Security Information
Resume:
BALA VASUDEVAN
Cell: 408-***-****
Email: ******@*****.***
EXPERIENCE SUMMARY
** ***** ** ************ ********** as senior System and Security administrator with diverse skill set that has enabled to provide support of production servers on 24/7 basis with System Network and Security Administration on various platforms.
Expertise in installing, configuring, managing, upgrading, monitoring and troubleshooting Splunk Servers.
Getting the log files to inform to customers like Stars, SQL and analyzing the Splunk log files.
Implement 2-Factor Authentication for various products within the RSA family.
Build of RSA Secured authentication Manager 8.0 Web tier Appliance Primary and Secondary servers in the DMZ. Setup and configuration of the user portal called the Self-Service console. Training of IT Staff and existing users on using the new self-service console.
Conduct network vulnerability assessments using tools such as Tenable, Nessus software to scanning all the ports, and to evaluate attack vectors, identify system vulnerabilities and develop remediation plans and security procedures.
Identified vulnerabilities, recommend corrective measures and ensure the adequacy of existing information security controls.
As part of the IT Threat and Vulnerability Management team, responsible for assessing and evaluating servers for potential risks due to non-secure configurations based on corporate requirements and industry best practices.
Define and deploy monitoring, metrics, and logging systems on AWS.
Implement and manage continuous delivery systems and methodologies on AWS.
Implementing and controlling the flow of data to and from AWS and Selecting the appropriate AWS service based on compute, data, or security requirements.
Fundamental mastery of the AWS cloud computing platform, and its many dimensions of scalability – including, not limited to: VPC (Virtual Private Cloud), EC2, load-balancing with ELB, messaging with SQS.
Provide system administrators with alternative suggestions and recommendations for filed suppression requests based on the customers.
Responsible for the overall evaluation, architecture, documentation, administration and operation of the IT Server Compliance program that spanned over 1000 servers around the USA and included Server OS, Web Server, ESXi and Database assessments..
Monitor IT security, security policy, industry trends and inform senior management of changes affecting the company policy.
Supports governance and compliance audits relative to payment card industry (PCI) and Sarbanes-Oxley (SOX).
Responsible for automating and improving infrastructure, using Chef for configuration management. Deployed and Maintain firewalls and multi-platform VPNs creating highly available secure network.
PROFESSIONAL QUALIFICATION
M.C.A – Masters of Computer Application with Distinction.
B.S -- Bachelor of Science.
CERTIFICATIONS
Cyber Security course online from DeVry University (www.devry.edu)
Completed AWS Certified Solutions Architect associate.(www.udemy.com)
Completed Certified information Security professional (CISSP) (www.udemy.com)
Cisco Certified Network Associate (CCNA).(www.cisco.com)
Microsoft Certified Professional (MCP). (www.microsoft.com)
Sun Certified Solaris System Administrator (SCSA).(www.sun.com)
Sun Certified Solaris Network Administrator (SCNA).(www.sun.com)
Certification on Network Monitoring from Brain Bench.( www.brainbench.com)
Certification on UNIX Administration (www.brainbench.com)
TECHNICAL SKILLS
Operating Systems Red Hat EL Linux (3,4,5), Solaris 2.X/AIX 5.X/HP UNIX 11.X,
Windows, Mac Os,-Net App (On tap 7.x), E4800/E6800,IBM AIX servers 540, HP-B132L, HP B2600, HP N 9000.
Storage Systems SAN storage (Hitachi 9500V, 9900 V) Network Appliance.
FAS6040/fas3020, EMC-Clariion-CX-500, EMC Celera NS500…
Tape Library Quantum I2K, ADIC 1000K Library, NEO Serious 2000, D1000.
Switches, Hubs MCDATA 6140, ED-6064, Cisco MD-9000, Brocade switches 4000
12000, 48000, and 4024 Serious, Cisco Routers 3700, Catalyst 4006, 4506, Layer 3 Switches, Cisco IOS 12.x, KVM 32 Switches, and SNMP…
Networking Protocols TCP/IP, SMTP, DNS, DHCP, LDAP, NIS, NIS+, HTTP. FTP, ARP, RARP
Database Oracle 8i, 10G, MYSQL, PLSQL.
Software Tools and utilities Solstice Disk Suite, Admin Suite, Veritas Volume Manager (RAID 5/0/1),
VxFS, VERITAS Cluster, VERITAS Net backup TSM 5.X.
Software Application C, C++, Java, Star Office.
Installation Jumpstart, Kick start, Custom Jump Start, Network image installation.
Web/App Servers Apache 1.3/2.0, Web Logic Server (8.1), Sun One Directory servers (5.1).
Monitor Tool SMTP-MRTG, big Brother, Nessus, Web Analyzer and Solar winds.
COMPANY: MACYS INC www.MACYS.com. SANFRANCISCO -CA (Feb 2012- Till date).
Role: Sr. Security Administrator.
Proven information security leader with success in guiding implementation of leading-edge technology solutions while balancing security initiatives to risks, business operations and innovations. Specialties include network design, systems architecture, configuration management, and systems administration with extensive experience healthcare, financial, cloud computing, and software development industries. Volunteer for the board of directors for the Silicon Valley Chapter of the Information Systems Security Association (SV-ISSA).
Worked as a Splunk Admin for Creating and managing app, Creating users, role, Permissions to knowledge objects.
Experience in developing Splunk queries and dashboards targeted at understanding application performance and capacity analysis.
Managing Vulnerability using these tools Nessus, Rapid7.
Conduct network vulnerability assessments using tools to evaluate attack vectors, identify system vulnerabilities and develop remediation plans and security procedures.
Educated business unit managers, IT development team, and the user community about risks and security controls.
Coordinate with third parties to perform vulnerability tests and create security authorization agreements and standards.
Analyzed security incidents and presented a quarterly report to the CIO.
Define and deploy monitoring, metrics, and logging systems on AWS
Implement systems that are highly available, scalable, and self-healing on the AWS platform
Design, manage, and maintain tools to automate operational processes
Deploying, managing, and operating scalable, highly available, and fault tolerant systems on AWS
Migrating an existing on-premises application to AWS
Identifying appropriate use of AWS operational best practices
Estimating AWS usage costs and identifying operational cost control mechanisms
Code-level application security (IAM roles, credentials, encryption, etc.)
Deployed and Maintain firewalls and multi-platform VPNs creating highly available secure network
Responsible for automating and improving infrastructure, using Chef for configuration management.
Designed and wrote tools in Ruby to automate third-party application configurations.
Seamlessly transitioned AWS infrastructure from EC2-Classic to VPC, overhauled AWS accounts to follow latest security best practices, reduced AWS costs by over 30%, and wrote documentation.
Supports governance, compliance audits relative to payment card industry and Sarbanes-Oxley (SOX).
Research new developments in IT security in order to recommend, develop and implement new security policies, standards, procedures and operating doctrines across a major global enterprise.
Define, establish and manage security risk metrics and track effectiveness.
Networking: Domain Naming Systems and Distributed File Systems, Dynamic Host Configuration Protocol, TCP/IP, UDP, TCP, LAN/WAN Protocols, Network Systems Management, VLAN, Network Design/Security, VPN, SIP Communications Protocol, GnuGk Proxy Registrations, H.323 Registrations, Proxy Gatekeepers, DMZ Configurations, RBA- Risk Based Authentications, On-Demand Authentications, Telnet, FTP, ARP, RARP.
COMPANY: Net APP Inc www.Netapp.com. Sunnyvale-CA (Oct 2011- Jan 2012).
Role: Sr. Security Administrator.
Deliver network and infrastructure support for Net app Systems complex storage systems and Software as a Service (SaaS) Platform. Supporting enterprise user base with offices in multiple locations as well as 25% remote work space.
Network and Systems Security Management and Research and Development.
Regulatory Compliance and Cost Benefits Analysis.
Monitor server applications, use monitoring tools, Splunk log files to troubleshoot.
Policy Planning / Implementation and Virtualization & Cloud Technologies.
Data Integrity / Disaster Recovery, Risk Assessment / Impact Analysis
Technical Specifications Development, Team and Project Leadership.
Coordinated and Validate periodic 3rd party vulnerability such as Trip wire, Rapid7.
Developed and implemented information Security policies and Procedures.
Examine information security policy from a cross-organized viewpoint including internal risk.
Security and compliance perspective and makes appropriate idea to protect the company.
Implemented and validated Change management system with change verification.
Risk Assessments on New projects, identity and reduce the risk.
Identify potential risk, consult on correcting or reducing risk, report if uncorrected.
Perform vendor security assessments.
Penetration Testing on projects or existing infrastructure.
Build RSA Secure ID authentication Manager 8.0 servers in the LAN including configurations.
COMPANY: LOCKHEED MARTIN (Ships/Tags) www.Savitrak.com. California/UK/India.
Mountain View-CA (Jul 2009- Jan 2011).
Role: Sr. Security Consultant
Developed and Implemented corporate security policy based on industry standard best practices to meet regulatory requirements for Industrial expectations such as PCI-DSS.
- Facilitated Successful completion of SAS70 Type 1 and 2 external audits.
- Successfully re-architected key components of the Network Architecture including DNS increasing both reliability and security for hosted Industrial application.
- Successfully implemented new Sun Solaris / Oracle cluster environment patched as per security policy.
- Ensure organizational compliance with CFCU information security programs.
- Conduct routine social engineering tests and clean-desk audits.
- Investigate potential or actual security violations or incidents in an effort to identify issues and areas that require new security measures or policy changes.
- Supporting SOX- team to maintain all server logs according to Security policy.
- Provide technical leadership to the enterprise for the information security program. Mentor and train others in information security in addition to training for other technical groups. Install and maintain security infrastructure, including IPS, IDS, log management, and security assessment systems. Assess threats, risks, and vulnerabilities from emerging security issues. Publish Security Updates newsletter for technical groups. Draft enterprise security standards and guidelines for system configuration. Managed process and acted in the lead role for computer security incident response team. Perform and create procedures for system security audits, penetration-tests, and vulnerability assessments. Develop scripts to maintain and backup key security systems.
COMPANY: SANFRANCISCO CHRONICLE, www.sfgate.com/Sanfrancisco/New York/ Union City/
SANFRANCISCO-CA (May 2007- Jun 2009).
Role: Sr. UNIX/Storage Administrator.
Installation of Solaris, AIX, HP-Unix and Linux Server and windows Configuring, Clients Implementation, Internetworking, Implementation and Trouble Shooting in Solaris servers.
Installing and deploying the Red hat application, Trouble shooting and network configuration of RHEL 3.x, 4.x, 5.x versions based on customer/user requirements...
Configuring virtual host and deploy the user web pages with various IP address via…
Storage Management using VERITAS Volume Manager (VXVM), HP-LVM, Solstice Disk Suite, VERITAS File System (VXFS), VERITAS Cluster 3. 5 (VCS), and RAID Implementation.
Created Net APP Aggregates, Volumes, and Qtrees, snapshots and Snap Mirroring and restored files from Snapshots and Configured VIP interface for Virtual network to utilize full network level….
Configured NFS / CIFS on NetApp NAS FAS 3020/900 Filers…
Designed and implemented backup policies with VERITAS Net Backup 5.1&6.0 configured backup Server, Media Servers and Clients. Implemented the multi variant policy, Storage Units and Policies.
Performed daily, weekly, Monthly, and yearly backups from manual to VERITAS Netback up and coordinated offsite storage for disaster recovery and tape rotation from offsite
Wrote the coding according to the production/customer needed using Perl, Shell scripts…
Installed VMware to install Microsoft Windows within a Linux window for application testing.
Configuration and trouble shooting for NFS, NIS, Network configuration along with aliases…
Modifying/changing the kernel parameters according to the production requirement….
Oracle Installation and 9 IAS-Internet Application server installation, Apache configuration & Samba Configuration on Web server in Red Hat Linux and Solaris, Sun One directory server.
Install, configure and maintain appserver, web server, and portal architecture for stage and production environments using Web Logic. Load balancing and creating JDBC connections…
Setting up Ethernet Interface Configuration, ARP Cache, VLSM, Router Setup and Configuration, DNS Internal and external and identifying Nslookup, dig command. (www,dnsstuff.com).
On call Supported varied user communities of 2000+ engineers/developers with day-to-day problems based on Ticket based with severity level by 24/7…
COMPANY: UTStarcom, Alameda, CA, www.UTStar.com/California/Canada/Japan/China/NJ/India.
Alameda-CA. (Aug 2005 to April 2007).
Role: Sr. UNIX Administrator.
Responsible for managing the production environment of 14,000 plus servers running on Sun Solaris 2.9, 2.10, Red Hat Linux, HP-UX 11.00 and IBM AIX 5.X for various clients at different sites around the world.
Installing and deploying the Red hat application, Trouble shooting and network configuration of RHEL 3.x, 4.x, 5.x versions based on customer/user requirements...
Configuring virtual host and deploy the user web pages with various IP address via…
Applying LVM (Logical Volume Manager) concept to create multiple Volume groups also created volumes according to the production requirement on RHELinux 4.x.
Creating VERITAS Disk groups, Plex, sub disks, Volume creation, import and export the disk groups, Growing/sync the VERITAS file system using Vxassist …
Implemented the multi variant policy, Storage Units and Exchange Database Policies.
Performed daily, weekly, Monthly, and yearly backups from manual to VERITAS Netback up and coordinated offsite storage for disaster recovery and tape rotation from offsite…
Deployed and managed the Clustered NetApp (Fas840, Fas250) and FAS900 Filers in the production environment, upgraded firmware, managing disks and shelves, configuring NFS, CIFS and managing volumes and shares over the network.
Installation and configuration of AIX servers & maintain the maintenance levels and AIX Clusters (HACMP-High Availability cluster Multiprocessor), LPAR, and HMC…
Installed, managed and secured Linux and Solaris based mail (Send mail and Postfix) and DNS (Bind) servers. Configured and maintained RAID devices using VERITAS. Designed and implemented backup policies with TSM 5.1, configured backup Server, Media Servers and Clients. Implemented the multi variant printer pools, Storage Units and Policies.
COMPANY: IBM Global Services – Bangalore/USA/UK (Feb 2003 to July 2005). www.IBM.Com
Installation of AIX Server and Configuring the Clients Implementation, Internetworking with TCP/IP, and Configuration of 3700 Series Routers, Implementation and Trouble Shooting.
Creating VERITAS Disk groups, Plex, sub disks, Volume creation, import and export the disk groups, Growing/sync the VERITAS file system using Vxassist …
Designed and implemented backup policies with TSM 5.1 configured backup Server, Media Servers and Clients. Implemented the multi variant printer pools, Storage Units and Policies.
Wrote the coding according to the production/customer needed using Perl, Shell scripts…
Backup TSM DB, Restore TSM DB backup for Disaster Recovery, Designed and implemented backup policies with TSM 5.1, configured backup Server, Media Servers and Clients. Implemented the multi variant Disk pools, Storage Units and Policies…
Initial setup and management of the Sun StorEdge L10 Tape Library with VERITAS Netback up, Performing manual backups/restores using VERITAS Netback up….
Produced Solaris packages for many locally compiled tools.
Provide 24/7 support based on trouble tickets…
Company: Hat Sun Agro Product Ltd-Chennai. FEB 2002 TO JAN 2003 WWW.HATSUN.COM
Role: Linux & Network Administrator.
Installation of Red hat Linux, Solaris and Windows operating system with spark/Intel boxes also configure Cisco routers / Switches to manage user requirements…
Install active directory services (DCPROMO-ADS) to manage user level support activities according to the production servers and managed Exchange database to send/receive mails…
Configuring Cisco routers, managing different VLAN setting up with different domains based on customer satisfaction also Train them for basic trouble tickets….
Enhanced data protection by installing, configuring, and administering a new tape backup solution using VERITAS Netback up 4.2 Datacenter. Scheduled and monitored backups, rotated tape media to off-site for Disaster Recovery.
Samba Installation/Configuration, Red Hat Linux, Solaris, Windows 2000, and Windows Sharing Mounting Starting/Stopping All Daemons, Troubleshooting Domain Controller Setup and ISO/OSI model, TCP/IP Model with VLAN Settings with different protocols…
Supporting NIS+ environment. Installation of Sun patches, software mentioned above.
Company: REK Systems-Chennai. JUL 1998 TO JAN 2002.
Role: Linux & Network Administrator.
Senior Unix administrator involved with primarily systems administration duties.
- Technical Lead on infrastructure support for major application releases, Automate business operations and enable efficiency in existing processes. Support mission critical production environment on HP-UX platform.
- Installing deploying the Red hat application, Trouble shooting and network configuration of RHEL 3.x, 4.x, 5.x versions based on customer/user requirements...
- Performed daily, weekly, Monthly, and yearly backups from manual to VERITAS Netback up and coordinated offsite storage for disaster recovery and tape rotation from offsite.
-Identified, troubleshooter solved faulty Netscape NES shared library implementation…
-Wrote the coding according to the production/customer needed using Perl, Shell scripts.
Contact this candidate