About
๏ท 8+ years professional experience in Technology SDLC, Cyber + Networking in threat and vulnerability management, information security analysis, information security architecture, information security policy design, Incident Analysis, risk assessment, security incident response, and security solution implementation and administration. ๏ท Information Security Analyst with an active secret security clearance of proven IT experience and professionalism. ๏ท Possesses a comprehensive background in IT Administration, network systems, and cyber security practices, accompanied by accomplished measurable results. ๏ท Splunk Administration and analytics development on Information Security, Infrastructure and network, data security, Splunk Enterprise Security app, Triage events, Incident Analysis. ๏ท Excel helped in organizing and managing large datasets. ๏ท Analysts can use Excel to create and maintain spreadsheets that track various cyber security metrics and incidents. ๏ท Experience as a Splunk Engineer configuring, implementing and supporting Splunk Server Infrastructure across Windows, UNIX and Linux environments. ๏ท Extensive experience in SIEM operations and implementation, administration, implementation and monitoring. Working as a part of the Threat Intelligence team performing, data security, Triage events, Incident Analysis, malware analysis, advanced cyber threat detection & security advisory integration with RSA Net witness. ๏ท Managing enterprise antivirus and host-based intrusion detection systems, performing network and system vulnerability assessments, and web application penetration testing. In addition to analyzing, performing, and documenting vulnerability assessments of computer systems and networks to ensure that the security controls in place provide the required protection, and where necessary, amend the security controls. ๏ท Developed specific content necessary to implement Security Use Cases and transform into correlation queries, templates, reports, rules, alerts, dashboards, and workflow. ๏ท SharePoint enabled secure storage and organization of sensitive security data, logs, and documents. It allowed setting up centralized repositories for easy access and management of information. ๏ท Configuring and maintaining Palo Alto firewalls, Cisco ASA firewalls & analysis of firewall logs using various tools. Experienced in Vulnerability management and remediation. ๏ท Worked extensively on Splunk Enterprise and Splunk Cloud, having experience in Installation, developing Splunk alerts and Dashboards for analyzing application related data as per the business requirement.
Skills & Expertise (13)
Work Experience
Cyber Security Engineer
HCA Healthcare, Dallas, TX
1-2021 - 6-2024
๏ท Day to Day Data Analysis of various type of data which include failed logins, use of powerful service account, unauthorized access to server or databases and review the analysis with the system or application owner for validation of data activity and making suggestion how to improve the process and DB Vulnerability Management using Guardium. ๏ท Perform the review of the RSA Security SIEM log and Net Witness Security Event Log - analyze various logs from various appliances such as Cisco IDS, Proof point, Big-IP, Snort, application firewalls; thus, providing a strong threat intelligence security data point for the Information Security team ๏ท Managed and Created Data Analytics reports for higher management and for Information security team as needed. Day to day manages SIEM applications, manages the upgrades, and involved in change process. ๏ท Managed and installed new integration apps in our SOAR application and manage App - Host Appliance & Utility server. ๏ท Excel allowed for the creation of protected spreadsheets where access to certain data or editing capabilities can be restricted, ensuring data security even within a shared environment. ๏ท SharePoint supported automation of workflows related to security incident management, such as automatic notifications, task assignments, and status updates, streamlining the response process. ๏ท Identified process improvement activities for Identity access management operations to ensure access is provisioned and de-provisioned in accordance with Security Standards and Contractual SLA's. ๏ท Managed and created documentation of each process and user manuals for the applications we use in our environment. Strong people management and development skills with the ability to shape communication to the needs of the audience. ๏ท Implemented all aspects of Google Cloud (GCP) Security including IAM Roles, User and Group Management, 2SV/MFA, Securing VPC's, Firewall Rules, Encryption, Vulnerability scanning. ๏ท Implemented and monitored Google Cloud (GCP) Secret Management using KMS ๏ท Implemented Google Cloud IAM roles on Organization, Project and resource level ๏ท Implemented and monitored GCP Cloud monitoring and Logging (Stack driver) Configured Pub/Sub to send logs from Google Cloud (GCP) to IMB QRADAR and Splunk using Terraform ๏ท Knowledge of HIPAA, release of information and record retention with familiarity with Electronic Medical Record functionality, document imaging and workflow. ๏ท Managed and created schedule run discovery scans to identify CH assets, ensure assets are documented in Service Now and CMDB system. ๏ท Managed and installed Tenable Agents (Must have Tenable Experience) are installed on all assets, create metrics to generate awareness around missing agents and missing CMDB entry.
Education
The University of Texas at Dallas Associate of Science - AS, IT.
2015 - 2017 ยท United States