Security Design Cyber

Devesh Ahuja

**** **** **.

Carrollton, Texas ***10

Cell: 973-***-****

Tel: 972-***-****

******@***************.***

CITIZENSHIP STATUS : US citizen. Born and raised in USA.

AVAILABILITY:

Available at a short notice. Willing to travel as much as needed.

EDUCATION and TRAINING:

1.B.S., Computer Science, December 2003 Seton Hall University, South Orange, NJ

2.MBA, Kaplan University. 2009. GPA: 3.82

3.Training in Oracle Database Administration – SQL/PL-SQL, Architecture and Administration, September 2003, Princeton, NJ

4.Training in Red Hat Linux System Administration, RHCT Program – RH033-Red Hat Linux Essentials, RH133-System Administration, April 2004, New York, NY

5.Training in JAVA 2 Fundamentals, April 2004, Princeton, NJ

6.Training in Active Directory 2003, and Active Directory Security

7.Preparing for CISSP exam

8.Training in AppScan

TECHNICAL SKILLS:

SECURITY SKILLS:

Experienced or familiarity with:

IA Services: C&A DIACAP, data encryption and key management

Firewalls,

Mobile security,

Audit/log

Security documentation

PKI

SERVER ADMINISTRATION (Solaris UNIX System, Red Hat Linux):

Installing and Patching the Server with new loads in front/behind the firewall

Executing IP Modification of the Server

LANGUAGES:

JAVA, C, C++, PC Assembly Programming, Scheme Programming, UNIX shell scripts, ORACLE SQL & PL/SQL, Perl (working knowledge), XML, SQL

DATABASES

Oracle SQL, Oracle PL/SQL

PLATFORMS:

Sun Solaris-UNIX, Red Hat-LINUX, Windows (very good with Windows), IBM-AIX, Mercury Quality Center, TCAR, Clarify, MyCOM-Prooptima, Windows Server 2003

PROFESSIONAL EXPERIENCE:

Ten years of IT systems and Security experience.

2015 – Ongoing – U.S. Department of Health and Human Services, Health Resources and Services Administration

Provided SA&A consulting services

2012 – 2016 -- U.S. Department of Health and Human Services, National Institutes of Health, ORS and ORF

Provided SA&A consulting services

Performed and completed, up to ATO, SCA part of SA&A for 20 IT systems during FY 2013.

Worked with System owners on resolving lots of problems/issues or POA&Ms (Plan of Action and Milestones).

Completed SA&A for 2 systems; continued to support SA&A for 5 systems

Identified and helped mitigate multiple weaknesses or non-compliance on on nearly all of the systems

Provided security expertise to system owners to help them understand weaknesses.

Documented the Configuration Management Plan for many systems

August 2009 – July 2014 -- High Performance Computing Modernization Program (HPCMP, Department of Defense)

Developed documentation for DIACAP package to obtain C&A for 7 Centers within HPCMP

Worked on PKI-related projects.

Researched defect tracking systems like Remedy for a Cipher Solutions client.

Experienced with installing PGP, and working with PGP

Worked with Linux and Solaris servers to code cron jobs and simple shell scripts.

Security Research: Worked on Certificate Policies, worked with DRM (Digital Rights Management.

Researched on Mobile Security.

Worked on Secure Incident Response policy.

Researched on aspects of Disaster Recovery.

Wrote a newsletter for a large data storage company:

oMobile Security

oEncryption

Worked on OpenSSL functionality (Open Secure Socket Layer programming)

Worked with anti-viruses such as ESET NOD32, McCaffee

June 2004 – February 2007 UMTS (Universal Mobile Telecommunications System) Testing Engineer - Wireless Test Team. Nortel Networks, Dallas, TX.

Tested various products in JAVA GUI products;

Coded and executed several scripts

Executed test cases using Sun Solaris

Installed, patched up, and maintained Solaris servers,

Installed Main Server in front of and behind the Firewall; and have used syslog style messages while installing the servers

Worked on data analysis using a software called Mycom. Edited Test Cases. Changing Provisioning modes on Passports.

Testing Metrics through a software called Mycom to see what counters and groups are being pinged by the source code of packets and circuits. Tested on Passport products called Media Gateway (Network Gateway, NGW), Wireless Gateway. Also Tested on performance and GUI testing Circuit products such as Trinode MSC / HLR (Mobile Switching Center / Home Location Register), Audio Provisioning Server.

Tested the KPI (Key Performance Indicators) on the CNM (CDMA Network Manager) Server and on the W-NMS (Wireless Network Manager) Performance Server.

Used software to generate alerts and other problem conditions to ensure correct response from the Network managers.

March 2004-June 2004 – Security Analyst, Cipher Solutions Inc. Raleigh, NC.

Researched and wrote a paper on Firewalls and various types of Firewalls. Tested, configured, and documented the functions of a Radius Server.

Summer 2001 - Summer Intern, Test Team, Telcordia Corporation, Piscataway, NJ.

Designed and executed cases through an IBM-AIX System for the SBC Solutions Testing Team

Summer 2000 – Summer Intern, Test Team, Telcordia Corporation, Piscataway, NJ.

Designed and ran test cases an IBM-AIX environment and worked on Data Analysis for the Integration Testing Team

PAPERS AND PRESENTATIONS:

“Encryption for Flash Memory”, Flash memory Summit. San Jose. CA. August 2010

“Cyber Threats”, ISSA Conference. Raleigh. North Carolina. October 15, 2008. Co-presenter

“Mobile Security – Threats and Analysis”. Technical Report for Cipher Solutions. November, 2008

Presented at the ISSA conference 2008, “Cyber Threats: Prevention, Detection and Respond”. October 2008.

VOLUNTEER EXPERIENCE

Kurt Warner Foundation Charity Fundraising, March, 2007

Contact this candidate