Security Technical Support
Resume:
Abhilash M
Mob: 831-***-****, Email: ac0tr0@r.postjobfree.com
PROFILE Result oriented Sr. Network Security Analyst with 7 yearsof experience in various aspects of Information and Network Security. Admirable correspondent with analytical, Technical Expertise, relationship management and coordination skills.
Seven years plus experience in IT Security Operations and implementation, integration & operation of SIEM via QRadar, ArcSight
Experience in planning, developing, implementing, monitoring and updating security programs, and advanced technical information security solutions, and sound knowledge in SOX and PCI compliance requirements and understanding of NIST and ISO standards
Develop strategic plans for agency-wide implementation to address the operations of client services, product support, quality assurance, and information security training.
Technical experience in System and Network Analysis, Intrusion Detection, Malware Analysis
Maintained up-to-date procedures and documentation to support IT security processes.
Experience and knowledge of threats, analysis, and remediation efforts in reference to Intrusion Prevention and penetrations
Experience in Network Intrusion detection/Intrusion Prevention System and Firewalls
Experience as a Splunk Engineer configuring, implementing and supporting Splunk Server Infrastructure across Windows, UNIX and Linux environments
Providing support to Microsoft Active Directory, Microsoft SCCM servers and SQL servers.
Hands-on designing Active Directories using power shell scripts.
Responsible for logical and physical database design, implementation, transforming logical data models into physical databases and defining strategies for database implementation, high performance, replication and failover.
Hands-on experience on Citrix Provisioning Services,XenApp, App-V, Metaframe PS, XenDesktop and VMware ESX/ESXi
Experience with Project documentation tools & implementing and maintaining network monitoring systems and experience with developing network design documentation and presentations using Visio
Experience in managing complex routed networks providing technical support, troubleshooting and configuration.
Configure, maintain and design network security solutions including firewalls (CheckPoint and Cisco ASA), IDS/IPS (CheckPoint and SourceFire), VPN, ACLs, Web Proxy, etc.
Hands on experience on NGFW Firewall management and UTM solutions (IPS/IDS, DLP, Gateway Antivirus, Antispam, Content Filtering, Application Control)
Strong hands on experience on PIX Firewalls
Hands on experience on Operations and management of Aruba based wireless network providing multiple SSID platform for DoD users
Intrusion Detection- monitor and analyze real time security alerts triggered on the network by Cisco Sourcefire
Performed security operations on ASA firewalls.
Hands on experience in upgrading and troubleshooting OS for cisco firewalls like ASA and FMC
EXPERIENCE Company:Western Union, CA
Designation : Sr. Network Security Analyst
From: July 2016 - Till Date.
Responsibilities:
Worked on Nessus Security Center and Manager for vulnerability management.
Maintenace, Changes in ACL and Auditing of Cisco ASA.
Working as SPOC for all security related issues
Analysis of chcekpoints alerts triggered.
Configure and implement Palo Alto Wildfire and URL filtering PAN DB.
Deployed Cisco FireSight with SourceFire to implement URL Filtering, IPS, File Filtering, and Security Intelligence.
Proficient in design, implementation, management and troubleshooting of Check Point firewalls, Cisco PIX.
Configuration and Monitoring IPS (IBM Proventia)
Configuration, integration, and deployment of Cisco FireSight 2000 management Center, 2 ASA 5500s with Cisco Firepower Services.
Installing and configuring Viprion F5 load balancers.
Assisted with Palo Alto NG Firewall implementation and switch from Checkpoint Firewall.
Maintain, and operate lab wide Vulnerability Assessment deployment (Security Center/ Nessus)
Installed and configured QualysGuard server appliances (both physical servers and virtual cloud based servers), and ran various ad-hoc/custom/standard reports
Installed CISCO UCS rack servers to automate and accelerate deployment for all applications.
Tuned Qradar SIEM to present relevant information to Security Operations Center
Installed CISCO UCS rack servers to provide scalability and capacity for Splunk enterprise deployments.
Managed all windows 2003 servers, Active directory, DNS and WAN Switching.
Configured Cisco ISE server to authenticate wired and wireless clients with certificate and MAC options.
Integrating Configuring RSA SecurID with Cisco ISE for Token based authentications using RSA Native method RSA RADIUS method for user's remote VPN users.
Experience in implementing Next Generation Firewalls (NGFW) such as Bluecoat ProxySG and other vendors such as Palo Alto networks NGFW for URL filtering
Analysis of co-relational alerts triggered via SIEM i.e AlienVault
Analysis of the phishing emails and hidden malware drop files.
Creation of co-relational rules in SIEM.
Providing on-call Support in off hours when needed.
Worked on F5 ASM WAF to prevent application layer attack.
Creation of iRules to block the malicious traffic.
Implemented the 2FA in client infrastructure.
Mainitaining the antivirus solution i.e Symantec Endpoint Solution.
Audit of Cisco ACL, Active Directory and rules in F5 ASM.
Worked on implementation of different third party security tools like Rapid7, Demistro and DUO
Handling Weekly meeting and Quarterly and weekly tasks.
Company:Health Plan Services, FL
Designation : IT Security Analayst – Global Security Operations
From: Jan 2016 - June 2016
Responsibilities:
Worked on Cloud Security Products to ensure security of customer from cyber attacks.
Working knowledge of HTTP(S), TCP/IP, DNS
Knowledge of various DDoS attack types (UDP/ICMP Flood, SYN Flood, HTTP Get Flood, TCP Connection Attack, TCP Flag-based Attacks)
Gather information, log, data, investigation, create report.
Worked on OWASP TOP 10 attacks like, XSS, SQL Injection, CSRF, PHP Injection etc.
Interacation with customer regarding security alerts and attacks.
Worked on DDOS mitigation and have good idea on different kind flood attacks.
Good knowledge on GRE tunnel, IP sec tunnel, troubleshooting of different issue of tunnels.
Experience with Firewall migrations from PIX firewall to Cisco ASA and Juniper SRX firewall appliances.
Provided remote Technical support on implementation of technology using various Juniper Network & Security products and applications and resolve product related issues through research and troubleshooting.
Involved in configuring and troubleshooting Juniper Firewalls including UTM features like anti-virus, deep inspection (IDP), URL filtering and screening.
Responsible for Cisco ASA and Palo Alto configuration and administration of networks.
Configuring Virtual Chassis for Juniper switches EX-4200, Firewalls SRX-210
Troubleshoot traffic passing managed firewalls via logs and packet captures
Involved as Platform Engineer for Sourcefire including all 4.10 and NG and NGFW
Integrated web application delivery controller(ADC).
Involved in a team responsible for Network security management by implementing and managing NGFW systems.
Virtual Private Networks on Cisco ASAs with AnyConnect, Cisco ISE for authentication, as well as site to site VPN
Implemented new Cisco ASA's, installed the framework for Cisco ACI and implemented new F5 LTM's and GTM's.
Creating, implementing and testing Citrix NetScaler ADC (Application Delivery Controller) responder
policies in order to meet DDoS defense strategies
Worked on Converting the Partner IPSEC VPN from one Data Center to Another Data Center
Expertise in installing, configuring and troubleshooting Juniper EX Switches (EX2200, EX2500, EX3200, EX4200, EX4500, EX8200 series).
Performed various configurations using the CISCO SDM like configuring VPN, Security Audits, Firewalls, VLANS.
Worked on software based ADC on VMware
Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE.
Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools
Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5585 Security appliance
Responsible for Cisco Proxy ESA and WSA.
Everyday performance with the Cisco Iron ports - WSA S170 (Web Security Appliance) Version: 8.0.6-119, ESA C370 (Email Security Appliance) Version: 8.5.6-074, and M670 - Content Security Management Appliance Version: 8.3.6-028
Implementation and Configuration (Profiles, I Rules) of F5 Big-IP LTM-6400 load balancers
Hands on experience on Web Application Firewalls and attack mitigation techniques.
Working in 24 X 7 SOC operations in different shifts.
Company: SYMANTEC, CA
Designation : Sr. Security Analyst
From:Apr 2014 - Dec 2015
Responsibilities:
1.4 Year of ArcSight SIEM experience in Incident Management.
Real time monitoring of Network Security components and devices such as Firewall,IDS,IPS and windows server to correlate the logs as per client's requirement.
Development of various co-relation Rules,Reports,Alerts,Active Channels,Dashboard.
Building of rules in Arcsightbased on client's use-cases.
Managing Phishing Incidents from detection to takedown and providing analysis of phishing.
Reporting malwares and blacklisted link and providing threat advisories of malwares and patch.
Part of the SOC - 24x7 monitoring for Targeted phishing Sites using SIEM TOOL- ArcSight, Watermark, Domain analysis, Brand Abuse websites and Abuse mail box.
Company: Spanco Telecom, India
Designation : Jr. Analyst – SOC Services
From: Aug 2011- Oct 2013
Responsibilities:
Managing the service request tickets within the phases of troubleshooting, maintenance, upgrades, fixes, patches and providing all-round technical support.
Commissioning and Decommissioning of the MPLS circuits for various field offices.
Preparing feasibility report for various upgrades and installations.
Ensure Network, system and data availability and integrity through preventive maintenance and upgrade
Troubleshooting complex networks layer 1, 2to layer 3 (routing with MPLS, BGP, EIGRP, OSPF protocols) technical issues.
Providing support to networks containing more than 2000 Cisco devices.
Performing troubleshooting for IOS related bugs by analyzing past history and related notes.
Carrying out documentation for tracking network issue symptoms and large scale technical escalations.
Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, Inter-Vlan routing, LAN security.
Worked on the security levels with RADIUS, TACACS+.
Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
Configured switches with port security and 802.1 xs for enhancing customer's security.
Validate existing infrastructure and recommend new network designs.
Created scripts to monitor CPU/Memory on various low end routers in the network.
Configuring and troubleshooting multi-customer network environment.
Involved in network monitoring, alarm notification and acknowledgement.
Implementing new/changing existing data networks for various projects as per the requirement.
Installed and maintained local printer as well as network printers.
Cloud Security Skills :
Good understanding of Layer 7 Attacks and DDOS attacks
Extraction of required logs and do the required analysis
Good understanding of Ping,Traceroutes, MTR to troubleshoot network issues.
Underatanding of different Layer 7 attack rules.
Perform deep level packet analysis with Wire shark/ tcpdump
Excellent understanding of HTTP and HTTPS
Basic understanding Content Delivery
EDUCATION Bachelor of Technology (Computer Science & Engineering), 2011
Jawaharlal Nehru Technological University.
CERTIFICATIONS
ACCOMPLISHED
EC Council Certified Security Analyst (ECC67985126113)
Certified Ethical Hacker v8-CEH (ECC-30166688)
Certified Arcsight ESM Security Analyst- AESA (PL72327375)
Certified Information Technology Infrastructure Library – ITIL v3 (EXIN, 5108712.20298838)
Solarwinds Certified Professional(SCP3105)
Qualys Certified Specialist- Vulnerbility Management
TECHNICAL
TRAINING
Trained Certified Ethical Hacker v8
Trained Arcsight ESM Security Analyst
Trained in Nessus Manager and Security Center
Trained in Vulnerability Management by Qualys Guard
Trained in ITIL v3
Contact this candidate