Cyber Security Operations Engineer
Resume:
KETHAN KONGARA
Cyber Security Engineer
Email: ac9psw@r.postjobfree.com
Phone: 732-***-****
PROFESSIONAL SUMMARY:
Over 6 Years of experience in IT industry with managing and maintaining various Network Infrastructure, remote support requirements and IT security
As Cyber Security Engineer with implementing new security policies within the security operations team and configuring firewalls and servers. Seeks role directing the development of network and security solutions, including design configuration, and support.
Very good working experience on all three modules of SailPoint, Including Compliance, Governance, and Life Cycle Manager (LCM).
Familiar with network and information system security principles, technologies, and test practices as well as supporting security authorization activities.
Utilized NIST Cybersecurity and ISO 27001 frameworks in discussions with third party vendors
Strong understanding of Application Security Processes, Standards, Security Best Practices and Policies.
Good understanding on seven layers of OSI Model. And worked on Defect Tracking Tools.
Leadership experience in planning, monitoring and passing internal and external security audits and ISO 27001 compliance
Coordinated database PHI classification based on HIPPAA requirements, identified PHI fields were then loaded to Gaudium for use in monitoring
Experience on Run, test and validate Gaudium configuration settings and fully document technical and procedural requirements
Hands-on experience with various Penetration Testing Tools like HP Web Inspect, Acunetix, IBM AppScan, Burp suite, CSRF tester etc.,
Performed web application security assessments considering OWASP top 10 guidelines for wide variety of clients from Financial, Telecom, Insurance Industry.
Excellent command of Cybersecurity organization practices, operations & risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies.
Experience working with multiple vulnerability platforms like Qualys. Possess experience working with SQL Server and oracle databases.
Expertise in Gathering and analyzing metrics, key risk indicators and maintain scorecards defined within the area of information security to ensure our information security program is performing effectively and efficiently
Advanced knowledge, design, installation, configuration, maintenance and administration of Checkpoint, advanced knowledge in IPSEC VPN design connection and protocols, IPSEC tunnel configuration, encryption and integrity protocols.
SKILLS:
Checkpoint (Expert) & Cisco ASA(Advanced)
Symantec suite (Expert) & FireEye Suite (Advanced)
Bluecoat (Advanced) & Qualys (Advanced)
TOOLS:
Programming Languages: C, C++, Python, MATLAB, SQL.
Vulnerability management: Qualys
Compliance & Regulations: HIPAA, PCI-DSS, GDPR, NIST, ISO
Cloud Platforms: AWS, AZURE, Zscaler
Troubleshooting: TCP dump, DNSflush, Wireshark, ProcDump
Network Security: SIEM-Splunk, VPN, Port-security, AAA (TACACS+ &RADIUS)
EDUCATION:
Master’s in Electrical Engineering, University of Missouri-Kansas City, USA
Bachelor’s in Electrical & Electronics Engineering, JNTU, Anantapur, India
CERTIFICATIONS:
CCNA R&S, CCNP R&S and CCNA Security
PROFESSIONAL EXPERIENCE:
Biogen, Weston, MA Sep 2017 to Till Date
Cyber Security Operations Engineer
Used threat metrics from SOC, ATP, NX, HX and SONAR to design reports, dashboards to showcase and report to the team and leadership.
Performed upgrades for the Endpoint security management platforms: Symantec, FireEye
Worked effectively with Email security technologies: Proofpoint and FireEye ETP
Performed vulnerability assessments using Qualys.
Performed incident response analysis and Root cause analysis on the incidents using FireEye HX and Symantec SOC and EDR.
Comfortable with technical elements of network security and design, to include TCP/IP, firewalls, IPS/IDS, and experienced with endpoint solutions including Anti-Virus, Firewall, Malware and Intrusion Detection.
Proficient in Checkpoint and ASA firewall policy modifications and rule cleanup using Tufin.
Use Splunk Enterprise Security to configure correlation search, key indicators and risk scoring framework.
Prevented various malware attacks using IDS and IPS which are identified by signature based and anomaly-based engines.
Provide Support to Enterprise networks as well as Production Data Centers and provide immediate assistance in case of network outages and resolve major incidents for customers daily.
Provide troubleshooting support on global Firewall, IDS, Load Balancing and Proxy infrastructure.
Experienced in Authentication, Endpoint Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Data Loss Prevention (DLP), Identity and Access Management (IAM) solutions
Coordinate Symantec DLP, endpoint protection manager and anti-malware bytes exploit for endpoints agent and software upgrades. Experience in cloud security, threat monitoring, and prevention.
Experience with convert Checkpoint VPN rules over to the Cisco ASA solution and worked on RSA secure IDs to providing VPN Token to Company USERS. Migration with Cisco ASA VPN experience.
Managing Security tools DLP, SIEM, Vulnerability scanner and Penetrations test. Perform automated and manual security assessments to identify configuration and patch related
Identified the vulnerabilities and non-compliant issues in the network and applications using vulnerability scanners and SIEM tools.
Upgrading Gaia OS and maintain Checkpoint software and performed hotfixes.
Building IPSEC VPN tunnels – B2B and remote access VPN in ASA firewalls.
Environment: Checkpoint firewall (R77.7 Gaia and R80), VPN, Cisco ASA Firewall (5510, 5555), Citrix XenApp, Citrix Netscalar, Windows server 2008 and 2012 R, IDS/IPS, SIEM, DMZ, PKI. Qualys vulnerability scanning, FireEye ETP, FIC, HX, NX or Helix, Zscaler, DIA, Symantec Endpoint Protection, ATP, MSS, Bluecoat ProxySG, CAS, Reporter and SSLV, Tufin, VPN tunneling – site to site and remote access.
Verizon, New Jersey Jan 2016-Aug 2017
Network and Security Support Specialist
Managed Firewall deployment, rule implementation and monitoring.
Check Point, Fortinet upgrades deployment and distribution, Site -to- Site VPN configuration and cluster implementation/ configuration.
Vulnerability assessment using tools such as Nessus and Qualys, and implementation of Security Policies. Knowledge in design and deploy of F5 LTM, GTM, APM, ASM solutions.
Worked in IDS/IPS to trigger the alerts which intern used for forensic purposes
Utilized Splunk for monitoring and reporting purposes and to identify potential threats.
Experience with industry recognized SIEM (Security Information and Event Management) solutions such as NITRO, Splunk, Forcepoint and many other tools.
Oversee Vulnerability assessment /penetration testing of scoped systems and applications to identify system vulnerabilities.
Excellent knowledge of FISMA, HIPAA and NIST Compliance usage, rules and regulations
Use Splunk Security Manager to identify threats and assigned category.
Solid Understanding of IBM QRadar.
Assist in the creation of an end-to-end technology strategy for SIEM to address current and future security concerns, emerging threats, regulatory compliance and alignment with technology and the business
Management server HA for fail-over for network management reliability.
Ability to bridge the gap between technical and non-technical persons.
Detail-oriented team player with problem solving skills and the ability to convey technical information in a clear, concise and logical manner.
Documenting the results from the monitoring tools and performance reviews, audits.
Environment: Checkpoint NGX, R75.20, R76, Cisco ASA firewalls, Networking protocols.
CITRIX systems, Bangalore, India Jan 2013-Dec 2014
Cisco Network Engineer
Responsibilities:
Extensive knowledge of planning, designing and supporting Windows network operating systems, installing, configuring, analyzing, and maintaining a business LAN / WAN environment.
Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
Migration with both Checkpoint and Cisco ASA VPN (Checkpoint R75.30 to Gaia R77.30 GA version).
Involved in Big-IP F5 load balancing for internet traffic across web servers using iRules.
Utilize SIEM tools to search log data and perform analysis on events
Strong hands on experience in layer-3 Routing and layer-2 Switching. Dealt with Nexus models like 7K, 5K,2K series, Cisco router models like 7200, 3800, 3600, 2800, 2600, 2500, 1800 series and Cisco catalyst 6500,4500, 3750, 3500, 2900 series switches
Configured FTP server for inside/outside users & vendors.
Enabled STP Enhancements to speed up the network convergence that include Port-fast, Uplink-fast and Backbone-fast.
Configured network access servers and routers for AAA Security (RADIUS/ TACACS+).
Worked on Cisco routers 7200, 3800, 2800 and Cisco switches 4900, 2900.
Key contributions include troubleshooting of complex LAN/WAN infrastructure that include Configured Firewall logging, DMZs & related security policies & monitoring.
Creating Private VLANs & preventing VLAN hopping attacks & mitigating spoofing with snooping & IP source guard.
Hands on Experience working with security issue like applying ACL’s, configuring NAT and VPN.
Configured BGP for CE to PE route advertisement inside the lab environment.
Responsible for Configuring SITE_TO_SITE VPN on Cisco Routers between Head Quarters and Branch locations.
Manage the day-to-day log collection activities of source devices that send log data to SIEM IBM Qradar
Environment: In Corporate office architecture with highly reliable & secured network including Cisco routers (7200,3800,2800), IBM QRadar, Cisco switches (4900,2900, Routing Protocols (EIGRP, RIP, BGP), Switching protocols (VTP, STP, GLBP).
Contact this candidate