Candidate Information Title Security Engineer Target Location US-TX-Waco	20,000+ Fresh Resumes Monthly     View Phone Numbers     Receive Resume E-mail Alerts     Post Jobs Free     Link your Free Jobs Page     ... and much more Register on Jobvertise Free
Search 2 million Resumes Keywords: City or Zip:	Related Resumes

PROFESSIONAL SUMMARY:With over 10 years of experience in IT security, specializing in Threat Detection, SIEM (Splunk, QRadar), Vulnerability Assessment (Rapid7, Akamai, Qualys), AWS & Azure services, and Incident Response, expertise includes managing data encryption in Databricks, automating incident response with SOAR, and leading SAST/DAST vulnerability assessments. Proficient in cloud security (AWS, Azure, Google Cloud), with additional skills in IAM integration, firewall rule management, network segmentation, DLP policies in Microsoft 365, and threat management. Knowledgeable in OWSAP Top 10 vulnerabilities, SAML-Ping Federate, database activity monitoring (DAM), and building high-performing cybersecurity teams.PROFESSIONAL EXPERIENCE:Amwell, Massachusetts Oct 22 to Till DateSecurity Engineer/IT Security Manager (Blue Team-SECOPS)Worked on Threat Platforms providing Security information and recommendations on latest emerging threats & Vulnerabilities. Reported on customer data from Customer security appliances and SIEM to identify risks on AWS & Azure cloud-based accounts.Design and develop integration and automation between the organizations cyber security departmental tooling and software suites that maintain platforms.Implemented robust encryption mechanisms for data at rest and in transit within Databricks environments, ensuring compliance with industry standards.Developed and implemented a SOAR solution to streamline the incident response process and improve security operations.Managed the migration of the clients on-premises Exchange Server to Microsoft 365, ensuring a seamless transition with minimal downtime.Led the implementation of an enterprise-wide risk management framework for a multinational corporation, resulting in a 30% reduction in security incidents and improved regulatory compliance.Customize dashboard creation on SIEM for UBA, cisco, Checkpoint and Palo alto firewalls, switches, routers, legacy servers in Splunk, QRadar, MSSOnboard devices into SIEM (Splunk and QRadar) for log monitoring.Implemented Checkmarx for automated static application security testing, improving code quality and security.Implemented Cribl stream to legacy SIEM for easy onboarding of log sources.Getting data into your SIEM easier using Cribl stream.Ensured adherence to GDPR, HIPAA, and SOC 2 compliance standards through stringent data governance policies and regular audits.Integrated Checkmarx with CI/CD pipelines to enable continuous security checks and reduce time to detect vulnerabilities.Led the design and implementation of the SOAR platform, including integration with existing security tools and systems.Configured Microsoft Defender for Office 365 to provide advanced threat protection, including safe links and safe attachments.Functioned as primary focal point for customer regarding vulnerability scanning, web app scanning (Qualys,akamai), reviewing results, organizing findings into spreadsheet, facilitating recurring calls to disseminate and prioritize findings, providing recommendations to mitigate, and continuing to follow-up.Developed vulnerability management.Developed and implemented a third-party vendor risk management program ensuring all vendors met the organizations security standards before onboarding.Conducted security training and awareness programs to promote best practices within the team.Performed ADHOC scanning, discovery for legacy environments using qualys and tenable.Create NIST 800-53,800-53A,37 for running compliance-based access controlsAnalyze and review data from SIEM - QRadar for suspicious activity and trigger alerts to the concerned teams and applying rules and Building Blocks to SIEM.Designed and implemented a Zero Trust security architecture, leveraging IAM principles such as least privilege, continuous authentication, and network segmentation, resulting in enhanced protection against insider threats.Involved in leading Security Incident Response Team (SIRT)Performed vulnerability scanning using Qualys and Nessus.Extensive experience in securing Kubernetes clusters, ensuring containerized applications are protected against vulnerabilities and threats.Integrated SOAR with SIEMs, endpoint protection systems, and threat intelligence platforms to enhance overall security posture.Dedicated security monitoring and analysis of cyber security events (Triage) of tracking phishing URLs, and emails and deep dug investigationsDesigned architecture layout For VPN Integration with Ping Identity for Multifactor Authentication with Ping Identity Products.Designed and implemented data backup and recovery strategies for Databricks to ensure business continuity and data availability in case of disasters or data loss incidents.Integration of different devices/applications/databases/ operating systems with QRadar SIEMFor configuration required to integrate PingID Multi-Factor authentication (MFA) into your VPN or remote access systemMonitor security alerts from IBM QRadar and report any issues to the concerned teamMonitor and analyze data feeds of events and logs from firewalls, routers, and other network devices or host systems for security violations and identify vulnerabilities-Qualys.Implemented network segmentation within Kubernetes clusters to isolate sensitive workloads and minimize attack surfaces.Implemented MFA for accessing Databricks environments to add an extra layer of security, ensuring only authorized users could gain access.Conducted SAST and DAST with tools like HP Fortify, IBM Appscan, Web inspect, Nmap, Nessus,QualysAnalyzed the Exploited systems with vulnerabilities using Metasploit frameworkStatic and dynamic scanning of various application using HP Fortify and HP Web inspect, identify false positives and reports it to SOCConfigure and install McAfee IPS sensors, and Cisco ASA with Firepower Appliances.Created automated scripts and tools to perform regular security compliance checks on Databricks environments, reducing manual effort and ensuring continuous compliance.Troubleshot and resolved client communication problems, and firewall and McAfee IPS blocking problemsImplemented and maintained McAfee Endpoint Encryption system to protect computersAdvanced threat detection, Antivirus, MacAfee IDS/IPS rule sets and signature creation, packet analysisCoordinate with subject matter experts to resolve any security incidents and correlate threat assessment data as neededResearch and recommend corrective actions to ensure information dissemination regarding targeted or potentially targeted attacksSupport in the detection, understanding and resolving information security incidents affecting information systems & the businessConfigured and optimized Microsoft Defender for Office 365s Advanced Threat Protection (ATP) to detect and block sophisticated email-based attacks.Responsible for the maintenance of the Disaster Recovery for incremental BackupsResponsible for IBM QRadar SIEM monitoring and configuration aligned to internal PCI and SOX controlsPerformed day-to-day administration of McAfee EPO 5.1 for maintenance of system policies, container maintenance, coordination of system maintenance and client upgrades for desktop environmentResponsible for assisting various sites with troubleshooting and integrating all aspects of the ePO5.3 suite to include HIPS, Asset Baseline Monitor, AV, Rogue System detection, Policy AuditorPerform vulnerability scanning and assist with compliance auditing to ensure customer networks conform to all relevant compliance standards, including NIST PCI-DSS, HIPAA and Sarbanes-OxleyManages PCI Compliance Program for organization protecting cardholder data and executing the PCI-DSS Program Life Cycle.Shell - Houston, TX Apr 19 to Sep 22Security Engineer/Security OperationsAnalyze and review data from SIEM - QRadar for suspicious activity and trigger alerts to the concerned teams and applying rules and Building Blocks to SIEMInvolved in leading Security Incident Response Team (SIRT).Monitored and analyzed Checkmarx scan results to identify trends and recurring security issues, driving improvements in coding practices.SIEM integration with QualysLed the development of an automated incident response system using SOAR technology to enhance the efficiency of the security operations center (SOC).Configured and maintained Checkmarx for various programming languages and frameworks, ensuring comprehensive security coverage.Secured Kubernetes clusters deployed across AWS, Azure, and Google Cloud by implementing unified security policies and automated compliance checks.Dedicated security monitoring and analysis of cyber security events (Triage) of tracking phishing URLs, and emails and deep dug investigationsIntegration of different devices/applications/databases/ operating systems with QRadar SIEMRan ad-Hoc scans using Qualys vulnerability scannerMonitor security alerts from IBM QRadar and report any issues to the concerned team.Developed and implemented security policies within Checkmarx to enforce secure coding standards and guidelines.Monitor and analyze data feeds of events and logs from firewalls, routers, and other network devices or host systems for security violations and identify vulnerabilitiesConducted SAST and DAST with tools like HP Fortify, IBM Appscan, Web-inspect, Nmap, Nessus.Designed and configured the SOAR system to integrate with existing security tools, including SIEM and threat intelligence platforms.Analyzed the Exploited systems with vulnerabilities using Metasploit frameworkStatic and dynamic scanning of various application using HP Fortify and HP Web inspect, identify false positives and reports it to SOCConfigure and install McAfee IPS sensors, and Cisco ASA with Firepower AppliancesTroubleshot and resolved client communication problems, and firewall and McAfee IPS blocking problemsImplemented and maintained McAfee Endpoint Encryption system to protect computersAdvanced threat detection, Antivirus, MacAfee IDS/IPS rule sets and signature creation, packet analysisCoordinate with subject matter experts to resolve any security incidents and correlate threat assessment data as needed.Automated image scanning and vulnerability management using Aqua Security integrated with CI/CD pipelines.Support in the detection, understanding and resolving information security incidents affecting information systems & the businessIntegrated the SOAR platform with threat intelligence feeds and existing security systems to enrich detection capabilities.Research and recommend corrective actions to ensure information dissemination regarding targeted or potentially targeted attacksResponsible for the maintenance of the Disaster Recovery for incremental BackupsResponsible for IBM QRadar SIEM monitoring and configuration aligned to internal PCI and SOX controlsPerformed day-to-day administration of McAfee EPO 5.1 for maintenance of system policies, container maintenance, coordination of system maintenance and client upgrades for desktop environmentResponsible for assisting various sites with troubleshooting and integrating all aspects of the ePO5.3 suite to include HIPS, Asset Baseline Monitor, AV, Rogue System detection, Policy Auditor.Upgraded and optimized the existing SOAR platform to handle increased data volumes and improve response capabilities.Perform vulnerability scanning and assist with compliance auditing to ensure customer networks conform to all relevant compliance standards, including PCI-DSS, HIPAA and Sarbanes-OxleyManages PCI Compliance Program for organization protecting cardholder data and executing the PCI-DSS Program Life Cycle.Integrated IAM with data protection mechanisms to enforce role-based access controls (RBAC) for sensitive datasets, reducing insider threat risks and ensuring that only authorized personnel could access critical data.Southwestern Energy - Spring, TX Aug 16 to Mar 19Security EngineerAnalyze and review data from, SIEM  QRadar, Splunk for suspicious activity and trigger alerts to the concerned teamsIntegrated Vulnerability scanning tool Qualys into QRadar, SplunkTroubleshoot and researched security incidents based on QRadar, Splunk Network Flow and Log ActivityAnalysis of multiple log sources including firewalls, routers, switches, web servers and multiple networking devicesResponsible for assisting with deployment of network infrastructure configurations across multiple product and technologiesIntegrated compliance tools and reporting requirements into the SOAR platform.Acted as the primary responder for managed security incidents pertaining to client firewalls and all network infrastructure componentsResponsible for the maintenance of the Disaster Recovery plan and Business Continuity PlansPart of the Blue Team to identify the vulnerabilities and have a defense mechanism in placeLearned and helped IR team with Log collections, analysis, and forensic activitiesInvestigating logs and payloads for server crashes/core dumps, DDoS attacks, SQL/XSS, SPAM, etc.Automated security checks using tools like Trivy and Anchore during CI/CD, preventing the deployment of vulnerable images.Installing and configuring Qualys in premises and on cloud environmentResponsible for performing vulnerability assessment on critical systems using QualysConfigured and scheduled Qualys Scanner in QRadar to perform scan on regular intervalsCollaborate with team members in tuning SIEM applications to establish a baseline for network activity and rule out false positive eventsCoordinate with SMEs to resolve any security incidents and correlate threat assessment data as neededSupport in the detection, understanding and resolving information security incidents affecting information systems & the businessResearch and recommend corrective actions to ensure information dissemination regarding targeted or potentially targeted attacks.Developed custom scripts for automating security audits and generating compliance reports for management.Investigate, document and recommend appropriate corrective action plans relating to IT securityProvide root cause analysis and remediation techniques for management regarding security incidents and governance documents.Citigroup  New York, NY Feb 14 to July 16Security AnalystMonitor, Analyze and respond to security incidents in the infrastructureTroubleshoot any security issues found in the infrastructure per the security standards and proceduresExpert in using Burp Suite for web application penetration testsActively used NMAP for port scanning and made sure only appropriate ports are in useActively researched on any security gaps that are beyond the ability of detection by any security scannerResponsible for performing periodic Vulnerability assessment (VA) as per the security policy and standardsInvolved in documenting all web applications and systems, audit data and ensuring compliance with legal and regulatory requirementsEngaged the development team to incorporate security in all phases of SDLC and to perform Threat Modeling, Risk Management, Logging, Penetration Testing, etc.Conducted application penetration testing of 20+ business applications and compliance audits.TECHNICAL SKILLS:SIEM Tools: QRadar, Splunk, Symantec MSSEDR: Crowd strike, MS-Defender ATP, Mcafee, Cylance, carbon blackSecurity/Vulnerability: Snort, Wireshark, Insight Vm Nexpose, Nessus, Qualys Appscan, Web inspects, FortifyFirewalls Checkpoints, Palo Alto next gen PA820, PA3200, PA220 Fortigate 1500,3600,3700Compliance: SOX (CoBIT, Coso) PCI, NIST SP 800-53,53A, HIPAA, HITRUST, MARS-E 2.0, FISMANetworking Protocols: TCP/IP, HTTP/HTTPS, SSH, SSL, DNS, SNMPNetworking Monitoring: Routers, Switches, Load balancers, Cisco VPN, NAC/NAPEmail Security Tools: O-365 Suite, Barracuda-spam firewall, Guava-E-mail Filtering ServiceMFA & SSO: Ping Identity (Ping-one, Ping-Federate)Encryption: Two fish, Blowfish, AESThreat Management: Fire eye, MacAfee _epos & Hips, Websense, I prism (URL filtering service), FortinetsNetwork Monitoring: ScienceLogic, Solar winds (NPM, SAM)Patch Management: Lumension-Prism, sccmCertificate Monitoring: Digi-certOperating Systems: Linux (kali Linux, red hat Linux), WindowsTicketing Systems: Service Now, Remedy, Heat, ClarifyDAM: IBM Info Sphere GuardiumDLP & EDR TOOLS: SYMENTEC, digital guardian, McafeeEDUCATION:Bachelor of Technology in Mechanical Engineering  JNTU, Hyderabad, India - 2011M.S. Mechanical Engineering - The University of Texas, Austin, TX (2011-2013)