Home

Bhavya A - Cyber Security Engineer

[email protected]

Location: Denton, Texas, USA

Relocation: YES

Visa: GC

Bhavya | Cyber Security Engineer [email protected] | 980-304-8257 / +1 (732) 769-1533 PROFESSIONAL SUMMARY Experienced Professional as an IT Security Professional with 9+ years of experience in IT Infrastructure, Risk Management, SOC Analyst, SIEM, Vulnerability Management, Penetration Testing, Validation, Information Security, and Cyber Security. Possesses strong communication and leadership skills, with a proven track record of providing training and guidance to enhance security awareness and foster a culture of compliance. Proficient in CVSS (Common Vulnerability Scoring System) assessments, utilizing Python to calculate and analyze vulnerability severity scores based on various metrics such as exploitability and impact, enabling effective risk evaluation and prioritization. Experienced in leveraging Python to interact with CVE (Common Vulnerabilities and Exposures) databases, extracting and analyzing vulnerability data, and generating actionable reports to support vulnerability management and mitigation efforts. Adept at integrating security practices into the software development lifecycle (SDLC) and enforcing secure coding standards to ensure robust application security. Highly skilled in Firewall administration of VMware NSX-T, Checkpoint, CITRIX NetScaler, and Cisco Systems. Proficient in Python and Java, with a strong ability to write secure code in both languages. Extensive experience in developing and maintaining applications using Python and Java, ensuring robust security measures are implemented. Proficient in Windows and Unix/Linux operating systems, network security, incident response, and systems hardening. In-depth knowledge of security protocols and best practices, such as OWASP Top Ten, to identify and mitigate security vulnerabilities in applications. Expertise in threat modeling and risk assessment to proactively address potential security issues. Proficient in implementing authentication and authorization mechanisms for APIs, including OAuth, JWT, and API keys. Demonstrated strong ability to work both independently and collaboratively within a team environment, fostering effective communication and achieving shared objectives. Strong knowledge of Python frameworks like Scikit-learn and TensorFlow, enabling the development of machine learning models for anomaly detection, malware analysis, and predictive threat intelligence. Operated with Splunk professional services to make the best practices that can be followed by everyone to maintain the performance of Splunk Enterprise Security 7.0.4. Experience with various Endpoint tools like McAfee EPO, Carbon Black, BigFix, Symantec EPO (IDS/IPS). Possesses extensive knowledge of layer 2 switching and layer 3 routing protocols, encryption protocols, and communication protocols. Seeking a challenging position to utilize my technical expertise and contribute to enhancing information security for an esteemed organization. Managed endpoint firewall operations, fine-tuning configurations as necessary to optimize network security and minimize vulnerabilities. Proficient in managing and securing Windows environments, implementing best practices, and staying abreast of the latest security threats and vulnerabilities. Proficient in Cloud Security Posture Management (CSPM) with hands-on experience in leveraging industry-leading tools to assess, monitor, and enhance cloud infrastructure security across multiple platforms. A proactive member of online security communities, leveraging forums as valuable platforms to share insights, seek guidance, and collaborate with professionals to collectively strengthen global cybersecurity practices. Perform Risk Assessment, Penetration Testing, Validation, GRC, Gap analysis & create Risk Mitigation plan. Designed and implemented secure Azure architectures for multiple projects, ensuring the confidentiality, integrity, and availability of critical resources. Managed and secured on-premises Active Directory and integrated Azure Active Directory for seamless user access and authentication. Focused on cloud strategy, particularly AWS, as well as product marketing, competitive research, customer journey analysis, and strategic partnerships. Created and enforced Azure security policies to maintain compliance with industry standards and regulatory requirements. TECHNICAL SKILLS Cybersecurity: ISO/IEC 27000, ISO 27001-series, SOX, CSPM, PCI & DSS, HIPAA, CIS, NIST, CVE, Akamai. Firewall Administration: VMware NSX-T, Checkpoint, CITRIX NetScaler, Cisco Systems SIEM: Splunk, Symantec DLP. Vulnerability Assessments: Nesses, N Map, Rapid7, Qualys Guard Operating System: Linux Distributions (Kali, Backbox, Parrot), Unix, Windows. Penetration Testing Tools: IBM App Scan, Metasploit, Burp Suite, SQL Map, Nikto, HP Web inspect, Cyber Chef, JWT, OWASP Tools Programming Languages: Java, C#, PHP Scripting: Shell, JavaScript, Python (2.7, 3.6, 3.9). Perl Servers: Nginx, Apache Tomcat, Oracle Database. PROFESSIONAL EXPERIENCE Client: Hudson s Bay Company, New York city, NY June 2022 -Present Role: Sr. Cyber Security Engineer Responsibilities Demonstrated proficiency in leveraging host and network log sources to conduct thorough investigations, applying incident response (IR) methodology, and uncovering the motives, techniques, and procedures employed by targeted threat groups. Designed, developed, and deployed effective security controls and mechanisms to safeguard applications against common security threats, such as injection attacks, cross-site scripting (XSS), and cross-site request forgery (CSRF). Worked closely with software development teams to integrate security measures and best practices into the development process, including the establishment of secure coding standards, static code analysis, and providing secure development training. Conducted in-depth assessments of the security architecture and design of applications, offering valuable recommendations to enhance their security posture, while ensuring alignment with industry standards and regulatory requirements. Demonstrated an in-depth understanding of security controls, protocols, and principles to design and implement comprehensive security strategies. Designed, implemented, configured, and administered Hashi Corp Vault for managing secrets, encryption keys, and other sensitive data. Set up Vault clusters, policies, and backends to meet security and compliance requirements. Experience in deploying and managing AZURE Sentinel resources such as CloudWatch, AWS CLI, CF, and AWS API calls. Specialized in API security, ensuring the protection of data and the integrity of communication between various software components. Responsible for Malware Analytics & Vulnerability Assessments (Nessus) by investigating events similar in complexity to Bash attempts and SQL injections. Conducted extensive research on vendor offerings to evaluate their suitability for meeting organizational security requirements. Planned and executed Proof of Concepts (POCs) to validate the effectiveness and compatibility of security solutions with existing infrastructure. Led a diverse team of cybersecurity professionals, fostering a collaborative and high-performing environment to achieve project objectives and meet organizational goals. Developed, operated, and maintained security controls, ensuring the ongoing security of critical systems and assets, and leveraged extensive knowledge of operating system and database security to fortify enterprise-level environments. Proficiently managed networking technologies, network security, and network monitoring solutions to proactively detect and mitigate threats. Managed and maintained network security infrastructure, ensuring the confidentiality, integrity, and availability of data. Collaborated with cross-functional teams to conduct security assessments and audits. Participated in incident response and remediation efforts. Assisted in the development and enforcement of security policies and procedures. Collaborates closely with SOC (Security Operations Center) teams to investigate critical events, analyze reports, and enhance processes based on insights gained, thereby continuously improving the organization's overall security posture. Conducted comprehensive vulnerability assessments and penetration testing on client networks, web applications, and infrastructure, identifying vulnerabilities and suggesting remediation strategies. Utilized both manual and automated tools to perform network scanning, enumeration, and exploitation of security weaknesses. Developed detailed reports outlining vulnerabilities, risks, and recommended remediation measures, ensuring effective communication with clients. Implemented and maintained Microsoft Identity Manager to streamline user provisioning, de-provisioning, and access management. Conducted comprehensive security assessments and implemented security controls for web applications and APIs to protect against common vulnerabilities. Client: Army & Air force Exchange Service (AAFES) Aug 2019 - May 2022 Role: Information Security Engineer Responsibilities Responsible for the updating, reviewing, and maintenance of comprehensive information security system documentation, encompassing vital components such as the System Security Plan (SSP), the Plan of Action & Milestone, Risk Assessment, policies, and procedures, as well as Security Control Baselines. Ensuring full compliance with NIST standards and established security practices. Performed cloud security risk assessment for cloud applications already in Azure. Worked on Splunk Phantom SOAR Proof of Value (POV) for testing the out-of-the-box use cases. Responsible for design and technical changes within Microsoft Azure and managed Microsoft Azure infrastructure as code through Terraform. Developed necessary artifacts and supporting evidence to fulfill all applicable RMF Controls and corresponding Control Correlation Identifiers (CCI s), ensuring a robust and compliant security framework. Performed API security testing of web services, encompassing SOAP, REST, and JSON/XML protocols to identify and address potential vulnerabilities. Created and managed access control policies to define who can access specific secrets or perform certain actions within Vault. Implemented encryption solutions for data at rest and in transit within Vault, ensuring sensitive data is adequately protected. Developed and updated the Plan of Action and Milestones (POA&M) to accurately document known vulnerabilities and outline corrective actions or risk mitigation strategies. Conducted thorough risk assessments of IT controls to identify potential system threats, vulnerabilities, and risks, producing detailed reports to inform decision-making processes. Experienced in conducting vulnerability assessments, implementing container security best practices, and utilizing container security tools to ensure the integrity, confidentiality, and availability of containerized applications and their underlying infrastructure. Conducted thorough threat modeling exercises, identifying, and prioritizing potential security risks, and implementing countermeasures. Developed and maintained secure APIs and microservices, ensuring data protection and secure communication. Developed and managed web application firewall policies to safeguard applications from OWASP top threats. Configured and monitored Defender for Cloud and Kubernetes, detecting and mitigating security threats across the Azure environment and Kubernetes clusters. Supported the migration of applications to cloud platforms (AWS, Azure, OCI) by developing and transitioning network segmentation firewall security rules to the cloud environment. Spearheaded the implementation of network segmentation strategies across the global organization. Developed, documented, and updated Standard Operating Procedures (SOPs) and design documentation and served as the final technical escalation point of contact for security technologies. Conducted comprehensive cybersecurity risk assessments of IT systems, documenting findings in formal risk assessments and supporting artifacts to facilitate the Assessment & Authorization (A&A) process. Implemented the Risk Management Framework (RMF) across multiple programs, strictly adhering to the guidelines set forth by the National Institute of Standards and Technology (NIST). Revised and modified topology diagrams, while also overseeing Ports, Protocols, and Services Management (PPSM) to guarantee optimal network security. Collaborated with cross-functional teams to guide the evolution of legacy products, aligning them with the Enterprise Information Security Architecture (EISA) for enhanced security measures. Evaluated site/enclave CND policies and configurations to assess compliance with regulations and directives, identifying areas for improvement and ensuring adherence to established guidelines. Actively participated in the development and implementation of network-related procedures and standards to promote a secure and efficient network infrastructure. Client: Jeppesen, Englewood, CO Sep 2017 - July 2019 Role: Cyber Security Analyst Responsibilities: Successfully led the implementation of secure cloud development and migration projects on the AWS platform, ensuring seamless and protected transitions. Conducted thorough evaluations of three modules of cloud architecture in preparation for the upcoming AWS cloud platform integration, ensuring optimal design and scalability. Managed corporate software packages, McAfee Policy Orchestrator, and McAfee Endpoint Security Protection, ensuring robust protection against potential threats. Utilized Rapid7 Insight VM to conduct scheduled and ad hoc application and system scans, enabling the identification and analysis of vulnerabilities, proposing effective remedial actions, and presenting summarized results to stakeholders. Monitoring security events and alerts with proficiency in Security Information and Event Management (SIEM) tools and PostgreSQL for data analysis, promptly investigating and responding to potential security incidents. Successfully orchestrated the migration from Windows Active Directory Server 2008 to Server 2012 R2, ensuring a secure and efficient transition. Continuously enhanced security practices and processes, safeguarding company and customer data across services and infrastructure. Designed and developed metrics and dashboards to track security incidents, vulnerabilities, risks, and awareness, enabling effective monitoring and reporting. Provided expert security guidance to engineering and operations partners, ensuring adherence to Information Security requirements. Proactively collaborated with IT teams to identify, document, and drive the remediation of excessive risks and non-compliant activities, fostering a proactive risk mitigation approach. Influenced and supported the development and implementation of corporate IT Information Security policies, standards, and frameworks. Created and reviewed security metrics to measure the effectiveness of security measures, facilitating ongoing improvement and alignment with industry best practices. Ensured clear understanding and accountability among stakeholders regarding their responsibilities in risk mitigation and remediation. Skilled in leveraging Palo Alto Networks' solutions to protect organizations against advanced cyber threats, conducting firewall rule analysis, implementing security policies, and ensuring network traffic visibility and control for effective threat detection and prevention. Collaborated closely with IT teams to ensure systems were managed, operated, and designed with risk reduction as a priority, minimizing potential vulnerabilities. Developed and executed incident response plans, ensuring swift and effective responses to security incidents. Client: MV-Tech Computer, Mumbai, India May 2015 - Jan 2017 Role: IT Security Engineer Responsibilities: Employed industry-standard tools like Nmap and Nessus to perform meticulous Port Scanning and Vulnerability assessments, ensuring thorough evaluation of system weaknesses. Conducted comprehensive source code reviews of applications using HP Fortify, enhancing code integrity and identifying potential security flaws. Conducted thorough application penetration testing on critical business applications, ensuring comprehensive assessment of potential vulnerabilities and weaknesses. Collaborated effectively within a team environment, with a primary focus on auditing applications prior to their deployment in production environments. Effectively communicated security requirements to the design team during the initial stages of the Secure Software Development Life Cycle (SSDLC), minimizing the need for extensive rework on issues discovered during penetration testing. Executed meticulous Vulnerability Assessments across a diverse range of applications, enabling identification and prioritization of potential security risks. Demonstrated proficiency in conducting Business Impact Analysis and Risk Analysis, alongside conducting Business Continuity Drills and rigorous testing of IT Contingency Plans. Maintained diligent oversight over the security of vital systems such as E-mail servers, database servers, Web Servers, and Application Servers, employing continuous monitoring techniques. Strong expertise in utilizing scripting languages to integrate CVSS and CVE data into vulnerability management processes, enabling effective tracking, assessment, and remediation of security vulnerabilities. Performed comprehensive risk assessments on applications, meticulously identifying and prioritizing issues based on their associated risk levels. Provided timely and practical remediation guidance to developers, based on the issues identified during the assessment process. Thoroughly revalidated, identified and issued the successful closure of vulnerabilities and enhanced overall application security. Verified the implementation of fundamental security mechanisms, such as Job rotation, Privilege escalations, Least Privilege, and Defense in depth, within the application's architecture. Client: The Blackbucks & Engineers Company April 2013 - May 2015 Role: Cyber Security Consultant Responsibilities: Develop and implement comprehensive cybersecurity strategies, policies, and procedures to safeguard systems and data against unauthorized access, threats, and vulnerabilities. Design and deploy network and system security measures, such as firewalls, intrusion detection systems (IDS), and data encryption, to enhance overall security. Conduct regular vulnerability assessments and penetration tests to identify security weaknesses and recommend appropriate remediation actions. Monitor and analyze security logs, events, and alerts from various security tools and systems to detect and respond promptly to potential security incidents. Investigate and respond to security incidents, including performing incident forensics, root cause analysis, and implementing corrective actions. Collaborate with cross-functional teams to integrate security controls into the software development lifecycle (SDLC) and ensure secure coding practices. Conduct security risk assessments and audits to ensure compliance with industry standards, regulations, and best practices. Manage and maintain security systems and tools, such as SIEM platforms, antivirus software, and vulnerability scanners. Provide security awareness training and education to employees to promote a cybersecurity culture and ensure adherence to security policies. Stay updated with the latest cyber security threats, trends, and technologies to proactively identify and mitigate potential risks. Participate in security incident response activities, including containment, eradication, and recovery, and document lessons learned for continuous improvement. Collaborate with third-party vendors and partners to assess their security posture and ensure compliance with contractual security requirements. Support the development and implementation of disaster recovery and business continuity plans to minimize the impact of security incidents. Research and analyze emerging security technologies and solutions to recommend and implement enhancements to the security infrastructure. Regularly communicate security updates, reports, and recommendations to management and stakeholders to maintain transparency and drive continuous improvement. Education Details: Bachelor of Technology in Electronics and Communication Engineering from JNTUH 2013. Keywords: csharp active directory information technology hewlett packard Colorado Delaware New York