Post Job Free
Sign in

Information Security Network

Location:
Chicago, IL
Posted:
May 13, 2024

Contact this candidate

Resume:

Name: Syed Jaan Mohammed

Email ID: ad5ocj@r.postjobfree.com

Phone No: 872-***-****

URL: https://www.linkedin.com/in/syed-jmohammed

PROFECIONAL EXPERINCE

Professional with 9+ years of extensive experience in Risk Analysis, SIEM, Endpoint Security, DLP, Network Security, Email Security, Web Gateway, Vulnerability Assessment, Pen testing, Windows Server, Domain technology, Antivirus servers, etc.

Expert in Vulnerability Assessment using Qualys, Nessus, and Nexpose tools to evaluate attack vectors, identify system vulnerabilities, and develop remediation plans and security procedures.

Assisted in integrating regulatory compliance requirements (e.g., PCI, NIST) into the organizational security roadmap.

Hands-on experience with Forcepoint and Knowledge of distributed Splunk installation with Forwarders, Clusters, and Search head clusters.

Possess a well-balanced understanding of business relationships, business requirements, and technical solutions with the ability to work collaboratively with business analysts, software testers, developers,

Hands-on experience in developing, implementing, and administrating information security policies, standards, and procedures, adhering to industry best practices for clients.

Assisted in ensuring that the corporate IT environment is secure and complies with all external audit requirements and federal standards

Designed and facilitated new cloud security architecture at Bluemix datacenters for the Echo product offering using Vyatta 5400/5600, Juniper vSRX, and Fortinet/FortiGate series firewalls.

Efficient and Expert in EIGRP, and OSPF, with knowledge of MPLS, and BGP (including configuration and troubleshooting)

Expertise in Gathering and analyzing metrics, and key risk indicators and maintaining scorecards defined within the area of information security to ensure our information security program is performing effectively and efficiently.

Experience in vulnerability scanning g with relevant tools e.g., Nessus, HPE Fortify for SCA (Static Code Analysis) Web Inspect, and Rapid 7 Nexpose.

Assist in the deployment and configuration of new tools and capabilities such as Nessus, Splunk, Symantec, and McAfee DLP.

Experience configuring and deploying modules and products like McAfee ePO, McAfee VSE, Cloud, McAfee HIPS, McAfee Endpoint Encryption, McAfee Network DLP, McAfee DLP Endpoint, McAfee SIEM.

Experience in managing Network infrastructure security using HPE ArcSight ESM/ Splunk for monitoring classifying and responding to incidents and threats.

Supported the information security audit and third-party assessment initiatives during the planning, execution, and remediation phases, as well as coordinating and tracking remediation activities.

Liaison between the audit/assessment teams and Information Security management.

Familiar with threats and vulnerabilities, latest trends and risks, and be able to understand the technical remediation action steps or plans and communicate them effectively to teams within the organization Experience with SOC and 24/7 operations.

Acunetix, Microsoft Project, Tripwire/IP360, Tenable, Project Libre, Visio, Pac2000, SharePoint, Peoplesoft & Nexus, Continuous monitoring, GIS Ware, Cloudera, Hadoop, Apache, Microsoft application, endpoint, Security APIs, shodan API + Nmap and others.

Extensively worked on coding using core Java concepts like multithreading, collections, serialization, Synchronization, exception handling, generics, network APIs, and database connections.

Defined and oversaw security hardening standards for the client's IT Infrastructure

Coordinated with systems and network engineers to ensure servers and network devices conform to security standards, and that security devices and controls are working as designed

Experience with industry-recognized SIEM (Security Information and Event Management) solutions such as IBM QRadar, Splunk, and LogRhythm.

Implemented SQL Alchemy which is a Python library for complete access to SQL.

Experience using persistence frameworks like Hibernate/JPA to map Java classes with databases and use Hibernate Query Language (HQL).

Perform Risk Assessment, Gap analysis & create Risk Mitigation plan.

Strong understanding of enterprise, network, system/endpoint, and application-level security issues and risks. Excellent knowledge of FISMA, HIPAA and NIST, PIA Compliance usage, rules and regulations Use IBM Qradar Security Manager to identify threats and assigned categories.

Processed daily security operations and log analysis. TECHNICAL SKILLS

Networking

Packet Analysis (tcp dump, Wireshark), IDS (Bro, Snort), Splunk, Firewall, IDS/IPS, Access Control.

Systems Administration Active Directory, DNS, FTP, SSH, DHCP, SMB, HTTP, Virtualization (ESX). Vulnerability Assessment Nmap, Nessus, Ettercap, Metasploit, Burp Suite. End Point Security McAfee Suits (VSE, HIPS & HDLP), McAfee MOVE AV, Symantec McAfee Email Security Gateways GUI & CLI, McAfee Network Data Loss Prevention, McAfee NITRO SIEM Security Information and Event Management.

Platforms/Applications

Continuous Monitoring Vulnerability Management, Web Application Scanning, Threat Protection, Policy Compliance, Cloud Agents, Asset Management, Governance, Risk Management and Compliance, SolarWinds, Nexpose, Rapid7 Event Management RSA Archer, Blue Coat Proxy, IBM Qradar, NTT Security, LogRhythm, Pen Test Tools Metasploit, Burp suit, NMAP, Wireshark and Kali.

Security Software Nessus, Ethereal, Nmap, Metasploit, Snort, RSA Authentication, PIA. Programming Languages C, C++, Java, Python, JavaScript, Linux, PowerShell. Networking LAN, WAN, Wi-Fi, DNS, WINS, DHCP, TCP/IP, ISCSI, Firewalls/IPS/IDS. Protocols

TCP/IP, L2TP, PPTP, IPSEC, IKE, SSL, SSH, UDP, DHCP, DNS, NetBIOS, SNMP, TLS, etc.

Domain Knowledge

Risk Management, BCP/DRP, ISO 27001, COBIT, Vulnerability SWOT analysis, Cryptography, Incident Response, Penetration Test, Risk Assessment, SCADA Security, SCADA Audits, SIEM, NIST, FIPS.

Certification:

AWS Certified Solutions Architect – Associate (AWS CSAA) AWS Cloud Practitioner: Cloud Quest

Windows Server Administration 2019

Networking Basics

PROFESSIONAL EXPERIENCE

Client: Bridgestone Americas - Chicago, IL Jul’22 - Present Sr. Cyber Security Engineer

Responsibilities:

Experienced with DLP, Bluecoat web sense, Proofpoint, Trend Micro, and IBM Qradar Enterprise SIEM security tools to monitor network environment.

Worked on tools like Information security and Group Policy, Symantec Data Loss Prevention, Symantec End- end- point protection Manager, Symantec Endpoint Encryption, Windows Server Update Service, Bluecoat Proxy, Syslog, and GFI.

Experienced primary Voltage secure data encryption engineer heading up the International Project encryption servers worldwide.

Oversee Vulnerability assessment/penetration testing of scoped systems and applications to identify system vulnerabilities.

Application support for tripwire, research and understand all aspects of tripwire and troubleshooting as well as find other ways to automate practices. Would help other teams with cyber security as well for any projects dealing with Nessus tools vulnerability management, risk, and compliance in NERC standards.

Led a team of cloud security engineers in various areas of expertise to execute complex solutions to meet delivery timelines.

Recognize, adopt, utilize, and teach best practices in cloud security engineering.

Internal Network Vulnerability Assessments to enhance the Information Security culture of an organization through identifying, analyzing, and reporting the gaps that may be used to threaten the CIA of information.

Converting existing AWS infrastructure to server-less deployed via Terraform or AWS Cloud formation.

Frameworks used ISO 27001 ISMS, PCI DSS, SSAE16, OWASP, SANS, Forcepoint.

Implemented multi-threading functionality in Java backend beans.

Proficient in managing Symantec Endpoint Protection 12.1 workstation clients within an enterprise environment, including installation, configuration, and day-to-day administration.

Developed automated scripts to centrally detect security vulnerabilities using tools like ArcSight and Splunk for vulnerability assessment.

Responsible for providing insights on intrusion events, security incidents, and other threat indications and warnings.

Conducts advanced problem identification and resolution, performance monitoring, and capacity planning for all Cloud infrastructure.

Rolled out True Crypt Drive Encryption across all State Trooper laptops and desktops.

Conducts internal and external Network Vulnerability scans at least quarterly, particularly after significant changes in the network such as new system components, installations, changes in network topology, firewall rule modifications, and product upgrades.

Monitored and researched Cyber Threats with a direct & indirect impact on the organization internally.

Experience on Nessus VA and Burb Suite PT with Implement RSA SecurID.

Security Consultant specializing in Data Loss Prevention and large infrastructure encryption.

Develop reference architectures and proof of concept implementations of cloud security environments.

Responsible for architecting, implementing, and supporting cloud-based infrastructure and its solutions.

Manage all repeated threats to all systems and perform vulnerability tests.

Responsible for the design, development, and implementation of new and innovative solutions to protect lucid sensitive data and strengthen data protection capabilities.

Support IT teams based on the latest risks and possible remediation Vulnerability remediation of VBlock Infrastructure. Involved in the integration of Splunk with Service Now, Active Directory, and LDAP authentication.

Used Splunk Deployment Server to manage Splunk instances and analyzed security-based events, risks & reporting.

Experienced with Handling Cloud environments (AWS and Cloud).

Simplified knowledge sharing by creating and maintaining detailed and comprehensive documentation and necessary diagrams.

Managing the enterprise infrastructure of the System Security team, such as configuration of File Integrity Monitoring systems, Data Loss Prevention (DLP) toolsets, enterprise Antivirus solutions, and endpoint encryption.

Assisted internal users of Splunk in designing & maintaining production-quality dashboards, assisted the team in understanding the use case of business, and provided technical services to projects, user requests & data queries.

Combat operations IN Signals and info sec operations. Worked with NERC CIP, Tripwire, Tenable, and IP360 Enterprise 8.6.

Responsible for network monitoring using Splunk, ArcSight, and Security Center.

Responsible for Web UI development in JavaScript using jQuery, Angular2, and AJAX.

Developed Cyber Security Standards on NIST Frameworks and ensured their proper implementation to reduce the risk of vulnerability to IT assets.

Developed an intelligence-driven security approach for threat detection, which helped.

Responsible for conducting structured security certification and accreditation (C&A) activities utilizing the Risk Management Framework and in compliance with the Federal Information Security Modernization Act (FISMA) requirements.

Implemented enterprise security and Cloud security solutions, including IAM, Identity Governance, SIEM, Key Management, Encryption access keys, and Public, Private, and Hybrid cloud solutions.

Assisted in addressing day-to-day EPO Security Alert threats through SIEM tools like Nessus and ArcSight, tracking security threat workstations, virtual servers, and devices on the Confidential Network.

Monitored the receipt, implementation, and compliance of information assurance vulnerability assessments, documenting information assurance initiatives to ensure adherence to security policies and procedures, covering Risk Management, Vulnerability Management, Intrusion Prevention, and Incident Response.

Updated the Vulnerability Database with new vulnerabilities for various platforms, along with proper exploits.

Possess experience in Amazon AWS Cloud Administration, encompassing services such as EC2 and S3.

Managed various industry-standard security tools including SIEM, IPS, PIA, CASB, Firewalls, Gateways, VBlock, and Rapid7 Virus and Endpoint Managers.

Analyzed vulnerabilities using scanning tools like Nessus and Qualys Guard, removing false positives before generating and delivering final reports.

Leveraged Security Information and Event Management (SIEM), Intrusion Detection & Prevention (IDS/IPS), McAfee Endpoint Encryption Data Leakage Prevention (DLP), PIA, Forcepoint, forensics, sniffers, and malware analysis tools.

Held responsibility for monitoring and providing analysis in a 24x7x365 Security Operations Center (SOC) using Splunk SIEM and IDS/IPS tools.

Client: WorkForce Software - Livonia, MI Sep’20 - Jun’22 Sr. Cyber Security Engineer/Penetration tester

Responsibilities:

Establish a strong GRC (Governance, Risk, and Compliance) practice to ensure adherence to best practices, regulatory requirements, and ISO 27001.

Adept with Qradar, Symantec PCAP, Symantec Clouds, PAN Firewall, PAN Wildfire, PAN TRAPS, PAN Red lock,

FireEye, Threat Q, Microsoft SCEP, Microsoft O365 Security and Compliance Portal, Proofpoint, Working with McAfee ePO for managing client workstations for providing endpoint security.

Facilitate implementations of information security policies, account security policies, and standards for logical and physical security.

Setup and configuration of test benches including configuring Cisco UCM, 29xx/3800 series routers, Cisco 7975/9971 IP Phones, RSVP gateways, POE switches, and Media servers, implemented all VMware configurations for CUCM installs using vSphere.

Implemented and configured CASB solution including Netskope to secure the enterprise with a cloud.

Tested and certified new software such as Tanium Protect (an access control software) and PEGA trouble ticketing software.

Oversee the design and development of security solutions and manage cross-platform integration of a range of on- premised and public cloud security designs and configurations, Amazon CloudFront and Amazon Route 53.

Troubleshooting day-to-day issues in IT infrastructure in Business Environment tools like Splunk, ArcSight, Solutionary, PIA, LogRhythm, SCCM, Altiris, LANDesk, BigFix, McAfee/Symantec.

Automated DLP Incident metrics using Splunk. Developed monthly, and weekly metrics and dashboards using Splunk.

Provided leadership in architecting and implementing security solutions towards Qualys and SIEM tools like Splunk, ArcSight, Solutionary, LogRhythm, SCCM, Altiris, LANDesk, BigFix, McAfee/Symantec.

Configured Advance CyberArk integration with AD through LDAP, 2-factor authentication & email integrations.

Proficient in navigating national, international, and sector-specific cloud security assurance and compliance frameworks, including the Federal Risk and Authorization Management Program (FedRAMP).

Tasked with conducting application penetration testing across web, thick client, and various application types to uncover significant vulnerabilities that may compromise the confidentiality, integrity, and availability of customer systems.

Involved in implementing and configuring network infrastructure within the business environment.

Installed and maintained McAfee Drive Encryption to encrypt all workstation hard drives, enhancing the security of stored data

Managed the installation, maintenance, and monitoring of McAfee Data Loss Prevention Endpoint, a critical component of the Removable Media Encryption suite.

Oversaw the installation, maintenance, and monitoring of McAfee File and Removable Media Protection, another integral part of the Removable Media Encryption suite.

Utilizing Tanium Endpoint Security to create reports to resolve various information security issues.

Coordinates closely with disaster recovery and data security teams.

Enhancing Risk culture across the organization based on the COSO framework. Applying and implementing the COSO framework across the organization.

Allocate/coordinate work within a team/project. Provides value input into risk reports. Presents reports to the business areas and CTS management.

Working as Device Management in charge of providing technology support, installing, maintaining, upgrading, and troubleshooting server issues, networks, and other security products, providing solutions to complex hardware/software problems.

Working as a dedicated resource for a Scrum Project to provide timely firewall support and configuration for ongoing high-priority Scrum Projects.

Vulnerability Assessment and Management (Nessus & Qualys), Security risk analysis; reporting using SPLUNK.

Configuration and Maintenance of MPLS between satellite locations and Datacenter. Rule Management for MPLS routers.

Tracks all the incidents that happened in all the stores and used for recovery and settlements using RSA Archer.

Experience with SIEM platforms (Splunk, Qradar, McAfee/Nitro, Arcsight, LogRhythm, Carbon Black)

Administration experience of CyberArk vault with Safe creation, integration with LDAP and other authentication methods

& Creation of policies and reports in PVWA.

Perform daily analysis and monitoring of IDS for potential compromise, intrusion, deficiencies, significant events, threats to security posture, security baselines, and various activities related to spam.

Employ a range of security tools including SIEM, IDS/IPS, DLP, forensics, sniffers, and malware analysis tools.

Implemented multiple tools such as Symantec DLP and Qradar SIEM.

Deployed and configured McAfee products for clients, serving as a subject matter expert for McAfee suite of products including McAfee ePO, McAfee Endpoint Encryption, and McAfee DLP Endpoint.

Managed IBM Qradar configuration files including inputs, props, transforms, and lookups, as well as performed upgrades for IBM Qradar Enterprise and security patching.

Led a SOC team focusing on cyber incidents and compliance with standards such as PCI DSS and the NIST framework.

Installed, configured, and administered Splunk Enterprise Server and Splunk Forwarder on both Red Hat Linux and Windows servers.

Experience in analyzing the logs and troubleshooting issues in Integration of other applications using CA SiteMinder

(Access Management) and Identity Management tools along with LDAP and Web-server agents and SiteMinder federation services.

Installation and configuration of CyberArk Vault, Password Vault Web Access (PVWA), Central Password Manager

(CPM), and Privileged Session Manager (PSM) in Prod and PIA.

Working on Security tools like Deep Security, HIPPM, Nessus, and Symantec Control Compliance Suite 11. Client: Fannie Mae - Cleveland, OH Oct’18 - Aug’20 Sr. Cyber Security Engineer/Risk Analyst

Responsibilities:

Experience with many of the following technologies/roles: Privileged Account Management, Two-Factor Authentication, Web filtering, Web Application Firewalls, Virtualized computing environments, Encryption-at-rest and encryption-in- transit, and Vulnerability Management.

Installation and configuration of networks and network devices such as web application firewalls, network firewalls, switches, checkpoint firewalls, squid firewalls, blue coat proxy, and routers.

Network Security configuration, audit, and management of Windows servers. Installation, configuration, audit, and management of security tools.

Develops and leads procedures for testing disaster recovery plans. Provides help-desk-style assistance.

Advanced knowledge of Cisco wireless LAN controllers, Cisco access points, Cisco ISE, Cisco routers, Cisco L2/L3 switches, Cisco Prime, Generic Routing Encapsulation, load balancing (F5 BIG-IP Local Traffic Manager, Cisco Load Balancer, Citrix, Azure load balancer), QOS, PBR, WCCP, VPN, NAT, VoIP, IPSec, Multicast, DNS services, MPLS networks, LAN, WAN, Juniper Networks Firewall, Cisco ASA firewalls and network and routing protocols (Ethernet, TCP/IP, SNMP, VLAN Trunking, BGP, OSPF, ISIS, EBGP, IBGP, RIP).

Excellent written and verbal communication skills. Ability to create, update, and maintain technical documentation. Ability to work independently. Experience with ServiceNow.

Provided guidance and policy regarding the administration of all computer security systems and their corresponding or associated software, including endpoint security, intrusion detection systems, and application whitelisting.

Responsible for configuring, auditing, and managing the security of applications and databases, leading security incident investigations, and conducting basic forensic analysis and reporting. Additionally, tasked with deploying, automating, maintaining, and managing AWS cloud-based production systems to ensure their availability, performance, scalability, and security.

Conducting maintenance and monitoring of network and host intrusion detection and prevention technologies, along with implementing security controls. Proficient in utilizing a wide range of AWS technologies to develop and maintain Amazon AWS-based cloud solutions, emphasizing best practice cloud security.

Implemented physical and procedural safeguards for information resources within the facility and effectively communicate with senior management, peers, staff, and customers. Additionally, administered access to information resources and ensured timely detection, reporting, and analysis of unauthorized access attempts.

Played a role in proposing and facilitating the acquisition of security hardware/software, as well as developing and maintaining access control rules. Experienced with VOIP systems and managing user lists, passwords, encryption keys, and other authentication-related information and databases.

Utilized Dynamic Application Security Testing (DAST) tools like HP WebInspect, SolarWinds, Zap, Burp, Tenable, Splunk, Alert Logic, Symantec Endpoint Protection, Zscaler, McAfee Security, PortSwigger, Fiddler, Wireshark, Nmap, JIRA, Sonatype, and Coverity to detect potential vulnerabilities. Additionally, experienced in Palo Alto Networks and Firewall management, along with maintaining both local and remote networks.

Led the design, implementation, and migration of enterprise infrastructure and application services to software-defined networks. Proficient in configuring and managing AWS/Azure cloud infrastructure, with additional expertise in Palo Alto Networks and firewalls.

Participated in strategic security relationships between internal resources and external entities, including government, customers, vendors, and partner organizations.

Experience with using a broad range of AWS technologies (e.g. EC2, RDS, ELB, EBD, S3, VPC, Glacier, IAM, CloudWatch, KMS) to develop and maintain an Amazon AWS-based cloud solution, with an emphasis on best practice cloud security. Extensive experience in hands-on Azure IaaS / PaaS. Experience designing and building Azure solutions. PowerShell experience as it relates to Azure, AD, and Office 365. Client: Comcast - Indianapolis, IN Dec’16 - Sep’18 SOC Analyst

Responsibilities:

Proficient in various technologies/roles, including Privileged Account Management, Two-Factor Authentication, Web filtering, Web Application Firewalls, Virtualized computing environments, Encryption-at-rest and encryption-in-transit, and Vulnerability Management.

Installation and configuration of networks and network devices such as web application firewalls, network firewalls, switches, checkpoint firewalls, squid firewalls, blue coat proxies, and routers.

Security configuration, audit, and management of applications and databases. Leads security incident investigations, conducts basic forensic analysis and reporting. Deploys, automates, maintains, and manages AWS cloud-based production systems to ensure availability, performance, scalability, and security.

Maintenance and monitoring of network and host intrusion detection and prevention technologies. Implements security controls. Experienced with a broad range of AWS technologies (e.g., EC2, RDS, ELB, EBD, S3, VPC, Glacier, IAM, CloudWatch, KMS) to develop and maintain Amazon AWS-based cloud solutions, emphasizing best practice cloud security.

Administers access to information resources and provisions for timely detection, reporting, and analysis of actual and attempted unauthorized access.

Utilizes DAST tools to detect potential vulnerabilities such as HP WebInspect, SolarWinds, Zap, Burp, Tenable, Splunk, Alert Logic, Symantec Endpoint Protection, Zscaler, McAfee security, Portswigger, Fiddler, Wireshark, Nmap, JIRA, Sonatype, Coverity. Also experienced in Palo Alto Networks and Firewall. Manages local and remote networks.

Possesses advanced knowledge of Cisco wireless LAN controllers, Cisco access points, Cisco ISE, Cisco routers, Cisco L2/L3 switches, Cisco Prime, Generic Routing Encapsulation, load balancing (F5 BIG-IP Local Traffic Manager, Cisco Load Balancer, Citrix, Azure load balancer), QOS, PBR, WCCP, VPN, NAT, VoIP, IPSec, Multicast, DNS services, MPLS networks, LAN, WAN, Juniper Networks Firewall, Cisco ASA firewalls, and network and routing protocols

(Ethernet, TCP/IP, SNMP, VLAN Trunking, BGP, OSPF, ISIS, EBGP, IBGP, RIP).

Demonstrates excellent written and verbal communication skills, capable of creating, updating, and maintaining technical documentation. Able to work independently.

Extensive experience using a broad range of AWS technologies (e.g., EC2, RDS, ELB, EBD, S3, VPC, Glacier, IAM, CloudWatch, KMS) to develop and maintain Amazon AWS-based cloud solutions, emphasizing best practice cloud security. Also proficient in hands-on Azure IaaS/PaaS. Experienced in designing and building Azure solutions. PowerShell experience related to Azure, AD, and Office 365.

Client: NTT DATA - Bengaluru, India Sep’14 - Aug’16 Network Support Engineer:

Responsibilities:

Implementing, configuring, and troubleshooting incidents on Routers, switches, Wireless APs, and F5 LTM/GTM.

Experience in configuration of Cisco Wireless LAN Controllers and Wireless Security PEAP/WPA, LEAP/WEP, and various EAP over PEAP Protocols including EAP-TLS, EAP-TTLS, EAP-PEAP-MSCHAP, EAP GTC.

Successfully configured and commissioned ARUBA GATEWAY for WI-FI hotspots.

Design and implemented new architecture with new Cisco 3850 aggregate pair on existing network to isolate legacy XP machines behind checkpoint R77.30 firewall HA pair while engineering WAN routes and firewall rules for newly created XP subnets.

Configuring and Troubleshooting EIGRP, OSPF, and BGP Routing Protocols.

Prepared detailed reports on critical incidents as further reports to the Engineering and Network management team using Microsoft Visio.

Monitored Network with the help of monitoring tools like SolarWinds Orion and Netcool for smarts alerts.

Handled a team of 15 Network engineers working as L1 and guided them while handling tickets.

Worked in hand with Firewall, and IP Telephony teams in managing the tickets related to firewall rules, releasing ports, and troubleshooting voice gateways.

Configured Polycom used for Video Conferences and provided weekly video conferences to principals with another location.

Configured and mounted WI-FI devices DAX-924ABO for wireless connectivity in premises with secure SSID.

Configured SIS server with RAID 1 and installed Windows server 2008 R2 and configured DNS, DHCP, FTP, Exchange server and created user mailbox on exchange server. EDUCATION

Bachelors in Computer Science from Osmania University



Contact this candidate