Security Information
Resume:
Venkata L Unnam
*******.***@*****.***
SUMMARY:
5+ Years of experience in Cyber Security Analysis and Forensics Investigation, product support and Share Point Administration of various applications including Web, Windows, Portal Application using Share Point 2010 and 2013.
Experience understanding of the life cycle of network threats, attacks, attack vectors, and methods of exploitation with an understanding of intrusion set tactics, techniques, and procedures.
Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth, and common security elements.
Hands-on experience analyzing high volumes of logs, network data (e.g. NetFlow, Full Packet Capture), and other attack artifacts in support of incident investigations.
Experience and proficiency with any of the following: Anti-Virus, HIPS, IDS/IPS, Full Packet Capture, Host-Based Forensics, Network Forensics.
Experience with malware analysis concepts and methods and Privileged Access Management (PAM)
Familiarity or experience in Cyber Kill Chain methodology.
Knowledge of Virtualization and Cloud security and Cloud Based Security Broker (CASB)
Knowledge of Linux, UNIX, Windows (including Active Directory) and other operating systems.
Knowledge of popular databases such as MSSQL, Oracle, and MySQL.
Flexible team player, hard-working, and possess excellent communication and customer-facing skills.
Manual Penetration Testing Experience (i.e. mapping applications, injecting SQLi, XSS)
Web Application Tool Experience (i.e. Burp, AppScan, WebInspect)
Penetration Testing Tool Experience (i.e. Nmap, Nessus, Wireshark, Metasploit, Hydra, John)
Extensive knowledge of Web application, social engineering,Hacking web servers, Sql injection,system hacking,IDS,Firewall & Honeypots,Virus and Worm and Trojan .
Knowledge of cryptography,Knowledge on forensics such as Investigative Process, Digital Evidence, First Responder,Data Acquisition,Access Data, Image Files,Application Password Checkers
Expert in Creating, Configuring and Customizing Web Application, Site Collections, Site Definitions, Event, Document Libraries, List, Wikis, Blogs, List Alerts, User Permissions and Deploying Solution Packages.
Configuration and administration of logging aggregation and security event monitoring tools (like Industrial Defender, Splunk, etc.)
Performed PCI-DSS and PA-DSS assessments.
Education :
Bachelor degree of computer science & engineering
CERTIFICATIONS:
Certified Ethical Hacker and Computer Forensics Investigator.
TECHNICAL PROFICIENCY:
Networking Technologies : CCNA, CCNA Security ( Routing, Switching and Firewall networks)
Windows, UNIX and Linux operating systems
C, C++, C#, Java, PERL
Network servers and Security tools: Kali,Wireshark, hacking tools, Nessus, Nmap, Burp, etc.
Security frameworks: (e.g. ISO 27001/27002, NIST, HIPPA, SOX, etc.)
Security tools and products (Fortify, AppScan, etc.)
Share Point Technology: SP2013, SP2010, SP Designer 2010, InfoPath 2010/2007, Project Server 2010.
EXPERIENCE:
IQTaxAppeals llc, IL March 2016-Till Now
Security Analyst and Computer Forensic
Description:
Maxrefund.tax is a MLM based tax filing system, This system collects the documents from the users and process these documents, to do e-filing and submit to IRS on behalf of the customers, This system will provide the portal for every user,This systems needs a lot of high security, since it has every customers personal financial information .
Responsibilities:
Performed penetration testing and risk assessments
Used penetration testing tools, including Kali Linux, Burp, Nmap, Wireshark, Nessus, Metasploit, Core Impact, and Cobalt Strike
Used with Perl, Ruby, Python, or equivalent scripting languages
Used network protocols and common vulnerabilities and attack vectors, including OWASP Top 10
Performed formal penetration tests on web-based applications, networks and computer systems
Conduct physical security assessments of servers, systems and network devices
Design and create new penetration tools and tests
Probe for vulnerabilities in web applications, fat/thin client applications and standard applications
Pinpoint methods that attackers could use to exploit weaknesses and logic flaws
Employ social engineering to uncover security holes (e.g. poor user security practices or password policies)
Incorporate business considerations (e.g. loss of earnings due to downtime, cost of engagement, etc.) into security strategies
Research, document and discuss security findings with management and IT teams
Review and define requirements for information security solutions
Work on improvements for security services, including the continuous enhancement of existing methodology material and supporting assets
Provide feedback and verification as an organization fixes security issues
customers, This system will provide the portal for every user,This systems needs a lot of high security, since it has every customers personal financial information .
IQTaxAppeals llc, IL Nov 2015-March2016
Security Analyst and Computer Forensic
Description:
IQTaxAppeals.com is MLM based home tax appeals system, This system collects the information the appeal request users and calculates the home tax reduction prices, And in the back end system attorney’s prepare the required documentation and submits to each and every county home tax appeal systems.
Responsibilities:
Performed penetration testing and risk assessments
Used penetration testing tools, including Kali Linux, Burp, Nmap, Wireshark, Nessus, Metasploit, Core Impact, and Cobalt Strike
One+ years of experience with Perl, Ruby, Python, or equivalent scripting languages
Used network protocols and common vulnerabilities and attack vectors, including OWASP Top 10
Performed formal penetration tests on web-based applications, networks and computer systems
Conduct physical security assessments of servers, systems and network devices
Design and create new penetration tools and tests
Probe for vulnerabilities in web applications, fat/thin client applications and standard applications
Pinpoint methods that attackers could use to exploit weaknesses and logic flaws
Employ social engineering to uncover security holes (e.g. poor user security practices or password policies)
Incorporate business considerations (e.g. loss of earnings due to downtime, cost of engagement, etc.) into security strategies
Research, document and discuss security findings with management and IT teams
Review and define requirements for information security solutions
Work on improvements for security services, including the continuous enhancement of existing methodology material and supporting assets
Provide feedback and verification as an organization fixes security issues
customers, This system will provide the portal for every user,This systems needs a lot of high security, since it has every customers personal financial information .
BCBSA, IL April 2014-May 2015
Description:
BCBSA implemented an Intranet solution utilizing SharePoint to cater to various Department needs which enables teams to work together by providing an intuitive, flexible, and secure capability for sharing information. SharePoint also served as a Knowledge Management repository to review and publish documents and utilizing search features for locating relevant data and content distributed across a wide range of sites. The platform was also used to host Business Applications for the delivery of business critical information using a wide range of solutions including server based Excel spreadsheets, SQL Reporting and KPI tools and for Project Management
Responsibilities:
Involved in configuration, administration and maintenance of SP2010,Involved in planning activities of SP 2010 to 2013 migration.
Managed all aspects of the SharePoint environment including availability, reliability, performance, monitoring and security of the farm.
Managing platform infrastructure, implementing applicable system upgrades and enhancements, provisioning user sites and access.
Handling administration and support of existing environments and future upgrades, apply service packs and updates within a predefine maintenance window, and research solution to problems related to environment
Ongoing SharePoint support - Analyzing and determining alternatives and taking actions to correct problem areas.
Used Share Point Health Analyzer to fix potential problems for all servers across the server farm.
Configured better Contextual search and excel services.
Used Share Point Client Model to access and modify application component and reconfigure the default configuration at various levels of the application.
Involved in designed and deployed Web applications, site collections, sites, Templates, Views, and Lists.
Created connectable web parts by creating custom interface to classify information based on a specific instance of identifier of the entity.
Configured my profiles and my sites in SP2010,Configuring reporting service for share point 2010 integration
Configured Share Point Server and document library to accept incoming and outgoing e-mail.
Designed various forms like Association, Initiation, and Task Edit using InfoPath.
Involved in creating approval Workflows using Share Point Designer 2010.
Created Dashboards using Share Point Designer 2010 and deployed in SP2010.
Used Access Services to publish access database in SP2010,Used managed metadata services for modeling and deploying corporate Taxonomy.
Used Quest Recovery Manager for Share Point backup,Used Windows Power Shell (Share Point 2010 Management Shell) to deploy, backup, restore and number of out of the box cmdlets.
Successfully installed and configured the Quest Site Administrator tool .
Environment:SP2010,SP2013, SP 2010 Designer, InfoPath 2010, MS Office 2010,Active Directory, SQL Server 2008R2, Windows server 2008R2.
TARGET CORPORATION,INDIA March2012-Feb2013
Share Point Admin
Contact this candidate