SHARAFAT RAY

929-***-**** ad1x6k@r.postjobfree.com

INFORMATION TECHNOLOGY PROFESSIONAL

Dedicated Cybersecurity, NOC and Systems monitoring professional currently providing technical support in a 65000+ user environment. Skilled problem-solver, able to communicate with users at all levels of technical proficiency. Ready to take on the challenge in a more in-depth Cybersecurity field because of the strong knowledge and experience gained during my productive years of experience in the IT field. TECHNOLOGY SUMMARY

Platforms: Windows, Linux

Software/Applications: MS Office 365, Active Directory, Microsoft Exchange, Symantec Antivirus, Remedy Ticketing, Tidal, JIRA, Qualys, Splunk, Nessus, QRadar, MXLookup, Virus-total, Ivanti, Zscaler, McAfee Web-Gateway

Certifications: Google IT Support Professional, CompTIA A+, CompTIA N+, CompTIA Security+, Pentest+, Certified Server Technician, Customer Service Certified PROFESSIONAL EXPERIENCE

Global Operation Center Specialist - GOC Aug/2018 – Present Interpublic Group of Companies Omaha, NE

Monitoring both the WAN and LAN related to the Global Network environment, Global Messaging environment, Active Directory environment, Enterprise Applications using SolarWinds.

Provided key guidance on increased areas of concern to quickly remedy and strengthen deficient policy and procedures implemented at the organization.

Identified vulnerabilities that apply to specific network components; ensure that network components and applications operate effectively and provide appropriate confidentiality, integrity, and availability (CIA).

Log analysis and investigation using Splunk SIEM

Perform network traffic analysis using raw packet data, network flow, Intrusion Detection Systems

(IDS), and custom sensor output from communication networks.

Creating and running different vulnerability scans for the different segments of the network utilizing Nessus

Tracks performance metrics and provides timely updates to CSOC management.

Develop, improve, and help implement best practices for risk reduction across a broad range of enterprise applications, systems, networks, and interfaces.

Virtually eliminated threats from malware, advanced persistent threats, and security breaches.

Following documented escalation procedures for all services and ensuring timely escalation.

Performing Vulnerability scanning using Nessus.

Worked with development team to harden business firewall.

Provisioning and decommissioning servers using VMware® vSphere.

Log investigation using Splunk.

Following IPG’s Standard Policies & Procedures in the completion of duties.

Assisting with Problem Investigations and Technology Change Management as needed.

Gained experience with SEP Monitoring, Cloud File Sync and Share, and PowerShell commands. IT Security Compliance Engineer June/2022 – Aug2023 GC Services Limited Partnership (Intelogix now)

• Conducting Vulnerability scans using Nessus (for workstations) and Qualys (for Servers)

• IBM Qradar Log monitoring and investigation

• Running and designing queries\filters in IBM Qradar

• Implementing Security through Active Directory Polices and Security Groups

• Securing password (Service accounts) by utilizing PasswordState and Thycotic Secrete Server

• Software deployments and inventory by utilizing PDQ Deploy and PDQ Inventory

• Mobile device Management using MobileIron.

• Log Monitoring by utilizing the McAfee Antivirus Repository environment.

• VPN Provisioning with OpenVPN and PulseSecure to setup VPN connections with clients

• Worked with IDP\IPS systems such as FirePower\SourceFire

• Ensuring System and service availability through SolarWinds

• Working with SQL Queries and DataBases

• Setting up Proxy Servers using McAfee

• Microsoft Exchange Administration

• Resolving tickets using Remedy Ticketing Systems

• Running Monthly patches through PDQ

Vulnerability Management Engineer Feb-2020-Feb-2021 TD Ameritrade Omaha, NE

Implemented and administered Qualys SIEM platform for vulnerability management

Configured and automated scans and reports in Qualys

Monitored Zscaler’s Cloud access security broker (CASB) for DLP and policy enforcement.

Evaluate and review assessments of CASB security framework to ensure policies and procedures.

Provided real time intrusion detection and host-based monitoring services using SEP.

Conduct Networking Monitoring and Intrusion Detection Analysis

Responsible for applying standards for each platform (Windows, Unix) with application like Symantec Control Compliance Suite.

Assisted in managing Tenable Nessus Security across multiple platforms.

Conducted exploitation using Nmap and Metasploit Framework and implemented security policies within the client’s infrastructure.

Generated scheduled and ad-hoc reports for different vulnerability scans using IBM QRadar

Categorized and prioritized vulnerabilities based on MITRE ATTACK level using the different QRadar tools in dashboard and recommend remediation steps for different teams.

Performed intermediate threat management, threat modelling, threat vector identification and develop use cases for security monitoring.

Provided Tanium support for the AWS cloud solution by Implementing Multifactor Authentication

(MFA) for AWS root accounts, password rotation policies.

Knowledge on Azure cloud IaaS, SaaS and PaaS services. Deployment, maintenance and troubleshooting applications on Microsoft Azure Cloud infrastructure.

Produce vulnerability, configuration, and report metrics to demonstrate assessment, coverage, and remediation effectiveness by using Nexpose.

Responsible for creating, recovering, and revoking PKI credentials.

Review and update System Security Plan (SSP) based on findings from Assessing controls using different cybersecurity best practices and frameworks.

Collaborated with the SOC and Command Center teams while mitigating risks or resolving issues.

Worked with CVSS, CCE and CVE for standardizing the vulnerability score and risk prioritization.

Utilized Remedy, JIRA and Tidal for ticket and documentation purposes. Cyber Security Intern Feb/2018 – July 2018

Interpublic Group of Companies Omaha, NE

Vulnerability scanning using Nessus.

Generating scan reports and sending it to the requesting party

Monitored the Phishing and Spam folder and investigated malwares using Symantec Messaging Gateway, MXLookup toolbox, Virustotal, Senderbase and Malware Analysis tools.

Worked in AD (user setup, OU setup and password setup).

Worked on resolving tickets using the Remedy ticketing system.

Resolved more than 90% of Messaging tickets which consists of Mailbox Restore, Ping fail, Mail Relay, Public and Shared folder issues, before escalating it to the nest tier.

Email tracing using CISCO-IronPort and Proofpoint

Editing Polices and updating it to newer version. Sr. Employment Specialist Feb/2017 – Aug/2018

MAXIMUS Employment First, Lutheran Family Services Omaha, NE

Conducted Participant Orientation and Assessments (O&A) & created Service Plans

Reporting Participant weekly and daily activities in the NE state database (NFOCUS)

Scanned and submitting documents to NFOCUS for future references.

Managed complex employment cases with a wide range of client skills and education.

Created mentoring program’s community engagement and monthly networking seminar. R&P Case Manager Jun/2016 – Feb/2017

Lutheran Family Services Omaha, NE

Created cases-files upon receipt for the newly arrive refugees and furnished housing for them.

Applied for public benefits for refugees within the first week of arrival.

Conducting Participant Orientation and Assessments (O&A) & creating Service Plans

Maintained records for refugees in their related casefiles for their first 90-days here in the U.S.A

Referred refugees to related organizations after the 90-day period. Math Tutor Aug/2015-May/2016

Metro Community College Omaha, NE (Part-Time)

Tutored Pre-College Algebra and College Algebra

Helped students with their homework assignments. Sales Associates Jul/2014 – Jun/2015

Wankel’s Hardware Manhattan, NYC

Operated cash registers.

Maintained sales floor appearance and directed customers to merchandise. Linguist Jun/2006 – Jun/2014

U.S. Army/U.S. Embassy Kabul, Afghanistan

Translating between U.S. and Afghan soldiers during the combat and during local meetings

Court translation

Document translation

Translated the Forensics and Arms training manual for Afghan soldiers.

Advising the U.S. troops in cultural issues

EDUCATION

Completed:

Penterst+, Security+, Network+, A+, CompTIA

Google IT Support Professional, Coursera in partnership with Google A.A. in Information Technology-Cybersecurity, Metro Community College, Omaha, NE Certified Server Technician, Metro Community College, Omaha, NE On-Going:

Bachelor in Cybersecurity (On-going), University of Omaha in Nebraska System Security Certified Practitioner (SSCP)

Certified Information Systems Auditor (CISA)

References available per request.

Contact this candidate