Professional Documents
Culture Documents
PROFESSIONAL PROFILE
Threat and Vulnerability Management | Risk Management |Identity Access Management| Incident Management |
Secure Configuration Management | Cyber Security Management Strategic Planning and Implementation | SIEM |
Regulatory Compliance | Cloud Computing | Encryptions Implementation |MFA | PKI | SSO |KPI | Mean Time |
Change Management | Software Development Life Cycle Management Deployments and Migrations | Security
Implementation Administration |Web Penetration Testing.
QUALIFICATIONS PROFILE
▪ A multifaceted professional, extensive experience and skills in threat and vulnerability management,
information security analysis, information security architecture, information security policy design, risk
assessment, security incident response, and security solution implementation and administration.
▪ Skilled at designing and implementing cyber security solutions for global financial organizations that
consistently reduce security costs while elevating the security status of the environment.
▪ Partner with teammates and other IT groups to research, assess, and recommend improvements of control
environments through data analytics
▪ Excellent verbal & written communication skills with an ability to adapt communication style to intended
audience
▪ Experience working with data analytics tools such as Cognos & Power BI
▪ Monitoring of security events using SIEM tools such as SPLUNK and MCAFEE EPO , looking for significant
events and processing reports of unexpected network activity
▪ Knowledge of Vulnerability Management and Assessment Process with NESSUS and QUALYS.
Used NESSUS for scanning network & host, writing Policies, generating and analyzing report.
▪ Knowledge in implementing various EDR Tools such as CROWD STRIKE and CHECK POINT to stop
breaches and various malware and malware free attacks in the cloud environment
▪ Experience working with and implementing various Firewalls such as PALO ALTO and CISCO
▪ Understands user authentication including Remote Authentication Dial-In User Services (RADIUS) and
Terminal Access Controller Access Control System(TACACS+)
▪ Experience with architecting Symantec DLP Platforms.
▪ Expert in installing SPLUNK logging application for distributed environment.
▪ Monitored and researched Cyber Threats with a direct & indirect impact to the organization internally
▪ In-depth knowledge of the most common cyber attacks and understanding of taking the preventative
measures in order to minimize, stop, or decrease the severity of the attacks
▪ Expertise in Microsoft AZURE cloud services( PaaS & IaaS), Application Insights, Document DB, Internet of
Things (lot), Azure Monitoring, Key Vault, Visual Studio Online (VSO) and SQL Azure
▪ Manage different AZURE environment for provisioning of Linux servers and services executed by the
providers
▪ Good at Managing hosting plans for Azure Infrastructure, implementing & deploying workloads on Azure
Virtual Machines (VMs)
▪ Familiar with implementing various SSO services such as SAML, OAUTH 2.0, OIDC, LDAP, PingFederate
▪ Provide token support to MFA and PKI Authentication
▪ Assisted in setting up various Authentication Methods including MFA, 2FA, SSO, EAP, CHAP
▪ On-boarding of Privilege Accounts to CyberArk, Configured CyberArk to MySQL, Oracle databases.
▪ Perform Risk Assessment, Gap analysis & create Risk Mitigation plan
▪ Configured and involved to set up architecture of WAF(web application firewall) to inspect http traffic with
content filtering feature to prevent against SQL injection, cross-site scripting, buffer overflow, cookie
poisoning and security misconfiguration
▪ Hands on experience in Active Directory and scripting language such as Python, Shell Script, XML and Perl
TECHNICAL ACUMEN
▪ Migrated organizations existing DLP Polices from Microsoft Exchange Center to Microsoft Compliance
Center
▪ Configured new DLP Policies and Rules to ensure organization was under HIPPA Compliance
▪ Tested and fine tuned newly configured DLP Polices and Rules up to company standards
▪ Enabled DLP Alerts and Policy Tips within O365 Compliance Center
▪ Educated entire company on the newly implemented DLP Policies pertaining to sensitive data
▪ Educated employees on types of sensitive information that should not be shared externally
▪ Documented changes to the organizations DLP Police as well as how to handle Service Tickets related to
DLP alerts
▪ Enabled two-way encryption on all outgoing and incoming data being shared from Exchange Online,
OneDrive, SharePoint and Microsoft Teams
▪ Monitored Phishing Emails on a daily basis
▪ Analyzed malicious phishing emails with tools such as Microsoft Defender, Joes Sandbox, and Rapid7
▪ Educated employees on the different types of malicious phishing emails and various clues to examine
while opening up a potentially malicious email
▪ Responsible for monitoring, detecting and investigating various SOC Alerts such as Risky Sign Ins with tools
like Microsoft Azure and Rapid7
▪ Worked with Neu Gen Health’s SOC team to improve organization’s security posture while preventing,
detecting, analyzing, and responding to cybersecurity incidents.
SUBWAY, MILFORD, CT July 2018 to March 2021
Cyber Security Engineer
Responsibilities
▪ Worked on tools like Active Directory and Group Policy, Symantec Data Loss Prevention, Symantec End-
Point Protection Manager, Symantec Endpoint Encryption, and Windows Server Update service
▪ Performed real-time proactive Security monitoring and reporting on various Security enforcement
systems, such as SPLUNK & LogRhythm (SIEM)
▪ Provide Level 2 Operations support for end user resolution investigating RSA SIEM events to determine
any true intrusions
▪ Involved in design and implementation of Data Center Migration, worked on implementation strategies for
the expansion of the MPLS VPN networks
▪ Identifying and remediating any threats and vulnerabilities as a Security Monitoring (SOC), Triage and
Escalation to T2
▪ Analyzed available security information, to included results of configuration compliance verification,
vulnerability scans, database assessments, security and system patch
▪ Involved in working on Data Monitoring Tool IBM Guardium
▪ Conceptualize and implement DLP Program and policies
▪ Executed on-demand security scans through vulnerability management software tools like Nexpose,
Nessus
▪ Install and manage Symantec DLP for testing in the environment for security compliance
▪ Creation, development, and/or restructuring of DLP programs from conception to fully operational state
▪ Responsible for Privileged Account Management using Ping Identity Software
▪ Performed Monthly and quarterly Scans using Symantec DLP and done the escalation of critical data found
on Share devices and Shared drives. Created and managed DLP policies
▪ Information protection solutions including Monitoring, DLP and Security Auditing solutions from Symante
▪ Deployed and utilized vulnerability detection tools (Nessus, Nexpose, Qualys) to help estimate security
posture of environment
▪ Upgrade, Patching, and Configuration, Security planning, review and auditing logs
▪ Implementing QVM (QRadar Vulnerability Manager) and QRM (QRadar Risk Manager) with
IBM QRadar and performing Scan Policies, Profiles, device configurations etc.
▪ Provided leadership in architecting and implementing security solutions towards Qualys and SIEM tools
like Splunk, Solutionary and LogRhythm
▪ Documenting incident results and reporting details through ticketing system
▪ Researching, analyzing and understanding log sources from security and networking devices such as
firewalls, routers, anti-virus products, and operating systems
▪ Provided guidance for equipment checks and supported processing of security requests
▪ Utilize Security Information and Event Management (SIEM), Intrusion Detection & Prevention (IDS / IPS),
Data Leakage Prevention (DLP), forensics, sniffers and malware analysis tools
▪ Upgrading and Troubleshooting of Linux based QRadar servers and managing them through server
management consoles and jump boxes
▪ Vulnerability assessment, penetration testing, Risk assessment, Threat management, Security advisories,
compliance audits, IT security assessment
▪ Worked with IBM QRadar SIEM Integration and responsible for integrating the log sources with IBM
QRadar
▪ Monitor and investigate SOC incidents and alerts with McAfee EPO
▪ Monitor their organization’s networks for security breaches and investigate a violation when one occurs
▪ Prepare reports that document security breaches and the extent of the damage caused by the breaches
▪ Establish a strong GRC (Governance, Risk and Compliance) practice to ensure adherence to best practice,
regulatory requirements and ISO 27001.
MERCK SHARP & DOHME CORP, WEST POINT, PA Sept 2013 to Nov 2015
Cyber Security engineer
Responsibilities
▪ Analyze Vulnerabilities reports from various scans and assessments by acting on high risk / critical
Vulnerabilities
▪ Management of system security and file system security policies and analyzing systems to determine ways
of improving performance
▪ Conducting routine checks, warranty claims, hardware failure, replacement, software up-gradation,
download patches and hotfixes.
▪ Coordinate and manage team activities during assessment engagements
▪ Establish schedules and deadlines for assessment activities
▪ Prioritize vulnerabilities/assets that should be patched during maintenance cycles
▪ Used automated Vulnerability assessment tools such as Nessus and Nexpose
▪ Monitored and remediated daily security alerts generated by end users with the tools like Intel/McAfee
SIEM, Force Points Websense, and Intel/McAfee EPO and also responsible for effectiveness of tools and
scans, as well as assessing and tracking risk of exposure
▪ Worked on SIEM, Threat and Vulnerability management
▪ Assist management in authorizing the IT Systems for operation on the basis of whether the residual risk is
at an acceptable level or whether additional compensating controls should be implemented
▪ Created the reports based on operating systems and vulnerabilities provide the reports to concern
technical team
▪ Performed Nexpose and Nessus scans of new and existing servers and PC’s to determine what
vulnerabilities present a threat to the network and require remediation.
▪ Ensured system vulnerabilities were corrected, patched and updated
▪ Involved and responsible for deep packet inspection with experience of Wireshark, SolarWinds and
Tcpdump
▪ Comprehensive knowledge in ITSM ticketing tools such as ServiceNow and JIRA Service Desk
▪ Analyzed information systems to meet Department of Defense (DoD) security requirements
▪ Managed Cyber Security threats through prevention, detection, response, escalation and reporting in effort
to protect Enterprise IT Assets through Computer Security Incident Response Team (CSIRT)
Certifications: CompTIA CNIP, CompTIA Security+, CompTIA Network+, CompTIA Sever+, MTA Networking,
MTA Security, LINUX