Engineer Security

Maaz Quraishi

** ***** ****** *******

Brookfield, CT 06804; USA

Cell# +1-203-***-****

Email: ******@*****.***

Information Security Engineer with over 7 years of excellence in Information Security domain. SANS certified Incident Response analyst. Efficiently managed and lead Next Generation Threat (NGT) incidents, delivering to the CIO set target of 1 hour or less from time of detection to time of containment. Deployment and management of security software in global and large environments.

PROFILE:

• Incident Response - effective remediation of assets reported as compromised, incident impact assessment, corrective actions, Remediation of systems compromised by external and remote threats. Good knowledge of the virus attack vectors and system protection.

• Data Loss Prevention (DLP) – leveraged Digital Guardian as Incident Response and Prevention tool by developing and implementing policies and rule-sets that can serve as tools that contributed towards lesser Incident Response times.

• Development of Live Response strategies and guide the Emergency Response Team in development of the scripts; thus enabling in gathering Master File Table, Internet history collection and complete picture of compromised asset

• Anti-virus and HIDS administration - Deployment and management of Symantec and Sophos antivirus software (on workstations and desktops). Design of master server environment to evenly distribute available bandwidth across the high and low speed links. Creation and customization of Sophos antivirus packages as they are released.

• Windows patch management, batch scripting – Patch management for non-reachable (rogue assets), identification of DNS gaps, effective utilization of existing inventories to ensure proper security posture per vulnerability management guidelines. Developing batch scripts to deploy patches

• IP Packet Analysis – IP packet analysis from SNORT IDS as a part of special extrusion detection team. Using packet sniffers to closely watch IP traffic flowing outward of the intranet and ensuring minimal loss of confidential company data.

PROFESSIONAL AFFILIATIONS & CERTIFICATIONS:

• CCNA- Cisco Certified Network Associate

• ISO 27001 Lead Implementer from BSI Management Systems

• GIAC - S.T.A.R - IP Packet Analysis (SANS)

• IBM ISS – DP (Desktop Proventia)

• IBM ISS – Internet Scanner Expert

• Reverse Malware Analysis certified from K-Secure

• Incident Response & Computer Forensics certified from K-Secure

• Sophos certified Anti-Virus & NAC administrator

• Six Sigma quality Green Belt trained and qualified

• CISSP – in progress

LICENSES & MEMBERSHIPS:

SANS-GIAC 1228796 [Global Information Assurance Certification]

EDUCATION & QUALIFICATIONS:

10/2000 – 04/2004 B.E, ELECTRONICS & COMMUNICATION, Jawaharlal University of Engineering & Technology.

Hyderabad, INDIA

EXPERIENCE & ACCOMPLISHMENTS:

Genpact LLC – 06/2007 to Present

Client: GE Capital Americas

Infomation Security Engineer - reporting to Chief Information Security Officer

RESPONSIBILITIES:

• Lead and drive the Incident Response process and improve the existing processes’ effectiveness to conform to GE corporate policies & initiatives.

• Develop and manage - policies and solutions for high priority assets through Symantec Security Information Management(SSIM) device

• Recommend policy improvements to the GE Capital – Chief Information Security Officer

• Ensure all the live desktops and servers have Sophos antivirus engines running. Drive reconciliation with inventory if needed.

• Study security methodologies, trends and best practices and implement them

• Investigate and report on Security breaches

• Review and application of rules across the organization - as a part of Data Loss Prevention initiative using Verdasys Digital Guardian

• Manage Incident Response Teams ensuring appropriate security ticket assignment – improved service delivery and ownership

• Incident containment time reduction – reduced average incident resolution time from 4 days to less than 3 hours, by implementing different initiatives and best practices

• Monitor network intrusion activity using inhouse tools like Enterprise Sensor Grid(ESG) and also search tools like Splunk.

ACHIEVEMENTS:

• 86% reduction in unassigned subnets from ~300 to ~40 subnets; better asset – site mapping. This continues to help in nailing down the assets (in case of incidents)

• Minimized average Incident containment time from 4 days to less than 5 hours

• Close monitoring of the environment has resulted in reduction of monthly average incident count – from 40 incidents to 15 incidents per month.

Genpact LLC – 02/2005 to 03/2007

Client: SABIC Innovative Plastics (Pittsfield, MA)

Security Support Specialist – reporting to Operations Manager

RESPONSIBILITIES:

• Creation & management of policies on Sophos AntiVirus, Host Intrusion Prevention System, Network Access Control & Firewall

• Deployment of Sophos antivirus on a network of 15000 workstations using

• Drive vulnerability assessments, network audits and recommend actions to mitigate risks

• Lead the team of security analysts to ensure secure environment in times of critical virus outbreaks

• Mitigation of virus on servers and workstations; and co-ordination and deployment of anti-virus signatures on the assets

• Batch scripting involving reverse analysis of malware and implementing those scripts on computers where viruses have affected and on machines suspected to be creating backdoors in order to spread those viruses.

• Managed IBM ISS Desktop Proventia and Symantec AV corporate edition for a user base of more than 15,000 users.

• Experience around 3 AV products. Responsible for administration of servers & SIMs for Sophos, Symantec Anti-Virus & Trend Server Protect. Acted as consultant for global teams for virus mitigation. Interacted with different teams globally to minimize the disaster and effect of Zero-day attacks.

• Management of Vulnerability data through ISS and Nessus network scanners. Retrieval of vulnerability data and thorough analysis of vulnerabilities.

• Preparation of ISS Internet Scanner policy after release of vendor patches and implementation of patching on workstations.

• Prepared Standard Operating Procedures, training documents & trained new hires

ACHIEVEMENTS:

• Was promoted to Lead the Sophos anti-virus deployment project in SABIC Innovative Plastics; Pittsfield, MA

• Successfully completed and implemented 2 LEAN projects which resulted in significant cost savings

• Successfully implemented 2 Antivirus implementation projects on 15000 clients

• End-to-end solution for mitigation against NEW viruses. Detailed analysis of anomalous files resulted in Sophos identifying 2 new worms – W32/Autorun-GA and W32/VB-DXY.

Sutherland Global Services, Chennai, India – 05/2004 to 01/2005

Security Support Engineer – reporting to Security Manager

RESPONSIBILITIES:

• Assist Symantec customers in North America region to troubleshoot softwares like Norton Anti-virus, Internet Security, anti-spam etc.

• Address licensing issues for these softwares

• Train and equip new team members with all the tools and trainings required

• Prepare operating procedures with changes in policies and evolving electronic threats

SKILLS:

Description Proficiency Yrs experience

Incident Response Advanced 7 years

Next Gen Threat Management Advanced 2 years

Antivirus Advanced 7 years

Vulnerability Assessment Intermediate 4 years

Batch and shell scripting Intermediate 3 years

Six Sigma Quality Beginner 1 year

STRENGTHS:

Excellent communication & interpersonal Skills, Analytical, Quality work with minimal supervision, Initiative & motivational skills. Leadership qualities and very keen in self-help and improvement.

RELOCATION: Available

REFERENCES: Available upon request

Contact this candidate