Information Security Engineer
Resume:
Kumar
adgn78@r.postjobfree.com
PROFESSIONAL SUMMARY:
7+ years of experience in Database Administration and Database Activity Monitoring, SIEM.
Experience with set-up, configuration, and troubleshooting of DAM applications like IBM Infosphere Guardium, jSonar - SonarG and SIEM-Splunk.
Experience in data protection, I automated sensitive data discovery and classification, real-time data activity monitoring and cognitive analytics to find unusual activity around critical data.
Experience in securing against unauthorized data access by learning regular user access configurations and configured real-time alerts on suspicious activities.
Architect infrastructure design for the deployment of Guardium Database monitoring solution for the entire enterprise (3000 servers).
Extensively worked IBM Guardium and implemented across databases like SQL, DB2 and Oracle, Mainframe, Sybase, EXADATA MS SQL server to meet regulatory requirements and company standards
Monitoring Guardium environment on a daily basis and troubleshooting problems which includes configuration of unit utilization, Aggregation/Archive errors, Audit log errors and Schedule job exceptions errors.
Participate in information security audits ensuring technical compliance with security related regulatory requirements (PCI, SOX.)
Experience in Guardium data activity monitoring processes, protocols, and automation methods by working with the technical leads on Service Delivery teams to communicate technical designs and resolved implementation details for all network, server, storage and software components.
Set up HADR (High Availability Disaster Recovery) which allows SonarG servers in active/passive configuration for the purposes of disaster recovery.
Conduct Vulnerability assessment and discover sensitive data for Databases which have high risk in- scope.
Strong Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, License model.
Actively Monitoring Network to minimize the risk exposure, by blocking the unauthorized IP to protect from security breaches and perform root cause analysis for such incidents and prevent such future incidents across the Network.
Perform root cause analysis to identify gaps using SonarG and provide technical and procedural recommendations that will reduce client exposure to cyber-risks.
Experience with Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add- On’s, Dashboards, Clustering and Forwarder Management.
Knowledge on Configuration files in Splunk (input.conf, props.conf, Transforms.conf, Output.conf)
Implemented DAM(Guardium) and SonarG integrated with SIEM for log analysis and correlation.
Experience in creating SonarG reports pipeline and able to schedule the reports.
Take care about the Databases Backups, Recovery Models, and Database backup plan.
Implemented Tanium to bring back inactive Guardium agents.
Education AND Certifications:
Bachelor of Technology from Acharya Nagarjuna University
Splunk - Certified Power User
Technical Skills:
SIEM: Splunk
Cloud: Amazon Web Services(AWS), Azure
Programming: Python
Database: Microsoft SQL Server, Mango DB
Tools: Guardium, SonarG, Splunk, Chef, Service Now, Tanium.
American International Group (AIG), Fort Worth, TX Jan 2016 – Till date
Information Security Engineer
Installation and configuration of STAP (Agent) software on UDB DB2/Oracle/Sybase on AIX or SOLARIS or LINUX and SQL Server 2012 on Windows Server 2012 R2 and Configure database traffic monitoring and forwards the data to Guardium collectors for audit and security compliance purposes across organization.
Prepare reports from SonarG pipelines for distribution to application owners/ Business units for SOX, PCI and Internal audit compliance.
Reviewed, evaluated, lead implementation of database activity monitoring infrastructure Guardium across Scholastic's databases to meet internal/external audit and regulatory requirements SOX, PCI.
Performed diagnostics and troubleshooting of system issues like aggregation/archive, disk space, schedule job exceptions, Inactive agents, export/import failures, no traffic from agents, sniffer restarts.
Participate with other experts throughout the company to plan, test, and improve SIEM (Security Information and Event Management) and DAM capabilities using Splunk Enterprise, Guardium and SonarG.
Provide expert input on Monitoring process definition and support the development and maintenance of documented playbook procedures, knowledge articles, and training material.
Provide ongoing mentorship to other Cyber Analysts and liaise with members of other gCDC(Global Cyber Defense Center) functions to assess and mitigate the risks posed to Organization by identified threats.
Perform root cause analysis to identify gaps using SonarG and provide technical and procedural recommendations that will reduce exposure to cyber-risks.
Set up HADR (High Availability Disaster Recovery) which allows SonarG servers in active/passive configuration for the purposes of disaster recovery.
Communicate effectively with other stakeholders of our Monitoring and response efforts, including representatives of the business units, technology specialists, vendors, and others.
Develop workflows, standards and best practices based on the events occurred in the past.
Build use cases for different Security applications to protect the environment.
Experian, Allen, Texas April 2015 to Jan – 2016
Database Activity Monitoring (DAM)
Deploy and setup configuration for IBM Guardium (V8/V9) to ensure collectors, aggregators, load balancers, agents (S-TAP, Guardium Installation Manager (GIM), and ATAP) and change Audit system (CAS) are properly installed.
Configure and deploy IBM Guardium to ensure collectors/aggregators, load balance, software TAP agent (S-TAP).
Partnered with DBAs and server teams to deploy S-Tap agents for SQL Server, DB2/z mainframe, DB2 distributed Oracle and Teradata.
Ensure operations are normalized and monitored to include Guardium Central Manager reporting and alerting for infrastructure fault and fail overs as well as monitored security events.
Participated in management, configuration, upgrade of IBM Guardium S-Tap, patching’s, inspection engines, collector(s) and other operation devices in large scale network
Periodically review report definitions and results against business requirements.
Documented, deployed and implemented database security tool to align with new compliance initiatives and regulations for data activity monitoring.
Administered User Access appropriate to the role. Also, Maintained GUI admin, accessmgr and CLI account passwords.
Defined S-Gate configurations to prevent intrusion on sensitive data based on corporate policies.
Used cli troubleshooting commands to send Must-Gather information on unforeseen issues and worked with IBM support teams.
Created alerts on the requests from managers for certain tasks.
Analyzed security-based events, risks and reporting instances.
Experience in troubleshooting inactive agents by automating with BladeLogic.
Alinar Medical Services, Hyd, India March - 2014 to Dec -2014
Intern - Database Administrator
Consulting with top management in order to understand their requirements and the role of the database systems.
Helped with scripting up monitoring jobs for alert log, and space alerts.
Establishing Entity Relationship Diagrams to help quicken the data processing and data flow.
Conducting database normalization with the intention of reducing redundant data and to increase dependency of tables.
Designing user friendly Graphical User Interfaces for quick and easy access of the company's data.
Composing SQL queries with the purpose of query maximization.
Did imports of database tables in our dev/qa environments.
Constantly updating and improving VB.Net programming code in order to enhance the performance of the database management system.
Work with application developers in order to assist in modifying the database structure as necessary.
Contact this candidate