Tester Aug 2019 Jun 2022 Sytech Labs - IndiaPerformed audit of IT general and application controls, information security, system development, change management, business continuity, disaster recovery and computer operations.Trained in application security testing and network security particularly focused on performing technical activities such as vulnerability analysis and penetration testing, resulting in 15% faster incident response.Collaborated with cross-functional teams to create customized alerts within Splunk, reducing false positives by 60% and allowing for more efficient threat detection.Developed and executed incident response procedures resulting in a 30% decrease in the meantime to resolution (MTTR) for high- severity incidents.Conducted thorough analysis of the company's web-based applications and network infrastructure using various VAPT tools.Created automated alerting systems using Python to notify security teams of potential threats and vulnerabilities, resulting in a 30% reduction in response time to critical incidents.Outperformed in dynamic analysis and good knowledge of finding vulnerabilities like XSS, CSRF, SSRF, IDOR, SQL Injection, Privilege Escalation, Sensitive Info Disclosure, XXE, etc., providing actionable insights for remediation and risk mitigation, resulting in 60% fewer vulnerabilities.Provides professional security engineering and compliance efforts according to PCI-DSS to develop security infrastructure monitoring and incident management scorecard reporting systems for executive management review.Demonstrated expertise in a wide range of network protocols, including TCP/IP, HTTP, HTTPS, DNS, and SNMP. Proficiently troubleshooted network protocol issues, resulting in a 20% improvement in network performance. Implemented secure communication protocols like SSL/TLS, ensuring data encryption and enhancing network security.Assisted in internal cybersecurity initiatives by providing guidance and validation of controls implementation.Provided daily troubleshooting and support for digital rights management on Windows and Linux platforms, resulting in a 15% reduction in incident rates and ensuring seamless data access.Conducted risk assessments on business and operational processes, procedures, and policies; interpret audit results and make conclusions on the adequacy and reliability of controls; prepare and present reports, as necessary.Implemented process automation using scripting languages, significantly reducing manual tasks and improving overall operational efficiency by 30%.Represent the IT organization in interactions with internal / external auditors, attorneys, regulators and other 3rd parties within the scope of their domain expertise.Initiated cross-functional collaboration efforts between IT Security and IT Operations teams, leading to a 25% improvement in incident response times and seamless information sharing. |
