MD. SHALAUDDIN
Phone: 347-***-****
adx2l5@r.postjobfree.com
SKILLS
Experience on Security Tools like ArcSight, Nessus, Nmap, Snort/Sourcefire, FireEye, Wireshark/Ethereal
Hands on experience in detection and analyzing Malware intrusion alerts from FireEye, Sourcefire
Static and Dynamic Malware Analysis
Strong understanding on Windows, Unix and Networks concepts
Experience with SIEM platforms
Experience in log correlation and analysis
Knowledge of cyber threats (phishing, malware, etc.) and vulnerabilities
Knowledge of Information Security best practices
Ability to think critically and properly assess security events
Scripting experience (Python)
Knowledge of incident and problem management frameworks (eg ITIL)
Experience with conducting social engineering penetration attacks and techniques
Knowledge of tools such as: Web App Tools Intercepting proxies (e.g. Burp Proxy, Paros Proxy, ZAP, etc.) and automated scanners (e.g. WebInspect, Netsparker, nikto, Skipfish)
Wireless - aircrack-ng, mdk3, sslstrip
Exploitation Tools - Metasploit, Karmetasploit, Karmetasploit, BurpDuite, BackTrack/Kali Linux, SQLMap, Social Engineering Toolkit
Network Tools - nMap, ZenMap, Nessus, WireShark
Tools - Hydra, John the Ripper, NetCat, GPU and rainbow crack tools
Knowledge of MFA, PKI, Palo Alto, Cisco ASA, IDS/IPS, KiWi, SolarWinds, Nessus, Windows, Linux/Unix, Vmware, IDS/IP, forensic discovery, Certificate Authority (CA), PKI, Kerberos, SSL, HTTPS, LDAP, Active Directory, Group Policy, DNS, NTFS, SharePoint, Remote Access, Citrix, VDI, ACLs, etc.
Experience with information technology systems: Windows Server, Windows 7/8/10, Mac OS, Active Directory, LINUX, TCP/IP, LAN/WAN, VPN, NAC
Familiarity with compliance regulations and security frameworks (SOX, PCI, GLBA, COBIT, FINRA, ISO, NIST,)
Familiarity with cloud services (AWS, Azure, Office 365, etc.)
Proficiency with Windows, Unix and Linux platforms
Programming ability in web/scripting languages such as PHP, JavaScript, Perl, Python, Ruby, ASP .Net
WORK EXPERIENCE
NFTA 11/22 – Current
IT Security Vulnerability Analyst
The Vulnerability Management Program's objective is to reduce client risk profile through the proactive identification, prioritization, and remediation of vulnerabilities in a systematic and comprehensive manner across all systems (Host, Applications, Databases, etc.). The Information Security Analyst III, Vulnerability Management is responsible for handling the day-to-day operations of the vulnerability management service. This includes reviewing scheduled scan performance, reviewing and prioritizing scan results, regularly consuming threat and vulnerability intelligence, creating remediation tickets and assigning them to the members of the team.
Consume external vulnerability and threat intelligence to stay up-to-date on industry trends and emerging risks that could impact the client
Document threats and vulnerabilities in the context of the client and communicate them to the team
Perform initial investigation and triage of tickets assigned to the vulnerability management team
Escalate tickets to the Info Security Analyst IV Management team when needed
Assess and triage vulnerability scan results based on risk assessments, CVSS, vulnerability intelligence, and enterprise/environment context
Track and report vulnerability management metrics based upon remediated vulnerabilities
Coordinate regular and emergency vulnerability remediation processes with Patch Management, system owners, and Change Management
Serve as the initial point of contact and troubleshooting resource for issues/errors from scanning activities
Create, modify, and maintain policy, process, procedure, standards, and training documentation relevant to supporting the various technologies used by the Vulnerability Management team
Assist in planning, designing, implementation, and operation of vulnerability management tools, processes, and systems
Mattel Inc 02/2022- 11/2022
Tier 2 SOC (Security Operations Center) Analyst
Perform end to end analysis and investigation of suspicious emails reported by users
Co-ordinate with vendors and support groups for managing email content filtering
End to end investigation of FireEye/Source fire/McAfee (HX,EX,NX) detected alerts using the FireEye CMS, LAB PC and other online tools
Coordinate with various teams and support groups for malware containment and remediation
Perform coordination with various product vendors during the security incident life cycle
Perform URL filtering and reviews as per customer requirement or as part of incident handling
Investigation of malware related issues reported by users with help of BUP files
Static and Dynamic Malware Analysis
Perform security log search as per customer requirement
Handling user queries via chat channel /calls/emails
Review and update the security monitoring rules in order to minimize false positives
Maintain and update all relevant documentation (knowledge articles, tickets, etc.)
Respond to Information Security related queries.
Provide detailed report write-up on security incidents to technical and non-technical audience
AMAZON 08/2019-01/2022
Security Operations Center (SOC) Tier II Analys
Work within the Cybersecurity Engineering group responsible that email and all related network security technologies are designed, integrated, tested and configured to meet defensive efforts
Design & implement email filtering, DNS, SPF/DKIM/DMARC, and sandboxing including cloud-based email threat prevention platforms
Identify Cybersecurity problems which may require mitigating controls
Analyze network traffic to identify exploit or intrusion related attempts
Recommend detection mechanisms for exploit and or intrusion related attempts
Provide subject matter expertise on network-based attacks, network traffic analysis, and intrusion methodologies
Escalate items which require further investigation to other members of the Threat Management team
Execute operational processes in support of response efforts to identified security incidents
Participate in a team of Security operations engineers investigating alerts, anomalies, errors, intrusions, malware, etc. to identify the responsible, determine remediation, and recommend security improvements
Follow precise analytical paths to determine the nature and extent of problems being reported by tools, e-mails, etc
Follow strict guidance on reporting requirements
Keep management informed with precise, unvarnished information about security posture and events
Promote standards-based workflow both internally and in coordinating with US-CERT
Engage with other internal and external parties to get and share information to improve processes and security posture
Lead analyzing/investigating reports or anomalies
Verizon 08/2017-06/2019
Tier 1 SOC (Security Operations Center) Analyst
Conduct network and web-based application penetration tests
Conduct physical security assessments
Conduct logical security audits and hands-on technical security evaluations and implementations
Develop subject matter expertise of focused capabilities in the topics of database security, wireless security, or application and development security
Working knowledge of TCP/IP ports and protocols
In depth familiarity with Windows and UNIX operating systems
Familiarity with web proxy tools such as Burp, Paros, and Fiddler
Experience looking for security issues such as Cross Site Scripting, SQL Injection, Cookie Manipulation, Buffer Overflows, etc
Familiarity with penetration testing tools and tool suites such as BurpPro, BackTrack, nmap, Metasploit, Nessus, tcpdump, wireshark, Nikto, etc
SKILLS:
EDUCATION
University of Central Oklahoma. Edmond, OK
Bachelor of Computer Science and Minor in Mathematic.
CLEARANCE AND CERTIFICATIONS
Certified Ethical Hacker (CEH)
Cybersecurity+
Cisco certified network associate
CCNA