Nonitha Rama Rajeshwari

Email: ad05w4@r.postjobfree.com

Mobile: 734-***-****

PROFESIONAL SUMMARY:

●Highly skilled Cybersecurity professional with 4 years of experience in developing and implementing comprehensive security solutions. Proven track record in reducing security incidents caused by human error by 50%, improving overall security posture, and minimizing the impact of security incidents on business operations. Exceptional skills in conducing vulnerability assessments, managing security incidents, and collaborating with cross-functional teams to implement teams to implement security controls and solutions.

●Oversee Vulnerability assessment/penetration testing of scoped systems and applications to identify system vulnerabilities.

●Hands on experience for development, implementation, and administration of cloud security policies, standards, and procedures, adhering to industry best practices for cloud native applications.

●Experience on Creating, building, and implementing cloud security mitigations application cloud software development utilizes cloud computing and services in public, private, and hybrid clouds environments.

●Expertise in Gathering and analyzing metrics, key risk indicators and maintain scorecards defined within the area of cloud native security to ensure our security program is performing effectively and efficiently.

●Experience in managing Linux Administration and configuring the tools by own on the server infrastructure.

●Expertise in performing Application Security risk assessments throughout the SDLC cycle.

●Interacted with IT support teams troubleshooting applications supported by F5 LTM.

●Monitored F5 networks and reported on traffic and statistics to maintain appropriate performance.

●Designed and deployed F5 LTM and GTM load balancer infrastructure per business needs.

●Responsible for Cisco ASA firewall administration, rule analysis, rule modification.

●Worked on change management documentation of network infrastructure design using Microsoft Visio.

●Performing setup of test scenarios, both hardware and software components, and performing troubleshooting.

●Managing the project task to migrate from Cisco ASA firewalls to checkpoint firewalls.

●Configured and performed troubleshooting on link state protocols like OSPF in single area and multiple areas.

●Redesigned internet connectivity infrastructure for meeting bandwidth requirements.

●Involved in implementing cloud security and hardening, in GCP by defining and implementing Identity and Access Management Security Policies.

●Experience on performing External and Internal Network Security Audit.

●Network design, escalation support, network administration, and systems administration. Skilled in delivering technical support, managing network operations, and maintaining enterprise-wide area networks across multi-platform and high-uptime Data Center environments

SKILLS:

Technical Skills:

Cisco 7600, 7500, 7200, 3800, 3600, 2800, 2600, 2500, 1800, 1700, 800 series

Switches: Nexus 9K/7K/5K/2K; Cisco Catalyst 6500, 4500, 3850, 3560, 3750, 2960

IP Routing Protocols: BGP, OSPF, EIGRP, IGRP

AAA TACAS RADIUS: ACS 5.5/5.7/5.8, ISE2.4/2.1

Firewalls: Cisco ASA 5500, Checkpoint R80 Gaia

Switching Technologies: VLAN, VTP, STP, RSTP, MPLS, IEEE 802.1Q, VTP, Inter-VLAN routing

Wireless Technology: Cisco 5500, 6500 series controller, Cisco AP, LWAP, Access Points

Microsoft Visio, Solar Winds, Kiwi Tools, Splunk, and MS Office applications

Capacity planning, Network Security, WAN

CLI, Network troubleshooting, Access, Troubleshooting

BYOD Program Implementation, Wireshark software

Operational Improvement, Regulatory Compliance, Project Organization

Web Application Security Tools:

Web inspects Burp Suite, NMap, Nessus, Wireshark, Splunk, Metasploit Framework,

Jenkins setup, maintenance, and CI/CD, Git and GitHub, Jira and Confluence, architecture, and tools

Certifications:

CCNA, CEH, CompTIA Security+, OSCP (Training)

Programming Languages:

Python

Servers: Putty

Operating system: Kali Linux, Windows.

PROFESSIONAL EXPERIENCE

Itron Nov 2022- Till date

Role: Network Security Engineer

Responsibilities:

Worked extensively on device profiling, authentication and authorization mechanisms using AAA, RADIUS, TACACS+, 802.1x, Posture Compliance Policies, Access and Controls, and Remediation Process.

Working as Network Access Controls (NAC) ISE Administrator in planning and designing Clients global network for Network Access Solution across Wireless, SSL-VPN, and Wired Networks.

Working on design, implementation and maintenance of Cisco Identity Service to support posture, profilings, and enforce compliance across remote VPN, wireless, and wired networks.

Managed and configured Cisco Identity Service Engine (ISE) with 802.1X for corporate users including Wireless BYOD, wired network users, IP phones and printers (requiring Mac Address Bypass (MAB).

Worked Extensively on Access Control Policies consisting of VLAN switching through SNMP, applying downloadable ACLs through Cisco ISE, and Configuring Standard and Extended ACLs locally and on upstream switch's for Cisco NAC.

Upgraded Cisco ISE consisting of 40 ISE servers North America wide from legacy version 2.1 to 2.4 without affecting business operation.

Implemented TACACS+/ RADIUS authentication/authorization on Cisco ISE for central management of all network devices across US.

Worked on Enforcement policies for auto-remediation of non-complaint devices and remediating devices that are misconfigured or are missing an 802.1x supplicant.

Configuring probes in Cisco ISE to collect device information connected on to company's switches and external Routers.

Integrating Cisco ISE with Load balancer (Citrix NetScaler and F5 LTM) to manage traffic between multiple ISE PSN nodes in order to provide AAA services.

Assist in deploying and troubleshooting PKI/Certificate based authentications.

Issued Digital certificates through PKI system to secure connect for both public web pages and private systems.

Planning, designing and Configuration of various Policy Configurations, Profile Authorizations, End device Profiling, User Identities, Cisco ISE and AD mapping with various attributes and levels of authorizations and Network Access.

Share knowledge with the team members and different TAC teams in my area of expertise including creation of guides.

Working on the design and implementation of the Guest Network environment(Visitor, Employee) and BYOD for NAC solution.

Monitoring and alert management of all components related to the ISE NAC solution and providing ongoing maintenance and support of solution components ( patching, upgrades, capacity reviews and lifecycle management).

Engaging across other GIS infrastructure domains to address ISE SUPPORT issues (PKI, server, Load Balancer, WAN, Web Acceleration, Security, AnyConnect).

Capacity planning and primary coordinator to manage and develop ISE security projects.

Gather Engineering Requirements for migrating applications, and create architectural diagrams showing the process flow.

Managed company Bring Your Own Device program, onboarding employee devices and verifying absence of inherent security threats.

Accenture Mar 2019 – Dec2021

Role: Information Security Engineer

Responsibilities:

●Conduct Penetration testing on web applications, mobile applications and web services to ensure the compliance requirements are met.

●Responsible to assess the security controls of web applications to identify gaps.

●Perform validation on design features to test authentication, authorization, accountability of web applications.

●Ensure the issues identified are reported as per the reporting standards and communicate the findings with the development team.

●Perform Static code analysis during the development phase to identify security issues prior to deployment.

●Validate the false positives and reporting issues.

●Performed manual security assessments to rule out false positives generated by automated tools.

●Involve in requirements gathering and analysis phases of project to understand application functionality.

●Actively involved in the release management process to ensure all the changes of the application had gone through security assessment.

●Run internal and external Network Vulnerability scans at least quarterly after any significant change in network such as a new system component, installations, and changes in network topology, firewall rule modifications and product upgrades.

● Identify security flaws within the organization's infrastructure and make risk-based recommendations for remediation.

Tech Mahindra Oct 2017 to Dec 2019

Role: Penetration Tester

Responsibilities:

●Performed manual security testing (Penetration Testing) on critical client applications.

●Uncovered high vulnerabilities at the infrastructure level for internet facing websites.

●Security assessment of online applications to identify the vulnerabilities in different categories like Input and data Validation, Integration, Authentication, Authorization, Auditing and logging.

●Communicating and coordinating day-to- day project activities within the project team and assure that priorities are developed and known.

●Create Vulnerability Assessment report detailing exposures that were identified, rate the severity of the system, and suggestions to mitigate any exposures and testing known vulnerabilities

●Security Consultant specializing in Data Loss Prevention and large infrastructure encryption.

●Used network analysis tools to identify vulnerabilities.

●A good understanding of network and web related protocols (such as TCP/IP, UDP, HTTP, HTTPS, protocols)

Education:

●Bachelors in Technology (CSE): Marri Laxman Reddy Institute of Technology and Management

●Master of Science in Information Science: Trine University

Contact this candidate