Pavan

adnuo6@r.postjobfree.com

+1-707-***-****

PROFESSIONAL SUMMARY:

8+ years of experience in Database Activity Monitoring, SIEM, Information Security, GRC, vulnerability management.

Experience with set-up, configuration, and troubleshooting of DAM applications like IBM Infosphere Guardium, jSonar - SonarG and SIEM-Splunk, Qualys, Varonis, Imperva.

Moderate and contribute to the support forums (specific to Azure Networking, Azure Virtual Machines, Azure Active Directory, Azure Storage, Azure Security Center) for Microsoft Developers Network including Partners and MVPs.

Security assessment of online applications to identify the vulnerabilities in different categories like Input and data Validation, Authentication, Authorization, Auditing & logging.

Architect infrastructure design for the deployment of Guardium Database monitoring (DAM) solution for the entire enterprise (5000 servers).

Extensively worked IBM Guardium and implemented across databases like SQL, DB2 and Oracle, Mainframe, Sybase, EXADATA, MS SQL server to meet regulatory requirements and company standards.

Monitoring Guardium environment on a daily basis and troubleshooting problems which includes configuration of unit utilization, Aggregation/Archive errors, Audit log errors and Schedule job exceptions errors.

Experience in data protection, I automated sensitive data discovery and classification, real-time data activity monitoring and cognitive analytics to find unusual activity around critical data.

Experience in securing against unauthorized data access by learning regular user access configurations and configured real-time alerts on suspicious activities.

Data security aspects, including Data Discovery and Classification, and Data Loss Prevention.

Participate in information security audits ensuring technical compliance with security related regulatory requirements (PCI, SOX.)

Experience in Guardium data activity monitoring processes, protocols, and automation methods by working with the technical leads on Service Delivery teams to communicate technical designs and resolved implementation details for all network, server, storage and software components.

Set up HADR (High Availability Disaster Recovery) which allows SonarG servers in active/passive configuration for the purposes of disaster recovery.

Conduct Vulnerability assessment and discover sensitive data for Databases which have high risk in- scope.

Strong Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, License model.

Actively Monitoring Network to minimize the risk exposure, by blocking the unauthorized IP to protect from security breaches and perform root cause analysis for such incidents and prevent such future incidents across the Network.

Perform root cause analysis to identify gaps using SonarG and provide technical and procedural recommendations that will reduce client exposure to cyber-risks.

Experience with Splunk Searching and Reporting modules, Knowledge Objects, Administration, Add- On’s, Dashboards, Clustering and Forwarder Management.

Knowledge on Configuration files in Splunk (input.conf, props.conf, Transforms.conf, Output.conf)

Implemented DAM (Guardium) and SonarG integrated with SIEM for log analysis and correlation.

Experience in creating SonarG reports pipeline and able to schedule the reports.

Knowledge on blue coat proxy policies and configurations.

Implemented Tanium to bring back inactive Guardium agents.

Create and implement policies, procedures, training and communication of the new policies and procedures to support these projects.

Prevent data loss and service interruptions by researching new technologies that will effectively protect the environment.

Technical Skills:

SIEM: Splunk

Cloud: Azure

Programming: PowerShell, Shell & Python

Database: Microsoft SQL Server, Oracle,Db2,Exadata,Sybase

Tools: Guardium, SonarG, Splunk, Tanium, Blue Coat Proxy, Qualys, Varonis, Imperva, FireEye, Chef, Service Now.

Security Framework: NIST

American International Group (AIG), Fort Worth, TX Jan’ 2017 – Until Now

Information Security Engineer

Deploy and setup configuration for IBM Guardium (V8/V9/v10/v11) to ensure collectors, aggregators, load balancers, agents (S-TAP, Guardium Installation Manager (GIM), and ATAP) and change Audit system (CAS) are properly installed.

Installation and configuration of STAP (Agent) software on UDB DB2/Oracle/Sybase on AIX or SOLARIS or LINUX and SQL Server 2016/2012 on Windows Server 2012 R2 and Configure database traffic monitoring and forwards the data to Guardium collectors for audit and security compliance purposes across organization.

Prepare reports from SonarG pipelines for distribution to application owners/ Business units for SOX, PCI and Internal audit compliance.

Reviewed, evaluated, lead implementation of database activity monitoring infrastructure Guardium across Scholastic's databases to meet internal/external audit and regulatory requirements SOX, PCI.

Performed diagnostics and troubleshooting of system issues like aggregation/archive, disk space, schedule job exceptions, KTAP/ATAP issues, Inactive agents, export/import failures, no traffic from agents, sniffer restarts.

Working directly with clients nationwide to architect, implement and integrate security monitoring solutions for structured and unstructured data including DAM, vulnerability assessment, Data Discovery.

Design and implementation of Data Encryption, Masking and Data Loss Prevention Solutions.

Participate with other experts throughout the company to plan, test, and improve SIEM (Security Information and Event Management) and DAM capabilities using Splunk Enterprise, Guardium and SonarG.

Provide expert input on Monitoring process definition and support the development and maintenance of documented playbook procedures, knowledge articles, and training material.

Participate with other experts throughout the company to plan, test, and improve SIEM (Security Information and Event Management) capabilities using Splunk Enterprise, Qualys.

Provide ongoing mentorship to other Cyber Analysts and liaise with members of other gCDC (Global Cyber Defense Center) functions to assess and mitigate the risks posed to Organization by identified threats.

Perform root cause analysis to identify gaps using SonarG and provide technical and procedural recommendations that will reduce exposure to cyber-risks.

Set up HADR (High Availability Disaster Recovery) which allows SonarG servers in active/passive configuration for the purposes of disaster recovery.

Communicate effectively with other stakeholders of our Monitoring and response efforts, including representatives of the business units, technology specialists, vendors, and others.

Develop workflows, standards and best practices based on the events occurred in the past.

Build use cases for different Security applications to protect the environment.

Analyze and understand database usage, identify risky behavior and assist in developing DAM monitoring

Experian, Allen, Texas Sep 2015 to Dec - 2016

Database Activity Monitoring (DAM)

Deploy and setup configuration for IBM Guardium (V8/V9) to ensure collectors, aggregators, load balancers, agents (S-TAP, Guardium Installation Manager (GIM), and ATAP) and change Audit system (CAS) are properly installed.

Configure and deploy IBM Guardium to ensure collectors/aggregators, load balance, software TAP agent (S-TAP).

Partnered with DBAs and server teams to deploy S-Tap agents for SQL Server, DB2/z mainframe, DB2 distributed Oracle and Teradata.

Ensure operations are normalized and monitored to include Guardium Central Manager reporting and alerting for infrastructure fault and fail overs as well as monitored security events.

Participated in management, configuration, upgrade of IBM Guardium S-Tap, patching’s, inspection engines, collector(s) and other operation devices in large scale network

Periodically review report definitions and results against business requirements.

Documented, deployed and implemented database security tool to align with new compliance initiatives and regulations for data activity monitoring.

Administered User Access appropriate to the role. Also, Maintained GUI admin, accessmgr and CLI account passwords.

Defined S-Gate configurations to prevent intrusion on sensitive data based on corporate policies.

Used cli troubleshooting commands to send Must-Gather information on unforeseen issues and worked with IBM support teams.

Created alerts on the requests from managers for certain tasks.

Analyzed security-based events, risks and reporting instances.

Experience in troubleshooting inactive agents by automating with BladeLogic.

Prepare impact assessment reports that document security breaches and the extent of the damage caused by the breaches.

Participate in firm wide and other department projects / initiatives as a GRC representative / subject matter expert to provide GRC guidance and interpretation of rules, regulations, risks, and best practices.

Create and implement policies, procedures, training and communication of the new policies and procedures to support these projects.

Conducts application security assessments using off-the-shelf or internally developed exploitation tools to execute manual testing for advanced attacks.

Vibertech Solutions, Hyd, India Jun - 2013 to July - 2015

Security Engineer

Responsibilities:

Installation and configuration of STAP (Agent) software on UDB DB2/Oracle/Sybase on AIX or SOLARIS or LINUX and Windows Servers and Configure database traffic monitoring and forwards the data to Guardium collectors for audit and security compliance purposes across organization.

Develop workflows, standards and best practices based on the events occurred in the past.

Communicate effectively with other stakeholders of our Monitoring and response efforts, including representatives of the business units, technology specialists, vendors, and others.

Build use cases for different Security applications to protect the environment.

Assist in monitoring, configuration changes, and software updates in blue coat proxy.

Analyze and evaluate anomalous network and system activity using blue coat proxy.

Analyze and understand database usage, identify risky behavior and assist in developing DAM monitoring.

Participate in firm wide and other department projects / initiatives as a GRC representative / subject matter expert to provide GRC guidance and interpretation of rules, regulations, risks, and best practices.

Create and implement policies, procedures, training and communication of the new policies and procedures to support these projects.

Conducts application security assessments using off-the-shelf or internally developed exploitation tools to execute manual testing for advanced attacks.

Enforce IT processes to ensure consistent, well-integrated application structures in full compliance with Sarbanes Oxley (SOX) and Payment Card Industry – Data Security Standards (PCI DSS) regulations.

Created alerts on the requests from managers for certain tasks.

Analyzed security-based events, risks and reporting instances.

Experience in troubleshooting inactive agents by automating with BladeLogic.

Solid knowledge of information security principles and practices, as well as an advanced understanding of security protocols and standards Installed and configured encryption software to ensure data security.

Maintained user accounts and Access Control Lists.

Monitor security events and incidents on the enterprise SIEM solution and resolve and/or escalate as appropriate recommended preventive, mitigating, and compensating controls to ensure the appropriate level of protection and adherence to the goals of the overall information security strategy.

Vibertech Solutions, Hyd, India Jul - 2012 to May -2013

Database Activity Monitoring (DAM)

Installation and configuration of STAP (Agent) software on UDB DB2/Oracle/Sybase on AIX or SOLARIS or LINUX and SQL Server 2012 on Windows Server 2012 R2 and Configure database traffic monitoring and forwards the data to Guardium collectors for audit and security compliance purposes across organization.

Reviewed, evaluated, lead implementation of database activity monitoring infrastructure Guardium across Scholastic's databases to meet internal/external audit and regulatory requirements SOX, PCI.

Performed diagnostics and troubleshooting of system issues like aggregation/archive, disk space, schedule job exceptions, Inactive agents, export/import failures, no traffic from agents, sniffer restarts.

Participate with other experts throughout the company to plan, test, and improve SIEM (Security Information and Event Management) and DAM capabilities using Splunk Enterprise, Guardium.

Provide expert input on Monitoring process definition and support the development and maintenance of documented playbook procedures, knowledge articles, and training material.

Provide ongoing mentorship to other Cyber Analysts and liaise with members of other gCDC(Global Cyber Defense Center) functions to assess and mitigate the risks posed to Organization by identified threats.

Set up HADR (High Availability Disaster Recovery) which allows Splunk servers in active/passive configuration for the purposes of disaster recovery.

Develop workflows, standards and best practices based on the events occurred in the past.

Build use cases for different Security applications to protect the environment.

Assist in monitoring, configuration changes, and software updates in blue coat proxy.

Analyze and evaluate anomalous network and system activity using blue coat proxy.

Knowledge on data loss prevention tools (Symantec, Mcafee).

Create and implement policies, procedures, training and communication of the new policies and procedures to support these projects.

Performed equipment installs, relocations, and maintenance of a wide array of fielded equipment from a Unix base server to Macintosh computer workstations and associated equipment, including printers, scanners, external hard drives, monitors, audio equipment, VoIP phones, video teleconferencing equipment, modems, and cryptographic devices.

Opened and updated Request for Action (RFA) problems using Remedy database; created and submitted SAP requests for needed parts to resolve RFA actions.

Assist users and managers in their efforts to establish and maintain adequate audit trails so that sufficient evidence of computerized business activities exists to reconcile accounts, to detect frauds, to quickly resolve problems, and to otherwise maintain secure and reliable information systems.

Monitoring and managing ongoing health and capacity of firewall environments within multiple data centers.

Education AND Certifications:

Bachelor of Technology from Acharya Nagarjuna University (2012)

Masters: Computer science in Silicon Valley University (2016)

Certifications:

• CISM - Certified Information Security Manager

• CEH - Certified Ethical Hacker

• AZ-500 - Azure Security Engineer

• Splunk Power User

Contact this candidate