Post Job Free
Sign in

Security Information

Location:
Beltsville, MD, 20704
Posted:
March 09, 2020

Contact this candidate

Resume:

PRANSHU RAGHAV

adb70c@r.postjobfree.com 678-***-****

EXPERIENCE SUMMARY

Around 5 Years of Experience in Information Security Domain.

Expertise in application and web services penetration testing.

Provided incident management and compliance support across the enterprise infrastructure.

Performing depth analysis of all suspicious, malicious, or anomalous events.

Performed user-level operations using SPLUNK log monitoring tool.

Ability to perform network vulnerability assessments using tools like Nessus, Nmap and Metasploit.

Development knowledge in Python, Fuzzing binaries.

Experienced in many aspects of computer security technologies such as: IDS/IPS, port and vulnerability scanners.

Exposure to open source security tools for vulnerability assessment of both applications and networks namely Kali Linux.

Strong understanding of the basic TCP/IP protocol, DHCP and DNS.

Familiar with security regulations and standards.

Good understanding of risk management framework.

SKILLS:

Virtualization Technology: Amazon EC2.

Languages: Snort, Python, Assemblyx86, TCP/IP protocol OSI 7-layer model, Palo Alto IDS/IPS.

NIST Framework 800-81 Deploying Guidelines for Secure DNS,

NIST Framework 800-53 Risk Mitigation Strategies.

ISO27001. Splunk (basics).

Application proxy: Burp

Suite, Wireshark, Nmap, Net cat, Tcpdump

Vulnerability/ Penetration Testing tool:

Metasploit, Kali, Backtrack, Sqlmap, Nikto, Virus Total.

Debugging tools: Winddbg, IDA Pro Vulnerability Management tools:

OWASP Dir Buster, Nessus, Dir Search

CERTIFICATIONS:

Certified Ethical Hacker CEH (ECC1893742560).

AZ-900 Microsoft Azure Fundamentals Certified.

PROFESSIONAL EXPERIENCE:

Information / Cyber Security Analyst, MD Sept 19 to Present

Maryland Department of Information Technology.

ROLES & RESPONSBILITIES

Experience in supporting a comprehensive SIEM architecture to support real-time security monitoring operations and managing security information and event management (SIEM) infrastructure.

Aided in white listing various Cloud based SaaS applications.

Knowledge and experience supporting, reviewing, or administrating security technologies such as IDS/IPS, log aggregators, Internet and email filters, and next generation threat prevention platforms..

Assisting with drafting security policies and issuing other guidance to agencies on cyber security best practices and alignment with State policy (based on Maryland State Security Manual and ISO 27001-

2013).

Develop POAM (Plan of Action and Milestones) document to take corrective actions.

Assist with all phases of vulnerability management.

Acquires and applies foundational knowledge of State agencies, their products, and processes.

Able to perform daily log analysis and data reporting for various log sources using SIEM applications.

Environment: ISO 27001-2013, POAM (Plan of Action and Milestone) RMF, NIST 800-53, Palo Alto Firewall, Splunk, Service Now, Virtual Box.

Cyber Security Analyst, MD Aug 18 to Jul 19

Spark soft Corporation

ROLES & RESPONSBILITIES:

Demonstrated and used in depth knowledge of application standards OWASP while making reports.

Wrote various mutated fuzzes scripts in Python to attack backend webservers to exploit Server-Side Request Forgery vulnerability.

Evaluate and select arrange of penetration testing tools.

Conducted DAST/ SAST analysis using tools in Kali Linux.

Exposure to working and analyses PCAP files using wire shark and network data with a focus on the determination of whether said events constitute security incidents.

Environment: Python, Wireshark, Nessus, Nmap, Kali Linux, Tcpdump, Sqlmap, Nikto, Virus Total, OWASP Dir buster, OWASP Dirsearch, Metasploit, Burp Suite.

Unix System Security Analyst Mar 14 to Jul 17

All State Insurance

ROLES & RESPONSBILITIES:

Awarded Standing Innovation for identifying the bash script vulnerability CVE2014-6271.

Good understanding and practical experience of ITIL best practices such as Incident management, Problem

and Change Management.

Responsible for patches, configuration and backup for Servers.

Enhanced existing methodology material.

Applying UNIX skills to monitor user related login sand issues.

User administration to create user id and provide access to the Servers handling requests in time.

Actively participate in team meeting to discuss and analyzes production issues.

Incident response liaison between different teams and demonstrated serious leadership skills while acting as pivot in multiple tasks to complete project.

Performing Production server and application maintenance.

Performed accurate and precise real time analysis and correlation of logs/alerts from a multitude of clients’ devices with a focus on the determination of whether said events constitute security incidents.

Environment: Service Now, DNS, DHCP, RedHat, Solaris, Net Back Up, Patching, TCP/IP, Python, iptables, ITIL, Bash.

ACADEMIC QUALIFICATIONS:

M.P.S in Cyber Security University of Maryland Baltimore

County 2019 GPA:3.8/4

PG Diploma in IT Infrastructure, Systems and Security

Center of Development and Computing 2013 GPA:3.5/4.0

Bachelor’s in computer science Institute of Chartered and Financial 2012 GPA:3.07/4

AnalystofIndia 2012 GPA:3.07/4



Contact this candidate