Database Security Consultant
Resume:
Koduri A
Sr. Security Consultant
****.******@*****.***
Professional Summary
Over 10+ of IT experience with over 5 years as an and Database security consultant and as IBM Guardium consultant.
Database Security Architect responsible for designing, architecting, and implementing Guardium database infrastructure and monitoring solution.
Hands-on experience in installation and configuration of Guardium appliances, agents, and creation of security policies for Database Activity Monitoring, VA, CAS.
Coordinating the enterprise effort for database encryption using technologies such as TDE for data at rest and network encryption for data in motion
Coordination amongst different stakeholder groups within the enterprise necessary to implement the database security solutions (Database group, Infrastructure) group, Unix, cyber security, network, and various application owners
Hands on experience in database installation, administration, configuration, production support, upgrades, patches, performance tuning, backup and recovery, space management, database security, cloning, migration, Shell scripting and documentation.
Experience in translating business requirements into conceptual, logical, and physical data models.
Experience in configuring Oracle network, RMAN, Recovery Catalog, and Performance Tuning of database by optimizing SQL and PL/SQL scripts and instance. Used stats pack report, AWR report, ADDM advisors, auto trace and execution plan.
Excellent experience in installation, setup, and configuration of Oracle 8i, 9i, 10g and 11g in HP-UX, Sun Solaris, AIX and Linux environments.
Proficient at performing major Database Release Upgrade (manually as well as using DBUA) along with applying various PSU patches using OPatch for 10g 11g databases.
Proficient with application of Oracle Quarterly Security Patches agent (SPU’s) and Implementing V11.5 upgrades Adept at routine Database Administration tasks including automated installation, creation and replication of databases, management of tablespaces, logs, grants, roles, users, indices.
Working experience in database cloning, database backup, recovery procedures and security.
Experience in application Support, SQL Loader, Data pump, Data Guard, Fine Grain Auditing (FGA), performing Flashback, transportable tablespaces.
Conducted all-source analysis, digital forensics, and adversary targeting to identify, monitor, assess, and counter the threat posed by foreign cyber actors as a part of Cyber Threat Intelligence
Executed daily vulnerability assessments, threat assessment, and mitigation and reporting activities to safeguard information assets and ensure protection has been put in place on the systems.
Advanced Guardium Insights deployments on IBM Cloud Pak for Security and navigate to data sources.
Hands on experience using Tanium suit for endpoint protection, asset management, integration and threat intelligence.
Experience in designing and configuring high-availability systems using DATAGUARD with physical standby. Effectively used DATAGUARD BROKER utility.
Expertise in setting up Data Guard Fail-Over Switch-Over Read-Only scenarios.
Experience in the management and implementation of database models, data flow diagrams, database.
Coordinating the enterprise effort for database encryption using technologies such as TDE for data at rest and network encryption for data in motion.
Technical Skills
Database Auditing: IBM Infosphere, Guardium SQLGuard, IBM Guardium data protection.
Vulnerability Assessment: FortiDB IP Locks, IBM Infosphere Guardium SQLGuard
ESM Monitoring Tools: BMC Performance Manager Patrol, BMC Proactive Net Performance Manager BPPM, BMC Patrol Configuration Manager, BMC Performance Manager Portal, BMC Patrol Console and RT Server
Automation Tool: HP Database and Middleware Automation
Operating System: Microsoft Windows, Oracle Solaris, IBM AIX, Red Hat Enterprise Linux
RDBMS: Oracle, MSSQL Server, Sybase ASE, IBM DB2
Application: IBM Guardium, Microsoft SharePoint 2010, OEM, People Soft HRMS, People Soft Finance Application Server, Process Scheduler, Web Server.
Education
MS Computer Information systems, New England college. NH. 2016-2017
Bachelors in Electronics and Communication. JNTU Hyderabad. 2012.
Certification:
Certified Information Systems Auditor
IBM Guardium Certified V11.5
Certified Cybersecurity Architect
Professional Experience
Bank of America March 2024 – Present
Database Security Consultant (IBM Guardium DAM)
Implemented advanced blocking and protection and Dynamic Data Masking (DDM) and designed the curriculum for the Oracle Database Administration, Linux RHEL systems administration, Oracle High availability and the IBM Guardium database security training programs.
Working in patch management to create new V12 appliances and configure them to be online and ready for deployment.
Creating new certs and renewals to work under compliance and monitoring expirations
Majorly focusing on New V12 builds patching and configuring, troubleshooting with root passwords
Also, Stap installs and GIM installs based on requirements
Handling decom also on weekly basis to report list to the management.
Sourced and purchased all data center equipment and worked and Recruited staff to teach all approved training programs and worked on Kubernetes and containerization workloads and amazon kinesis and Data streams.
Directed and collaborated with the System administrator to build entire server infrastructure to support all students. We currently have the capacity to support over 200 students simultaneously oracle DBA and Oracle High Availability instructor.
Worked on google cloud platform (GCP) services like compute engine, cloud load balancing, cloud storage, cloud SQL, stack driver monitoring and cloud deployment manager.
Provided regular updates to senior management, internal and external audit departments via Guardium canned and ad-hoc reports.
Worked on patch management to stay updated on dates and latest versions.
Working Guardium Insights and OpenShift container platform version 4.8x and 4.10x and IBM cloud pak fundamental services version 3.19x
Managed and installed patches to fix issues and stay updated with the latest versions
Drove database security initiative such as database security configuration, activity monitoring, access control, data protection and audit remediation across departments.
Worked on patches to upgrade to latest versions and to fix mandatory issues.
Advanced Guardium Insights deployments on IBM Cloud Pak for Security and navigate to data sources
Acquired RBAC and Trace Tanium modules, implemented them in production to facilitate easy user administration with pre - defined roles, and capturing trace events on the endpoints.
Deploy and setup configuration for IBM Guardium to ensure collectors, aggregators, load balancers, agents (S-TAP, Guardium Installation Manager (GIM), and ATAP) and change Audit system (CAS) are properly installed.
Develop and ensure Database Activity Monitoring policies/rules are setup in accordance with HIPPA regulation.
Hands on experience on building Guardium appliances in Virtual Machine and Aws Ec2 and Azure. and worked on external S-Taps and data stream in cloud Aws Ec2 environment.
Horizon BCBS, Newark, NJ Feb 2020 – Feb 2024
Database Security Consultant (IBM Guardium DAM)
Infrastructure design for the deployment of Guardium Database monitoring solution for the entire enterprise.
Build Guardium appliances (Central Manager, Aggregators, collectors, Sonar j,) and Experience in installation and configuration of Guardium appliances, agents, and creation of security policies for Data protection, VA, CAS.
Presently implementing Active threat Monitoring and Guardium Insights and Mainframe, mainframe z/os.
Implementing Guardium Insights (Advanced features of V11.5 Elimination of aggregators) implementation and machine learning tool kit to generate / alert intelligent alerts if any unusual activity happens.
Worked on agent installs, upgrades, trouble shooting and fixes to protect data and run operations smoothly.
Worked on collectors and aggregators and Central manager to exact the data and create policies
Also installed S-Tap agent to capture information at collector’s level.
Working on Guardium Insights implementation to strength more monitoring capabilities on cloud databases AWS RDS, Snowflake, Oracle databases, DynamoDB and MYSQL, Mango DB.
Configured and deployed the Vormetric Data Security Manager and Worked on MS SQL, Oracle, DB2, AWS databases.
Working on V11.5 upgrades, and patch installs environment set up changes in test and pro as well to enhance the features.
Worked breaches and fixes to troubleshoot Collectors and S-Taps and agent in different environment.
Implementing IBM Guardium Insights (Modernized and Innovative data Security solution) on OCP platforms, POC done and in process of creating cluster for on-Prem environment.
Leading and coordinating Guardium Insights with IBM Vendor, Middleware Engineering team to build insights successfully.
Created security policies for Data protection, VA, CAS and monitored data loss and data injections
Aws data stream/ Kinesis application in our environment with upgraded V11.5version. And working on M5 Aws instances to reduce cost of the Cloud appliances.
Basic scripting experience of Phyton and SQL to work through commands in CLI and command prompt.
Monitoring activity threat analysis advanced features on daily basis to investigate unusual activities on Databases. Scheduled daily alerts and reports on activities monitoring.
Coordinate with other teams to implement encryption solutions enterprise-wide on all databases. This involves implementation of encryption of data at rest (TDE) and data in motion (network encryption) across various database management systems such as Oracle, EXADATA MS SQL server,
Monitored disk space usage and growth, tuning the database with the assistance of the ADDM report.
Performed database capacity planning and growth projections and database security audit and maintenance.
Monitored and maintained the Guardium agents from a centralized location through the Guardium UI. With GIM we use to install, uninstall, upgrade, and configure agents remotely for a single server or across multiple servers all at the same time.
Experimented with Amazon Web services (AWS) EC2 administration and management and the creation of databases on EC2 using EBS and s3 storage.
Ran, tested, and validated Guardium configuration settings and fully document technical and procedural requirements and assisted in establishing data blueprints, frameworks, stewardship, and data governance models. Worked on cloud services and Guardium Data monitoring with Google Cloud Platform and Amazon Web Services.
Developed new approaches to ensure compliance with standards and identification of security anomalies through automation and implementation of enterprise database monitoring capability.
Worked ODF storage availability through the existing ELA through SS4CP (Storage Suite for Cloud Park)
Organized and monitored personal workload and escalated to manager when issues arise.
Developed dashboards or periodic status reports that communicate the health of and risks to data security tools and the business, as well as reporting on key metrics being provided by those tools.
Sutter Health, Sacramento, CA March 2018 – Jan 2020
Database Security Consultant/Engineer (IBM Guardium DAM)
Extend and develop IAM production and test environments and Develop solutions to deliver IAM services in the cloud
Develop solutions to improve ongoing systems management and Assist account teams with integration of new applications and requirements
Provide 3rd level support to teams managing the access management system and Design and implementation of Data Encryption, Masking and Data Loss Prevention Solutions
Ongoing support of mission critical infrastructure and Extensive experience with IBM Security Access Manager including new ISAM appliances
Extensive experience with IBM Federated Identity Manager and qualys vulnerability management.
Deep technical knowledge of developing with ISAM APIs, developing FIM plugins for use in custom trust chains and proven capabilities with EAI development
Excellent Java development skills and Understanding of Information Security Governance Risk and Compliance. Experience with data encryption management solutions, such as Vormetric and Cloud Link.
Firm understanding of the governance aspects of Information System projects and programs and created security status reports to provide system status, report potential and actual security violations and provide procedural recommendations.
Configured Patch Installation, Policy Installations and Inspection engine Configurations. Created Audit process, purge, archive and backup process
Worked on Appliance (Collector, Aggregator, Central Manager) setup from scratch and scheduling all essential jobs.
Used IBM Info Sphere Guardium SQL Guard we provide Real-time database activity monitoring DAM for identifying unauthorized or suspicious activities, preventing attacks and blocking unauthorized access by privileged users
Designed and implemented Database auditing solution for Oracle, MSSQL, Sybase and DB2 on 10000 servers.
Managed collectors that are running different versions of Guardium. Guardium Insights supports managed collectors from data resources.
Installed and monitored agents and collectors and configured aggregators and CM to efficiently protect and manage the sensitive and confidential data.
Ensured that threat and vulnerability evaluations are performed at an ongoing basis and report significant changes in data risk to appropriate levels of management.
Managed and fixed all troubleshooting issues with agents and collectors to protect the data of an Org.
Guardium administration -End to End setup like Build, Patch update, Migration to new versions, Configuration, Centralize management of SQL Guard Appliances.
Provided Auditing solution and simplifying validation activities related to data integrity, data privacy. Communicate list of audited database instance to DBA Audit Log Reviewer and ISA Audit Log Reviewer. Provide update to DBA Audit Log Reviewer and ISA Audit Log Reviewer on any new or removal of audited database instance.
Implementation, Maintenance and troubleshooting of Agents STAP, GIM Guardium appliances and provides root cause analysis with step-by-step documentation for complex problems.
Sonata Software - Hyderabad, INDIA May 2013 -Jan 2016
Security Analyst
Involved extensively in the inception phase for understanding the Scope of the Project, feasibility of the implementation, and definition of the risk factors involved in the project.
Conducted JAD sessions for communicating with all project managers, senior management, and other stakeholders.
Created Process Flow diagrams, Use Case Diagrams, Class Diagrams, and Interaction Diagrams using Microsoft Visio and Rational Rose.
Conducted meetings with business users and SMEs to identify and gather various functional and non-functional requirements.
Helped identify reports for decision support system and interacted with database designers and architect to gather the requirements for reporting.
Functioned as the primary liaison between the business line, operations, and the technical areas throughout the project cycle.
Responsible for implementing Qos prioritizing voice traffic over data.
Implemented SNMP on Cisco routes to allow for network management. Completed the installation and configuration of T1, T3 & OC3 circuits.
Involved in setting up different configuration environment for compatibility testing and manual testing.
Completed System Administrator tasks like build new window servers, patch update of operating system MS windows 2003. Creating users and giving permission like disking quota, security policy and profiling creation in Windows 2003 server.
Contact this candidate