Post Job Free
Sign in

Cyber Security Architect

Location:
Woodbridge, NJ
Posted:
November 22, 2024

Contact this candidate

Resume:

Tiberiu Tajts - PE, MCSE, CISSP, CPM

732-***-****

**********@*******.***

Senior Security Architect – Cyber Security Engineer Security Architect Windows, Android and Linux

Profile

• Experienced in: Threat Modeling, Threat Intelligence and Risk Assessment, External and Internal Security Assessments, Penetration Testing, Vulnerability Assessment, Gap Analysis, My goal is to proactively identify and mitigate risks within an organization's information security infrastructure while continuously learning and growing in this dynamic field.

• Performed Red team and Blue team security testing, with use of Kali, nmap, Burp suite..

• Implemented the CRYSTALS-Kyber asymmetric algorithm for digitally signing firmware and software using C and Python.

• Performed C, C++ and C# code auditing

• I am committed to contributing to an employer's security posture and collaborating with teams to achieve shared goals in protecting valuable digital assets.

Technical Skills

• Certified CISSP with 23 years of strong working experience in Cyber security, Cloud Platforms, Windows (Active Directory), Android, Linux, IT & OT Engineering, within the IT companies

• Performed E2E gap analysis. Developed Security Architectures and Threat Models, using IriusRisk

• Penetration Testing Tools: Metasploit, Burp Suite with BurpGPT, Metasploit, Nessus, Nmap, Wireshark, Kali Linux, Black ARCH…

• Programming Languages: Python, GoLang, Java Script

• Networking: TCP/IP, DNS, VPN, Firewalls, IDS/IPS, Traffic Analysis, Threat Protection

• Vulnerability Management: OpenVAS, Qualys, Nessus, Rapid7, Acunetix, Azure cloud security using Microsoft Sentinel and Defender

• Web Application Security: OWASP Top 10, XSS, SQLi, CSRF…

Professional Experience:

Verizon October 2023 – Present

Security Architect

Responsibilities:

• Performed security designs and threat modeling. Managed SDLC projects in the cloud and on premises.

• Performed Security Compliance reviews and discovered security artifacts. Compiled user stories for security reviews.

• Completed threat modeling, using IriusRisk, and design of security architectures for applications in the cloud and on premises

• Performed E2E gap analysys for Verizon products

• Programmed and performed C and Python code auditing with focus on bugs which lead to vulnerabilities

• Performed Red team and Blue team security testing, with use of Kali, nmap, Burp suite. Conducted Dynamic and Static Application Security Testing (SAST & DAST) using ZAP, Burp Suite and Veracode

• Performed analysis of expected impact of Quantum computing on the risk of break of RSA and ECC encryption algorithms. Implemented the CRYSTALS-Kyber asymmetric algorithm for digitally signing firmware and software using C and Python.

Global Logic July 2022 – September 2023

Senior Security Engineer – Security Architect

End Clients: Wells Fargo, Wheels up and Volkswagen Automotive Cloud

Responsibilities:

On Threat modeling and Security Architecture

• Performed Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), API security testing and vulnerability assessments with Sonar Qube, AppScan, Metasploit, Burp Suite with BurpGPT, Metasploit, Nessus, Nmap, Wireshark, Kali Linux, and Veracode

• Used machine learning classifiers for Android (Random Forest and Late Fusion). Analized Android malvare code developed in DEX, ARM, Flutter and Dart.

• Completed threat modeling and design of security architectures for applications in the cloud and on premises

• Solid foundation of common software vulnerabilities and their remediation/ mitigation techniques

• Working knowledge of regulatory and industry security standards

• Extensive knowledge of vulnerability assessments using industry best practices such as OWASP top 10, CWE/ SANS TOP 25 standards.

• Performed false positive analysis to verify vulnerabilities.

• Follow up and ensure the closure of the raised vulnerabilities by revalidating and ensuring 100% Closure.

• Conducted Dynamic and Static Application Security Testing (SAST & DAST).

• Experience with microservice Developed and deployed Chat GPT and Burp GPT models, providing conversational and interactive capabilities to various applications.

• Conducted research and experimentation to enhance the performance and functionality of the language models.

• Reviewed emails and associated Jira tickets for new scan or re-scan requests.

• Performed specific manual scans using Burp Suite, Nmap, tools from Kali and other security frameworks

• Demonstrated security testing results, explain the threat presented by the results, and consult on remediation/ mitigation

• Performed Reverse Engineering of Malware Code in Windows using Falcon Sandbox, Virus Total, IdaPro, WinDB, Ghydra-9.0, 64db, … After detecting the suspicious file, I detonated a copy in the sandbox. If confirmed to be malware, use Ghydra to step through the code. Reported my findings, including artifacts found (based on yara rules, hashes, links, libraries.)

• For Reverse Engineering of Malware Code in Android I collected the APK using Air Droid or have it sent, use Apktool, dex2jar, JD-GUI and MSF. Monitored traffic with HTTP Cannary and Wireshark. Did static and dynamic analysis using MSF. Used Ghydra to step through the code.

• Compiled from Java to DEX. Decompiling DEX to Java. Decompiled the application's native libraries. Decoded string encryption.

For IAM (Identity and Access Management):

• Creating and managing users, groups, and roles to control access to resources.

• Implemented multi-factor authentication (MFA) for enhanced security.

• Setting up policies to defined permissions and access controls based on roles and responsibilities.

• Monitored user activities and enforcing security best practices.

Big Data:

• Utilizing services like AWS EMR (Elastic MapReduce) or Azure HDInsight to process and analyze large datasets.

• Implementing data pipelines using tools like AWS Glue or Azure Data Factory for data ingestion, transformation, and storage.

• Leveraging big data analytics frameworks like Apache Hadoop or Spark for advanced analytics and machine learning.

On Cloud Security:

• Implementing network security measures such as Virtual Private Clouds (VPCs) in AWS or Virtual Networks in Azure to isolate resources.

• Configuring security groups, network ACLs, and firewalls to control inbound and outbound traffic.

• Implementing encryption at rest and in transit using services like AWS KMS or Azure Key Vault.

• Implementing logging, monitoring, and auditing solutions to detect and respond to security incidents.

On Microsoft 365:

• Configuring and managing identity and access using Azure Active Directory (AAD) for seamless access to Microsoft 365 services.

• Implementing data loss prevention (DLP) policies to protect sensitive information across Microsoft 365 applications.

• Setting up advanced threat protection (ATP) to safeguard against phishing attacks, malware, and other threats.

• Monitoring user activities and enforcing compliance with regulatory requirements using Microsoft 365 compliance tools

Myzenkey.com – Joint Venture of AT&T T-Mobile Verizon, NY Mar 2021 – Jul 2022

Senior Engineer – Penetration Tester

Responsibilities:

• Accountable for static and dynamic application security testing performed using SonarQube, and AppScan, Metasploit, Burp Suite with BurpGPT, Metasploit, Nessus, Nmap, Wireshark, Kali Linux, and Veracode .

• Tested to eliminate false positives using ZAP from OWASP, Burp Suite, Nessus from Rapid 7, SQL MAP and Kali.

• Conducted white/grey box penetration testing on the financial systems and applications.

• Monitored host and network security using Qradar and Microsoft Sentinel and Defender. Detected vulnerabilities using Qualys and Rapid 7. Identified false positives and coordinated corrective measures.

• Deep knowledge of current and emerging security technologies, threats, and techniques for exploiting security vulnerabilities in the code or application.

• Implemented access control mechanisms, intrusion detection and prevention, encryption, digital certificates, and trust-based authentication.

• Strong understanding of information security and risk analysis processes, including threat modeling

• Experienced in analyzing threats to cloud and application components.

• Provided security implementation for authorization, by controls like principle of least privilege, Relinquishing privilege when not in use, Non-Guessable tokens, forced browsing.

• Perform vulnerability assessment on the web applications to identify the issues and prioritising them based on risk level.

• Classified the new incidents evaluating the impact and further consequences. Correlated with current security intelligence acquired from hacker blogs and security publications. I prepared to prevent attacks and not to only react to attacks.

New York City Housing Authority (IT Trail Blazers) Nov 2015 to Mar 2021

Penetrtion Tester – Cyber Security Cloud Computing Windows, Android and Linux

Responsibilities:

• Managed and performed vulnerability assessments and security audits. Monitored assets using Rapid7 and Qualys. Performed Application Security scans using Veracode, Qualys and ZAP. Evaluated and interpreted results with the development team. Tested the vulnerabilities to detect false positives. Implemented SOAR operations.

• Accountable for penetration testing activities which I performed using Qualys and Nessus and confirming the results to eliminate false positives using ZAP from OWASP, Burp Suite, Nessus from Rapid 7, SQL MAP, Nikto, Skipfish, Kali and Black Arch.

• Software design and development, mostly using the C programming language in a Linux environment, along with Bourne shell scripting and Go (“golang”) programming language. Also used tools such as SQLite for embedded data persistence, Suricata IDS, OpenSSH, and GNU Privacy Guard (GPG), among others.

• Detected and managed the response to incidents by monitoring the Qradar, Log Rhythm, and Sumo Logic SIEM and evaluated the alerts generated by Crowdstrike and SEP (Symantec Endpoint Protection).

• Classified the new incidents evaluating the impact and further consequences. Correlated with current security intelligence acquired from hacker blogs and security publications. I prepared to prevent attacks and not to only react to attacks.

• Monitored for new vulnerabilities detected through scanning and received alerts from industry vulnerability databases. Validated alerts generated through automatic testing and escalated accordingly.

• Coordinated the vulnerability remediation process in accordance with the existing vulnerability management policy. Created alerts and dashboards using Sumo Logic, ELK and Qradar.

• Performed Cloud Penetration Testing using cloned web stack and tested for VM escape attack.

• Certified for Sumo Logic, and very experienced with Qradar, Microsoft Security Center, LogRhythm and Alien Vault/OSSIM, for Security Information and Event Management (SIEM). Experienced with implementing and operating Nazomi Guardian Scada network monitoring, using signature and behavior analysis correlated with inventory and vulnerabilities. Evaluated Threat Intelligence, performed Malvare Analysis and Reverse engineering

• Performed network security assessments of Windows and Linux systems, Web Applications, IOS and Android smartphone applications, databases and Performed Penetration Testing, Blue and Red Team Testing, and Vulnerability Scanning using Kali, Acunetrix, Qualys, Nessus, OpenVAS, MobSF, Burp Suite, Metasploit, Empire, Cobalt-Strike, Black Arch and Parrot.(SIEM). Performed programming and static and dynamic security analysis for Python and Monitored and detected Network Vulnerabilities, Application Security Vulnerabilities, Red Team testing, and Penetration Attempts to NYCHA computer networks located at 125 offices.

• Evaluated for OWASP Top 10 vulnerabilities and the Treacherous 12 Cloud Computing Top Threats. Deployed and monitored the security of the infrastructure.

• Performed Malware Analysis, Reverse Engineering, Forensics and Malware Removal. Experienced with programming in Python, JS, Hands-on experience with QRadar SIEM Architecture and Deployment. Created custom parsers using DSM editor and On-boarding of log sources from a diverse enterprise end point.

United Nations, HQ New York, NY Mar 2014 – Oct 2015

Senior Engineer – Cyber Security Linux Windows Cloud

Responsibilities:

• Cyber Security Engineer/Analyst and Cyber Intelligence Specialist. Provided External and Internal Security Assessments, Penetration Testing, Vulnerability Assessment, Gap Analysis and Risk Assessment. Verified compliance with regulatory requirements and provided guidance for correcting the noncompliance issues.

• Utilized Golang routines to optimize the performance of the application

• Performed network security assessments of Windows and Linux systems, web applications, databases, wireless networking and a variety of network protocols and firewall devices, on premises and in the Cloud.

• Monitored and detected Network Vulnerabilities, Android Application Security Vulnerabilities, Viruses and Penetration Attempts to United Nations computer networks located in 86 countries.

• Deployed and monitored the security of the infrastructure. Developed the presentation of the results on a Map of the World with sources of attack, protocols and the exploited vulnerabilities detected on hosts on the United Nations computer network. Managed incidents.

• Developed Disaster Recovery Plans.

• Provided PCI DSS compliance using Qualys.

• Performed internal and external Qualys scans for Compliance, WebApps, Vulnerability and Mapping, including manual verification of potential vulnerabilities. Established remedial action plans based on severity. Developed Remediation Policies and operated the Vulnerability Remediation Reporting System.

• Performed Penetration Testing, Red Team and Blue Team Testing, and Vulnerability Scanning on Windows and Android, using Acunetrix, Metasploit, Nessus, Open VAS, MobSF, Burp Suite, Parrot, Black Arch and Kali.

• Experienced with LogRhythm, QRadar, Splunk, NetworkMiner, Snort and Alien Vault/OSSIM for Security Information and Event Management (SIEM).

• Managed Symantec SEP. Performed static and dynamic malware analysis on Windows and Android.

• Static analysis was performed by comparing hashes and examining PE headers. Also, embedded string analysis and unpacking or decoding Base64 or decoding XOR.

• Performed static and dynamic security testing for Android and IOS mobile devices using MobFS framework.

• Experienced in designing and operating secure systems with a strong knowledge of firewall systems (Cisco ASA and Cisco vASA, Checkpoint 1, pFSense and Suricata), and network architectures (including Routers, Switches and IDS/IPS).

www.Cloud-security.us & www.InfoSecPro.com, NY Feb 2001 – Mar 2014

Senior Analyst – Security Risk

Responsibilities:

• Evaluated compliance with the requirements applicable for the respective type of business (PCI DSS, HIPAA, FedRAMP and SAS-70). Performed ISO 27001/BS 17799 Risk Assessments with Statement of Applicability, Risk Treatment Plan and Gap Analysis using vs Risk, RA2, Risk Watch and CRAMM.

• Deployed and Monitored Alien Vault/OSSIM for monitoring of application logs, web access logs, configuration files and databases.

• Performed External and / or Internal Security Assessments for Banks, Government, and DoD Contractors and U.S. businesses for compliance with NIST 800-30 and ISO 27001/BS 17799. Provided guidance for correcting the noncompliance issues.

• Performed Web application vulnerability scanning to prevent SQL injection, directory path traversal vulnerability, Cross-site scripting, Redirection and header injection attacks, Leakage of query string parameters in the Referrer header, Integrity of Access Controls and Session Management, Session

• hijacking, capture of credentials and other sensitive data, Buffer overflows, Client-side Login with focus on validation and authentication and Common configuration weaknesses, known software bugs.

• Performed log monitoring (using OSSIM) and configured intrusion detection and prevention systems (IDS/IPS) including operations and maintenance.

Certificates:

• Licensed Professional Engineer, PE

• CISSP

• MCSE

• CPM

Education:

• Polytechnical University of Timișoara MS, Civil Engineering

• Certified Public Manager, Business Administration and Management, General Fairleigh Dickinson University

• Postgraduate, Massachusetts Institute of Technology, Intelligent Transportation Systems

Publications:

May 19, 2011

Cloud Computing Security

ISBN: 146*******

Cloud computing allows for both large and small organizations to have the opportunity to use Internet-

based services so that they can reduce start-up costs, lower capital expenditures, use services on a pay-

as-you-use basis, access applications only as needed, and quickly reduce or increase capacities.

However, these benefits are accompanied by a myriad of security issues.

December 21, 2011

Web Business Operations Management - Why some businesses fail to succeed?

ISBN 978**********

This book is about management of successful web businesses. The failures of many Web startups



Contact this candidate