Post Job Free

Resume

Sign in

Senior IT Security Engineer

Location:
Tampa, FL
Posted:
May 16, 2017

Contact this candidate

Original resume on Jobvertise

Resume:

Srujan Kumar Munangi

ac0aee@r.postjobfree.com

302-***-****

Summary:

. Seven years plus experience in IT Security Operations and

implementation, integration & operation of SIEM via QRadar, ArcSight

. Experience in planning, developing, implementing, monitoring and

updating security programs, and advanced technical information

security solutions, and sound knowledge in SOX and PCI compliance

requirements and understanding of NIST and ISO standards

. Develop strategic plans for agency-wide implementation to address the

operations of client services, product support, quality assurance, and

information security training.

. Technical experience in System and Network Analysis, Intrusion

Detection, Malware Analysis

. Maintained up-to-date procedures and documentation to support IT

security processes.

. Experience and knowledge of threats, analysis, and remediation efforts

in reference to Intrusion Prevention and penetrations

. Experience in Network Intrusion detection/Intrusion Prevention System

and Firewalls

. Security Incident handling, SIEM using RSA Envision and IBM Qradar

products Identifying the critical IT infrastructure that requires 24/7

monitoring.

. Experience in troubleshooting LAN and WAN.

. Knowledge in Authentication, End Point Security, Internet Policy

Enforcement, Firewalls, Web Content Filtering, Database Activity

Monitoring (DAM), Data Loss Prevention (DLP), Identity and Access

Management (IAM) solutions

. Proven ability in identifying various network security vulnerabilities

and explain in detail how to remediate the identified vulnerabilities.

. Manage PKI Remedy que

. Knowledge of LAN/WAN networking concepts-- TCP/IP, routing and

switching, OSI Layer; and scripting languages

. Strong troubleshooting, reasoning, problem-solving skills, flexible

and able to deliver quality results

. Understand PKI and SSL key management

EDUCATION & IT CERTIFICATION:

. BACHELOR DEGREE IN COMPUTER SCIENCE

APRIL 2011

. CEH

. CISSP

technical skills:

SPLUNK SPLUNK 5.X AND 6.X, SPLUNK ENTERPRISE, SPLUNK ON

SPLUNK, SPLUNK DB 2 CONNECT, SPLUNK CLOUD, HUNK,

SPLUNK IT SERVICE INTELLIGENCE, SPLUNK WEB

FRAMEWORK

OPERATING SYSTEMS WINDOWS 2000, XP, WIN 10, WINDOWS SERVER,

UNIX/LINUX (RED HAT), FREE BSD

SECURITY / SNORT, WIRESHARK, WEBSENSE, BLUECOAT, PALO ALTO,

VULNERABILITY TOOLS CHECKPOINT

Symantec, Qualys Vulnerability Manager, FireEye

HX, Sophos, Sourcefire

RDBMS Oracle 11g/10g/9i/8i, MS-SQL Server

2000/2005/2008, Sybase, DB2 MS Access, Mysql

Networking Protocols TCP/IP, HTTP/HTTPS, SSH, SSL, DNS, SNMP

and Tools Routers, Switches, Load Balancers, Cisco VPN,

MS- Direct Access,

Programming Language C, C++, Java with Big Data, Python, UNIX shell

scripts

Monitoring Tool Netcool,Dynatrace,tealeaf

Senior IT Security Engineer, Medlife, Tampa, FL Oct-2015

To Till now

. Working in Security Incident and Event Monitoring SIEM platform - IBM

Qradar.

. Security Incident raises according to the alerts and follow-up.

. Monitoring various event sources for possible intrusion and determine

the severity of threat.

. Experience in IBM Qradar SIEM Integration.

. Experience in integrating the log sources with IBM Qradar.

. Creating Reports based on log sources integrated with Qradar for the

Customer requirement.

. SOD Controls and Procedures as a part of Audit Perspective.

. Technical representation for PCI, CPM and SOX Audit Review and

monitoring

. Experience in SIEM devices health monitoring and capacity management.

. Experience in Handling and closing high business impact incidents.

. Experienced in SIEM Technology and analyzing the various Devices Logs.

. Performing investigation, analysis, reporting and escalations of

security events from multiple sources including events like intrusion

detection, Firewall logs, Proxy Logs, Web servers.

. Implementation and Integration of Servers (Windows, Linux and Unix),

Security devices like Firewall, IPS, IDS, WAF, Nessus, McAfee Proxy,

Symantec Endpoint Protection)

. Assist with the development of processes and procedures to improve

incident response times, analysis of incidents, and overall SOC

functions.

. Experience in Information Security Platform by providing support on

known/ unknown vulnerabilities/ threats found via security devices/

product. Experience in developing & creating SIEM Procedures (SOP)

documentation.

. Experience in developing & Fine-tuning SIEM rule alerts and reports.

. Experience in handling clients reported cyber-attacks and incidents.

. Network Security (IDS/IPS, N/W Sniffing, Wireshark, TCPDUMP, NMAP).

. Running vulnerability & compliance scan and report vulnerabilities

mitigate risks associated with vulnerabilities reported.

. Report/Track the vulnerability reports periodically and submit the

report to management.

. Collaborate with worldwide Team members/customers, attend team

meetings.

. Provide input into all aspects of PKI

. Create, modify, maintain, or provide input for technical documents

such as but not limited to User Guides, build guides, adhering to

Government technical, operational, and integration requirements and

standards

. Act as subject matter expert and answer questions related to

vulnerability scanner.

. Engage and network with groups outside of IT Services such as Audit

Services, Legal, TI businesses, vendors, customers, and partners.

. Monitoring Snort (writing rules, monitoring BASE), creating the CASE

of unknown alerts, Splunk, Arcsight

. Writing Snort Signatures, Tripwire (HIDS), and OSSEC (HIDS),

. Vulnerability assessment using NESSUS.

. Working on Backtrack UNIX.

. Shell Scripting.

. Application/Web Security (OWASP).

. Audit & Compliance (ISO27001).

. Wireshark, TCPdump, Ettercap, Cain & Abel, Ettercap, C EH Modules.

IT Security Engineer Paypal Inc, Austin,TX USA

Nov-2012 to Oct-2015

. working in Security Incident and Event Monitoring SIEM platform - RSA

Envision.

. Security Incident raises according to the alerts and follow-up.

. Monitoring various event sources for possible intrusion and determine

the severity of threat.

. Hauling Ad hoc report for various event sources and, customized

reports, and scheduled reports as per requirements.

. Collecting the logs of all the network devices and analyze the logs to

find the suspicious activities.

. Monitor RSA envision dashboards to keep track of real time security

events, health of SIEM devices.

. Investigate the security logs, mitigation strategies and Responsible

for preparing Generic Security incident report.

. Hands on Experience with RSA envision centralized IPDB.

. Analyze the Malware through static and Dynamic analysis with tools.

. Responsible to preparing the Root cause analysis reports based on the

analysis.

. Knowledge in Websense, NIPS, Symantec Antivirus, Checkpoint, Active

Directory, Cisco switch & Cisco AC

. Designed and Deployed Microsoft PKI Windows 2012 Standard R2 and Key

Certificate Life Cycle Management Solution with Venafi Trusted

Protection Platform.

. Preparation of documents of all aspects of related efforts on

intrusion analysis, which is submitted to higher officials to conduct

audit and worked with various IT and business unit leads to ensure

timely and accurate reports.

. Responsible for monitoring & acquiring data feeds from a variety of

technologies for Splunk (Firewalls, BlueCoat proxy, Windows, Linux,

Imperva, RSA, etc)

. Setup Integration of FireEye alert in other security systems.

. Setup Automation of FireEye alerts to block infected devices in other

security systems.

. PKI refresh by deploying best industry practices solution.

. Secured company internet access using BlueCoat proxies.

. Engineered BlueCoat policies to follow company's policy's &

procedures.

. Responsible for maintaining McAfee IDS/IPS policies.

. Constructed actionable reports & alerts from RSA Security Analytics.

. Created & maintained policies for Axway Mailgate & secure email

appliances

. Conducted network vulnerability assessments to identify system

vulnerabilities.

. Developed remediation plans & security procedures

. Created custom scripts to save time & labor cost on attestation of

50,000 + accounts

. Collaborated with other departments in investigations for HiPPA & PCI

violations

. Provide consultative services at the time of PCI audits & reviews.

. Installed and configured Symantec Enterprise Anti-Virus.

. Administered and managed SEP Client deployments to Workstations and

Servers.

. Set up policies for servers with specific policies for apps running on

servers.

. Performing DLP inventory scans.

. Created DLP role-based access controls, DLP device policies, DLP

application file access protection.

. Worked with Global Security Team.

. Tripwire IP360, Tripwire CCM, Symantec CCS, Nessus, Nmap, Tcpdump,

Wireshark, Kali Linux, ArcSight, Splunk.

. Working with global security team for the Server Compliance and risk

management.

. Working on Symantec ESM (Enterprise Security Manager), Algosec,

Tripwire.

. Working on Mcafee ePO, Mcafee virus scan, monitoring malware

activities in the network.

SIEM Consultant Raymond James Tampa, FL, USA

Mar-2012 to oct-2012

. Participated in the product selection and installation of HP Arcsight

Security Information Event Manager SIEM consisting of multiple

collectors and a high performance MS SQL database

. Designed and implemented enterprise SIEM systems: centralized logging,

NIDS, alerting and monitoring, compliance reporting, based on HP

Arcsight 7.0 SIEM.

. Responsible for HP Arcsight SIEM monitoring and configuration aligned

to internal PCI and SOX controls

. Manage the day-to-day log collection activities of source devices that

send log data to SIEM HP Arcsight

. Managed and monitored McAfee EPO 4.6. Installed Linux/Windows agents

and Virus Scan Enterprise

. Recommended Web Sense Internet proxy and Web Security Gateway Anywhere

to manage corporate Internet proxy traffic and supporting

infrastructure

. Access control for browsing, Authentication for all hits from browsing

on proxy servers, maintenance of proxy logs for forensic purpose

. Maintain McAfee antivirus applications and appliance, including

ePolicy Orchestrator, VSE 8 and 8.5, and Secure Content Manager SCM

3200 SPAM, Virus, and content filtering of web and email traffic.

. Develop Knowledge base of various challenges faced in implementing

SIEM solution and maintaining it.

. Dashboard / Enterprise dashboard customization for various team based

on the log source type requirements.

Network Security Consultant HCL, Chennai, India

May-2011 to Mar-2012

Project lead for RMM implementation of Kaseya to manage all client devices

and streamline remote support and

monitoring.

Managed Kaseya for our clients with over 1000 agents deployed.

Worked with clients on IT roadmaps and planning for the technology spending

and growth.

Managed the day to day IT work for all my clients, including server,

network, workstation, mobile device support.

Automated installations of workstations, using scripting, group policy,

deployment packages and documentation.

Assist in the planning and execution of the Connect Wise,

Schedule and manage tickets on service board

Project manage new and existing projects with clear measurable goals

Proactively research and maintain knowledge of IT solutions provider and

related industries

Responsible for the oversight and support an organization's infrastructure

systems such as File and Print Services, Email, Network OS and

Applications.

Perform maintenance and support of the availability and functionality of

these systems.

Maintenance (includes OS Patching and upgrades), implementation rollouts of

new systems, L1,2&3 break fix

Resolve inbound tickets (Level 1 & 2 helpdesk as needed), and ensure SLAs

are maintained

Review and monitor our service-ticket boards, and ensure routine network

maintenance occurs

Manage all server/desktops to keep them up-to-date with Microsoft and third-

party patches, virus definitions, and malware, using our Remote Monitoring

Management (RMM) software

Assist with consistent monitoring of Backup devices and manage/escalate

failures as needed

Installed & Configured Windows server 2003, 2008, 2012 VMware vSphere,

hyper v, Exchange server 2010/2013& Linux operating systems.

Perform day-to-day Macintosh support activities and processes to deliver

enterprise-wide technical support services for Macintosh systems and

applications

Installed and Configured applications like Veritas NetBackup / Veeam Backup

and Replication.

Experience as a System Administration on various Linux Windows Server

2003/2008/2012 and Mac OS Server Snow Leopard/Lion/Maverick

Record your own work, as well as maintain, update, and create technical

support and end-user support documentation

Escalate technical issues outside your skillset to other technical team

members

Environment: MS SQL Server 2005/2008, Kaseya RMM Tool, Connectwise.



Contact this candidate