SULAIMAN MUHAMMAD acqijp@r.postjobfree.com

215-***-****

Summary:

Highly professional, self-motivated individual with excellent interpersonal skills. Six years experience in the identification and quantification of security risks for fortune 100 and Mid-Size Organizations. Strong experience in the area of machine data harvesting and Security Information and Event Management (SIEM), using tools such as Splunk for Security, Nessus, to monitor Syslogs, events and system auditing entries of networking components, database, remote access, single sign-on, firewall and border router configurations, and access control

Education:

Temple University- Major: Management Information Systems

Selected Courses:

Ethical Hacking, IT Governance, IT Service Delivery and Support, Data Analytics, IT Audit (graduate level)

Information Technology Skills:

Virtualization VM Ware Hyper V and VM Ware Fusion

Security Tools Kali Linux, Nessus, NMAP, Metasploit, WireShark

SIEM Solutions Splunk, SolarWinds, LogPoint,SourceFire

Productivity MS Office Suite and Office 365

Dev-Ops PHP, C++, Python 2.7 and 3.1,Java, Puppet, Chef

Databases NoSQL, Oracle 10g

Operating Systems Apple OSX, Linux, Windows Server 2008&2012,Windows 7,8,Exchange 2010

Networking Cisco Catalyst 2960 switch

Firewall Cisco ASA 5505 and Juniper

Backup Acronis, AVG Cloud Backup

EXPERIENCE:

Decision One Inc, Devon, Pa Jan 15 - Present

It Service Desk Analyst (Msp)

●Provide tier one and tier two support to a Fortune 10 Oil company and External clients who call into the service desk

●Support MDM (Mobile Device Management) software for end users using personal and company Iphones

●Performed basic Active Directory adds, deletes, and modifies of users, computers, and AD groups

●Unlocked accounts and did password resets on various systems

●Local and network printer troubleshooting

●Troubleshoot and resolve issues with TAS (Terminal Automated System written in Java hosted on RedHat Linux Server) used in production for running a refinery.

●Infrastructure: Encrypt data transmissions and supported firewall and IPS composition as well as assisted in drafting policy and procedures in relation to firewall concealment of confidential information as it is being transmitted to keep out tainted digital transfers.

●Maintained Quality of Service for clients Cisco Network (routers and switches) using SolarWinds to detect and resolve network performance issues and outages

●Enrolled users and monitored user access to the Oracle Financials Database

●Communicating with Senior DBA’s to get the necessary patches required to patch the database

●Offer solutions for Production/Development of database applications and ensured customer satisfaction as the prior important.

●

Sm Security Solutions Llc, Philadelphia, Pa Nov 09 - Dec 14

Security Consultant -Law Firms, Retail, Non-Profits, and Mid-Size Companies

●Managed server monitoring and log management using Splunk App for Security

●Oversaw and optimized the firewalls and intrusion detection systems using SourceFire

●Developed a comprehensive Payment Card Industry Data Security Standards (PCI-DSS) security breach incident response plan.

●Web Application Security Assessments: HP WebInspect and Burp Suite

●Penetration testing: Kali Linux and Metasploit

●In-depth TCP/IP protocol analysis use WireShark, NMAP and tcpdump

●Data Analyst for a Fortune 500 Bank in combating card abuse (money laundering and financial support of terrorism).

●Use Websense data loss prevention(DLP) solutions to secure confidential data and manage risk

●Examined security event data to identify patterns and trends, then normalize and integrate into existing automation tools to correlate the resulting data

●Reviewed, analyzed, and resolved over vulnerabilities in the production network

●Guided business units in developing and testing their IT Continuity Plans for all critical applications and Sarb-Ox applications.

●Managed the IT Continuity Plan Testing Lifecycle including requirements review, solution design, contract execution, test planning cycle, test execution, and post test wrap-up.

●Developed an Information Security Charter and a draft plan for an information security organization with defined roles and responsibilities, also created a Security Awareness Training Program

●Part of a team that was hired by HOYOS lab to perform black box penetration test of BOPS server. Tools like Nmap/Zenmap, Kali Linux, Metasploit 2.6, Armitage, OWASP Zap, Amazon VPC Machine, and WireShark were used and the server’s protection against SQL injection,Cross Site Scripting attack, Spam attack, Cross-site request forgery, OpenSSL Heartbleed exploit, JBoss exploit and Metasploit tomcat_mgr_login exploit were tested. An assessment of overall website security and recommendations for implementing a defense mechanism for identified vulnerabilities were made

Contact this candidate