Certified Ethical Hacker (CEH)
Information Security Engineer 01/2015-Present
Untangle Solutions
Job carries the following responsibilities as Information Security Engineer:
Successfully defined IT security policies and procedures to support IT function.
Conducted gap analysis of existing IT infrastructure with respect to ISO/IEC 27001 to assess existing security infrastructure.
Conducted Risk Assessment and defined prevention strategies through Risk Treatment Plan.
Ensured adherence to IT Architecture principles and guidelines along with published Information Security Standard (ISS) (CIS Benchmark).
Identified and Reported vulnerabilities of CISCO network devices using Nipper, Cisco Audit Tool and Kali Linux.
Perform discovery and vulnerability scans on networks and validate findings through penetration testing.
Enhanced End-Point Security by developing Kaspersky endpoint security solution.
Periodically reviewed and updated documentation of the firewall environment to ensure accuracy.
Monitored and analyzed resources such as OSSIM, Splunk; data feeds of alerts and logs from firewalls, routers, and other network devices or hosts; and data feeds and/or alerts from CISCO IPS, and other host and network-based IDS/IPS to watch for security violations and determine vulnerabilities.
Assisted with the development, maintenance of, and training on technical documentation and Standard Operating
Procedures (SOP). Specified application security testing requirements to be included within the CICD/SDLC testing
frameworks.
Information Security Engineer 01/2015-Present
Untangle Solutions
Job carries the following responsibilities as Information Security Engineer:
Firewall administration and overall internal network security.
Collaborates closely with the Information Security team to establish and enforce security policies and
configurations across network device and firewalls consistent with the overall security posture.
Attends and participates in team and departmental meetings providing updates and insight into ongoing
projects, initiatives, and incidents.
Ensures adherence to IT Architecture principles and guidelines along with published Information
Security Standard (ISS) (CIS Benchmark).
Schedules, plans, and performs maintenance on firewalls under the guidance of the Information
Security Team to ensure systems are in good health and fully operational.
Periodically reviews and updates documentation of the firewall environment to ensure accuracy.
Analyze email events including phishing and malware for relevant alerting levels
Maintain an expert understanding of vulnerabilities, response, and mitigation strategies used to support
cyber security operations.
Perform discovery and vulnerability scans on networks and validate findings through penetration
testing.
Assist in defining the set of required application security controls for eCommerce properties.
Provide training and mentoring to eCommerce product teams on the eCommerce threat landscape,
application security controls, and secure coding practices.
Specify application security testing requirements to be included within the CICD/SDLC testing
frameworks
Served as a visiting lecturer at the Department of Software Engineering for System Security and Penetration Testing.