MD. SHALAUDDIN

Phone: 347-***-****

adx2l5@r.postjobfree.com

SKILLS

Experience on Security Tools like ArcSight, Nessus, Nmap, Snort/Sourcefire, FireEye, Wireshark/Ethereal

Hands on experience in detection and analyzing Malware intrusion alerts from FireEye, Sourcefire

Static and Dynamic Malware Analysis

Strong understanding on Windows, Unix and Networks concepts

Experience with SIEM platforms

Experience in log correlation and analysis

Knowledge of cyber threats (phishing, malware, etc.) and vulnerabilities

Knowledge of Information Security best practices

Ability to think critically and properly assess security events

Scripting experience (Python)

Knowledge of incident and problem management frameworks (eg ITIL)

Experience with conducting social engineering penetration attacks and techniques

Knowledge of tools such as: Web App Tools Intercepting proxies (e.g. Burp Proxy, Paros Proxy, ZAP, etc.) and automated scanners (e.g. WebInspect, Netsparker, nikto, Skipfish)

Wireless - aircrack-ng, mdk3, sslstrip

Exploitation Tools - Metasploit, Karmetasploit, Karmetasploit, BurpDuite, BackTrack/Kali Linux, SQLMap, Social Engineering Toolkit

Network Tools - nMap, ZenMap, Nessus, WireShark

Tools - Hydra, John the Ripper, NetCat, GPU and rainbow crack tools

Knowledge of MFA, PKI, Palo Alto, Cisco ASA, IDS/IPS, KiWi, SolarWinds, Nessus, Windows, Linux/Unix, Vmware, IDS/IP, forensic discovery, Certificate Authority (CA), PKI, Kerberos, SSL, HTTPS, LDAP, Active Directory, Group Policy, DNS, NTFS, SharePoint, Remote Access, Citrix, VDI, ACLs, etc.

Experience with information technology systems: Windows Server, Windows 7/8/10, Mac OS, Active Directory, LINUX, TCP/IP, LAN/WAN, VPN, NAC

Familiarity with compliance regulations and security frameworks (SOX, PCI, GLBA, COBIT, FINRA, ISO, NIST,)

Familiarity with cloud services (AWS, Azure, Office 365, etc.)

Proficiency with Windows, Unix and Linux platforms

Programming ability in web/scripting languages such as PHP, JavaScript, Perl, Python, Ruby, ASP .Net

WORK EXPERIENCE

NFTA 11/22 – Current

IT Security Vulnerability Analyst

The Vulnerability Management Program's objective is to reduce client risk profile through the proactive identification, prioritization, and remediation of vulnerabilities in a systematic and comprehensive manner across all systems (Host, Applications, Databases, etc.). The Information Security Analyst III, Vulnerability Management is responsible for handling the day-to-day operations of the vulnerability management service. This includes reviewing scheduled scan performance, reviewing and prioritizing scan results, regularly consuming threat and vulnerability intelligence, creating remediation tickets and assigning them to the members of the team.

Consume external vulnerability and threat intelligence to stay up-to-date on industry trends and emerging risks that could impact the client

Document threats and vulnerabilities in the context of the client and communicate them to the team

Perform initial investigation and triage of tickets assigned to the vulnerability management team

Escalate tickets to the Info Security Analyst IV Management team when needed

Assess and triage vulnerability scan results based on risk assessments, CVSS, vulnerability intelligence, and enterprise/environment context

Track and report vulnerability management metrics based upon remediated vulnerabilities

Coordinate regular and emergency vulnerability remediation processes with Patch Management, system owners, and Change Management

Serve as the initial point of contact and troubleshooting resource for issues/errors from scanning activities

Create, modify, and maintain policy, process, procedure, standards, and training documentation relevant to supporting the various technologies used by the Vulnerability Management team

Assist in planning, designing, implementation, and operation of vulnerability management tools, processes, and systems

Mattel Inc 02/2022- 11/2022

Tier 2 SOC (Security Operations Center) Analyst

Perform end to end analysis and investigation of suspicious emails reported by users

Co-ordinate with vendors and support groups for managing email content filtering

End to end investigation of FireEye/Source fire/McAfee (HX,EX,NX) detected alerts using the FireEye CMS, LAB PC and other online tools

Coordinate with various teams and support groups for malware containment and remediation

Perform coordination with various product vendors during the security incident life cycle

Perform URL filtering and reviews as per customer requirement or as part of incident handling

Investigation of malware related issues reported by users with help of BUP files

Static and Dynamic Malware Analysis

Perform security log search as per customer requirement

Handling user queries via chat channel /calls/emails

Review and update the security monitoring rules in order to minimize false positives

Maintain and update all relevant documentation (knowledge articles, tickets, etc.)

Respond to Information Security related queries.

Provide detailed report write-up on security incidents to technical and non-technical audience

AMAZON 08/2019-01/2022

Security Operations Center (SOC) Tier II Analys

Work within the Cybersecurity Engineering group responsible that email and all related network security technologies are designed, integrated, tested and configured to meet defensive efforts

Design & implement email filtering, DNS, SPF/DKIM/DMARC, and sandboxing including cloud-based email threat prevention platforms

Identify Cybersecurity problems which may require mitigating controls

Analyze network traffic to identify exploit or intrusion related attempts

Recommend detection mechanisms for exploit and or intrusion related attempts

Provide subject matter expertise on network-based attacks, network traffic analysis, and intrusion methodologies

Escalate items which require further investigation to other members of the Threat Management team

Execute operational processes in support of response efforts to identified security incidents

Participate in a team of Security operations engineers investigating alerts, anomalies, errors, intrusions, malware, etc. to identify the responsible, determine remediation, and recommend security improvements

Follow precise analytical paths to determine the nature and extent of problems being reported by tools, e-mails, etc

Follow strict guidance on reporting requirements

Keep management informed with precise, unvarnished information about security posture and events

Promote standards-based workflow both internally and in coordinating with US-CERT

Engage with other internal and external parties to get and share information to improve processes and security posture

Lead analyzing/investigating reports or anomalies

Verizon 08/2017-06/2019

Tier 1 SOC (Security Operations Center) Analyst

Conduct network and web-based application penetration tests

Conduct physical security assessments

Conduct logical security audits and hands-on technical security evaluations and implementations

Develop subject matter expertise of focused capabilities in the topics of database security, wireless security, or application and development security

Working knowledge of TCP/IP ports and protocols

In depth familiarity with Windows and UNIX operating systems

Familiarity with web proxy tools such as Burp, Paros, and Fiddler

Experience looking for security issues such as Cross Site Scripting, SQL Injection, Cookie Manipulation, Buffer Overflows, etc

Familiarity with penetration testing tools and tool suites such as BurpPro, BackTrack, nmap, Metasploit, Nessus, tcpdump, wireshark, Nikto, etc

SKILLS:

EDUCATION

University of Central Oklahoma. Edmond, OK

Bachelor of Computer Science and Minor in Mathematic.

CLEARANCE AND CERTIFICATIONS

Certified Ethical Hacker (CEH)

Cybersecurity+

Cisco certified network associate

CCNA

Contact this candidate