Post Job Free
Sign in

Security Information

Location:
Chapel Hill, NC
Posted:
July 01, 2018

Contact this candidate

Resume:

Neha Gupta Work Authorization: H* EAD

Email: *****.******@*****.***

Ph.no: 831-***-****

Summary

6+ years of experience in Security (Network and Application), SIEM Solution, Incident handling (Includes log analysis of network logs), auditing and penetration testing of (Web based applications, android applications).

Employment Details

Company

Title

Duration

National Informatics Centre, Delhi

Scientific-Officer

01 Dec 2017 till Apr 2018

National Informatics Centre, Delhi

STA –B

01 Feb 2012 till Nov 2017

IAP Private limited

Assistant Programmer

Mar 2011 to Aug 2011

Technology Experience:

Information Security

ArcSight ESM & Express, ArcSight Logger, Connector Appliance

Web Technologies

HTML, Javascript

Database

ORACLE, MS SQL SERVER, MySQL

Webserver

Apache

Operating Systems

Windows XP/VISTA/10, Linux (Medium level)

Security Tools

Nmap scripts, Skipfish Nmap, Metasploit, sqlmap, nikto, netcat, wget, Wireshark, burpsuite, Python Scripts

Certification

HP Certified - ArcSight Security Solutions

Certified Ethical hacker ECC17693070675

Training

Completed 7 days SNAS training

Work experience:

Tenure: June 2016 till April 2018 Role: Web Application Audit/Penetration Tester

Project Details: The scope of this assignment was to conduct an assessment of the various applications of the government web hosting service. The scope included conducting application security audits, penetration tests, re-assessment of the application after the fixation of mitigation, presentation and replay of vulnerabilities in front of internal teams and preparation.

Responsibilities:

Application security audit of critical and non-critical web applications which Include platform type’s asp, Asp.Net, VB, Java applications, PHP, CMS based Applications.

Security testing of web applications for vulnerabilities list of OWASP Top 10 and exploitation - Ethical Hacking.

Utilized automated tools such as Metasploit for reducing the attack surface / during the audit process.

Worked on Information gathering, Reconnaissance, Vulnerability analysis, Exploitation and Reporting.

Conducted Penetration Tests and server configuration Audits for several web applications of National Informatics Centre (Government Organization for hosting needs consists of more than 10,000 websites).

Presentation of vulnerabilities and exploits.

Risk analysis and proposing recommendations/countermeasures.

Practice Development: Preparation & review of baseline documents (Checklist, Methodology, reports).

Scoping, Requirement Capturing, Audit Reviews & threat mitigation.

Tenure: Feb 2012 - May 2016 Role:SIEM Administration and Management

Project Details: ArcSight Implementation project of ArcSight Logger, ArcSight ESM and Connector Appliance .

Responsibilities:

Real Time Monitoring / Reporting

Ensure application/OS is updated with patches & bug fixes when released by OEMs.

Resolve all hardware and software issues related to Arcsight and its sub systems by coordinating with OEM (if required). Liaise with Backend support team.

Creation of new SIEM dashboards, rules &reports as demanded by NICNET Users.

Monitor integrated log sources for discontinuity and troubleshoot with required teams towards resolution.

Doing preventive checks and giving suggestions to ensure minimal down time.

Review monthly and quarterly SOC SLA reports to NIC.

Coordinate and provide expertise for developing flex connector for SIEM unsupported log sources.

Network Security Monitoring

Monitor of all the NICNET assets and alerting the concerned security teams for any real or suspected security incident.

Analysis of real-time& archived logs of all the firewalls (network & application) and IPS sensors of NICHQ.

Regular scanning of NIC network for open ports/vulnerabilities and taking the corrective measures.

Initiating remedial steps such as blocking at the firewall /gateway level for abnormal activity in the network.

Security Incident handling

Monitoring of SOC and handling of incidents.

Monitor severity tickets for the incidents as per defined criteria of NIC.

Perform incident and problem management.

Tenure: Mar 2011 to Aug 2011

Organisation : National Informatics Centre

Title : NLRMP-MIS Team Size: 4

Role : Software developer

Description : NLRMP-MIS is an online social commerce web project which is based on Rural Development that deals in funds related to district, subdivision, tehsil and village. With this website National Informatics employee can organize funds, submit proposal from anywhere and use funds which is sanctioned by Department of Land Resources. NLRMP-MIS also have link of Committee Member, Change Password, and Physical Monitoring to promote website. NLRMP-MIS also provides reports Link, Fusion Chats to make it attractive.

Education Qualification

Masters in Computer Applications from Bansthali University India with 70%(2010).

Completed Bachelor in Electronics from Kurukshetra University India with 74%(2007).



Contact this candidate