Home

Laxmi - Cyber Security Engineer

[email protected]

Location: Frisco, Texas, USA

Relocation: YES

Visa: GC

Professional Summary: Around 9 Years of highly analytical computer security analysis with success in defending and attacking large-scale enterprise networks. Excellent knowledge and industry experience in Vulnerability Assessment and Penetration Testing on Web- and mobile-based applications. Expert working knowledge in OWASP Top 10 vulnerabilities analysis/management, SANS Top 25 programming errors, and Common Weakness Enumeration (CWE). Experience with multiple Penetration Testing tools, hacking attack vectors, Security test processes, and understanding of common Security Vulnerabilities. Ability to serve as a corporate security person by ensuring technical security planning, testing, verification, and risk analysis. Excellent analytical and problem-solving skills. Thirst for knowledge in the realm of Security exploits and maintaining expertise in this changing, growing field. Having experience in Secure SDLC and Source Code Analysis (Manual and tools) on Web-based Applications. Having experience in SQL Injection protection, Script Injection, XSS Protection, and primary hacking protection techniques. Working knowledge of the Payment Card Industry (PCI), HIPAA, including OWASP Worked with global security teams performing IT infrastructure and application security assessments. Experience working with Qualys Guard to conduct Network Security and vulnerability assessments. Led penetration testing efforts for various projects, utilizing Python scripts for automated vulnerability assessment and exploitation. Developed custom Python scripts to perform network scanning, service enumeration, and vulnerability scanning on target systems. Collaborated with cross-functional teams to identify security vulnerabilities and recommend remediation strategies based on the test results. A multifaceted professional offering strong experience and skills in threat and vulnerability management, information security analysis, architecture, policy design, risk assessment, security incident response, and security solution implementation and administration. Strong understanding of security systems such as SIEM, malware protection, firewalls (AWS WAF,) IDS/IPS, DLP, and load balancers Excellent understanding of networking concepts - TCP/IP model, Switching, Routing, NATs, firewalls, VPNs, IDS/IPS, DNS Proficient in configuring Cisco ASA and Cisco Firepower firewalls to ensure the security and integrity of the network. Deep understanding of Web Application Security concepts. Proficient as red teaming involves simulating a real-world attack on an organization's systems or processes to identify vulnerabilities. Experience planning, developing, implementing, monitoring, and updating security programs and advanced technical information security solutions, sound knowledge of SOX and PCI compliance requirements, and understanding of NIST and ISO standards. Accomplished history of working with various private businesses and IT organizations to facilitate security and further enhance the company's security stance. Knowledge of TCP/IP networking, switches, routers, firewalls, VPNs, and encryption. Knowledgeable of penetration testing, vulnerability assessment, threat hunting, and security program development. Conducted security assessments of Kubernetes clusters, identifying and addressing potential security risks. Expert at implementing network security, SIEM tools, new concepts, identity management, new security technologies, securing cloud architecture, and new security controls, as well as developing innovative security controls and processes that meet business and executive requirements to protect information. Developed specific content necessary to implement Security Use Cases and transform them into correlation queries, templates, reports, rules, alerts, dashboards, and workflow. As a Blue team, involved in monitoring, analyzing, and defending an organization's systems and processes against cyber threats. Designed and implemented RBAC policies to streamline access control, ensuring that users have the appropriate permissions based on their roles. Supports, Monitors, and manages the SIEM environment. Administration and analytics development on Information Security, Infrastructure and network, data security, Enterprise Security app, Triage events, and Incident Analysis. Implemented IAST solutions to enhance real-time security testing within applications. Experienced in web-based applications using Python, RegEx, PHP, C++, XML, CSS, HTML, JSON, JavaScript, JQuery, MVC3, Bootstrap, RESTful, RUBY and AJAX, Angular Js. Expertise in conducting investigations of Security violations and breaches and recommending solutions; preparing reports on intrusions as necessary and providing analysis summary to management. Proven ability to identify various network security vulnerabilities and explain in detail how to remediate the identified vulnerabilities. Configured firewall high-availability solutions, ensuring network uptime and business continuity. Developed Cyber Security Standards on NIST Frameworks and ensured their proper implementation to reduce the risk of vulnerability to IT assets. Collaborated with DevOps teams to integrate RASP seamlessly into the application environment. Utilized dynamic analysis techniques to identify vulnerabilities during runtime. Expert in Networking protocols like HTTP, HTTPS, IMAP, POP3, SMPT, FTP, TCP and UDP. Expertise in Python, Bash, and shell scripting. Certifications: Qualys Certified Specialist. Fortinet s NSE1 Network Security Associate. Fortinet s NSE2 Network Security Associate. Certified Cybersecurity Customized Training from EC-Council. Certified Ethical Hacking/Penetration Testing & Bug Bounty Hunting Participated in a responsible disclosure program where I reported security vulnerability ethically and got recognition from Grofers as Hall of Fame. Security+ Certification from CompTIA Technical Proficiency Security Tools Metasploit Pro, ZED attack proxy, SQLMAP, Wireshark, Web Scarab, Paros, JHijack, Nmap, Nessus, Rapid7 Nexpose, Tripwire, Symantec Vontu, BMC BladeLogic, DB Protect, ArcSight SIEM, e-DMZ Password Auto Repository (PAR), Varonis, AppDetect, AppRador DAST and SAST tools IBM AppScan Enterprise (ASE), Standard & Source editions, HP WebInspect, QualysGuard, BurpSuite Pro, Acunetix, Fortify SCA, SQLMAP Languages Java, Python, C/C++, C#.NET, Perl, UML Java & J2EE Technology Spring, EJBs, Struts2, Servlets, JavaServerPages (JSPs), JMS, Java Mail API, JNDI, LDAP, JDBC, JTS, RMI, AWT, Swing, Socket Programming, IONA Orbix CORBA Operating Systems Oracle Solaris UNIX, RedHat LINUX 4/5, Windows Server2003/2008 Web Servers Apache Tomcat, Netscape Enterprise Server3.5, Jboss, and JRun Application Servers Weblogic Server, iPlanet, Netscape Application Server, and Microsoft IIS. Middleware TIBCO EMS, IBM WebSphere MQ, JMS Databases Oracle, MS SQL Server, Sybase Scripting Languages AngularJS, XML, XSLT, XPath, XQuery, HTML/JavaScript/JQuery, AJAX Web Services REST/SOAP, SOA, UDDI, WSDL Audit Tools Audit Command Language (ACL), Teammate Professional Experience: Mastercard, St. Louis, MO Jan 2022 Present Application Security Engineer Responsibilities: Identifying and designing Test cases for Modern security vulnerabilities and making them as security control services for the clients. Conducted Web Application Penetration Testing for many client applications. Found critical vulnerability that includes privilege Escalation, authentication Bypass, Stored XSS, Buffer Overflows, Bulk information Disclosure, CSRF, SSRF, Etc. Created detailed Reports containing steps to reproduce the issues, POCs, and migrations to remediate them. Provided remediation consulting service to clients on security issues identified during penetration testing. Proficiency in using Checkmarx, a leading application security testing (AST) platform, to identify and mitigate security vulnerabilities in applications and software systems. Analyzing networking data and identifying recommendations in Azure Security Center and GCP Security Command Center and Implement as required. Conducted comprehensive risk assessments to identify potential areas of non-compliance with SOX requirements, including financial reporting risks and IT control deficiencies. Conducted regular vulnerability assessments of CMS environments, identified security gaps, and promptly applied patches and updates to ensure the integrity and security of CMS installations. Automated security testing processes within the CI/CD pipeline, including static code analysis, dynamic application security testing (DAST), and dependency scanning. Conducted thorough risk assessments and vulnerability scans across hi-tech infrastructure, identifying and mitigating potential security risks and vulnerabilities. Designed and implemented secure Jenkins CI/CD pipelines to automate the build, test, and deployment phases of the software development lifecycle. Experience conducting static application security testing (SAST) using Checkmarx to identify and remediate source code and binarie vulnerabilities. Collaborated with development teams to integrate IAST seamlessly into the CI/CD pipeline. Created and managed ACLs to control traffic flow and enforce security policies, reducing potential vulnerabilities. Integrated container security scanning tools (e.g., Clair, Anchore) into the CI/CD pipeline to identify and mitigate vulnerabilities in containerized applications. Analyzed Cisco ASA firewall logs and generated reports to identify security threats and trends for continuous improvement. Implemented and maintained advanced security controls and solutions, including firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint protection platforms (EPP), to safeguard hi-tech networks and endpoints. Ensured CMS environments complied with relevant security standards and regulations such as GDPR, HIPAA, PCI DSS, and ISO 27001, by implementing necessary controls, conducting audits, and generating compliance reports. Assessed container security and Kubernetes network policies to protect sensitive data. Familiarity with Checkmarx's dynamic application security testing (DAST) and software composition analysis (SCA) modules to identify vulnerabilities in runtime and third-party software components. Ability to configure and manage Checkmarx scans, including creating custom configurations and policies, setting up automated scans, and analyzing scan results. Conducted Android & IOS Application Penetration Testing. Critical vulnerabilities include Account Takeover, Information disclosure, Insecure data storage, Insecure logs, Authentication Bypass, and many session issues. Reported back with detailed mitigations. Identified various Scenarios to Test APIs while Performing API penetration Testing and Designed Detailed Test cases for each scenario. And identified many vulnerabilities in API s. Performed standalone SAST and DAST scans for client applications and conducted false positives and negative analyses for automated reports. Conducted training sessions to educate team members on interpreting and addressing IAST findings. Collaborated with vulnerability management teams to address IAM-related vulnerabilities and proactively implemented patches and updates to mitigate security risks. Integrated the WAF with vulnerability assessment tools to correlate and address vulnerabilities identified in web applications. Monitoring of Azure Security Center to address threats and resolve security vulnerabilities. Performed cloud auditing based on CIS Benchmarks. Experience in assessing and managing risks associated with cloud environments, such as data breaches, misconfigurations, and compliance issues. Conducted thorough and regular access reviews, ensuring that IAM RBAC policies align with the principle of least privilege and proactively identifying and addressing security gaps. Proficient in conducting cloud security assessments, reviewing cloud provider agreements, and implementing cloud security controls. Analyzed firewall logs and generated reports to identify security threats and trends for continuous improvement. Delivered specialized training for teammates on web application, API, and mobile application penetration testing using various tools and manual approaches. Conducting webinars for the Internal Team on modern Vulnerabilities and advanced WAF Bypass methods. Handling the entire penetration Testing team. Planning, Execution, and Managing projects or contributing to committees or teamwork. Review analysis of operating system scans to determine vulnerabilities. Planned, performed, monitored, analyzed, and managed Grey Box, Black Box, and Whitebox Application Security assessments using tools and manual analysis for OWASP Top 10 vulnerabilities. Installation and configuration of a new Microsoft Windows Server 2016 (DHCP, Active Directory, DNS, Group Policies). Responsible for carrying out Manual vulnerability assessment penetration testing on Web, API, Thickclient, and Mobile applications to identify potential security issues in the early stage and work through the mitigation process with the development team before it gets pushed to production. Performing white-box vulnerability assessment for applications developed in Microsoft Technologies for the OWASP Top 10 vulnerabilities. Proficient in implementing and maintaining CJIS security controls to protect sensitive criminal justice information. Implemented RASP mechanisms to fortify applications against runtime threats. Demonstrated experience conducting CJIS security, audits, and risk assessments. Proficient in applying NIST SP800-53 Revision 4 and 5 security controls to assess and enhance the security posture of systems. Experience in conducting comprehensive security assessments and audits based on NIST SP800-53 Revision 4 and 5. Led and performed Infrastructure and Application Vulnerability Assessments, Penetration Testing, C&A, Policy Review, DR/BCP, Risk Assessments, and Ethical Penetration Testing. Vulnerability Assessment of various web applications used in the organization using Paros Proxy, Burp Suite, and HP Web Inspect. Delivered specialized training for teammates on web, API, and mobile applications. Penetration testing using various tools as well as a manual approach. Involved in writing Python scripts to parse the data in XML and JSON formats and lead them into a Database. Warner Bros Pictures, Los Angeles, CA Sep 2017 Dec 2021 Application Security Engineer Responsibilities: Conducted penetration testing on cloud-based systems and identified vulnerabilities by industry standards and best practices. Worked with various cloud service providers, such as AWS, Azure, and Google Cloud, to evaluate security controls and assess risks. Designed and implemented secure cloud architectures and configurations for hi-tech cloud environments (e.g., AWS, Azure, Google Cloud), adhering to best practices and industry standards. Developed and executed test plans, performed vulnerability assessments, and produced comprehensive reports identifying security weaknesses in cloud infrastructure. Collaborated with cross-functional teams to implement recommended remediation plans and assisted with validating corrective actions. Coordinated cyber security audits with internal and external auditors to demonstrate compliance with SOX requirements, provided necessary documentation and evidence, and facilitated audit walkthroughs and inquiries. Conducted configuration reviews of cloud-based systems, including network devices, servers, and applications, to identify potential security weaknesses. Identify risks and vulnerability reported in Azure Security center and GCP Security Command Center and remediate them. Implemented robust monitoring solutions for CMS environments, utilizing tools like intrusion detection systems (IDS), log analysis, and security information and event management (SIEM) systems to detect and respond to security threats in real-time. Integrated Bitbucket with CI/CD pipelines to automate the build, test, and deployment processes for secure software development. Integrated code quality and security scanning tools into Bitbucket pipelines to automatically analyze code changes for vulnerabilities and compliance with coding standards. Conducted regular audits of IAM policies to ensure compliance with industry regulations and internal security standards. Integrated security checks, such as static code analysis and vulnerability scanning, into Jenkins pipelines to identify and address security issues early in development. Performed security compliance assessments for all IT infrastructures (firewalls, routers, IDS/IPs, DLP, Linux/Windows security hardening). Conducted cloud security assessments, including threat modeling, risk analysis, and security architecture reviews, to recommend improvements. Used various cloud security tools, such as AWS Inspector, Azure Security Center, and Google Cloud Security Command Center, to identify vulnerabilities and generate reports. Experience in assessing vendor security controls, evaluating third-party risk, and conducting due diligence. Proficient in reviewing vendor contracts and agreements to ensure appropriate security and compliance requirements are met. Automated security testing processes within Jenkins, incorporating tools like OWASP ZAP, SonarQube, and dependency scanning to enhance the security posture of applications. Configured and fine-tuned RASP policies to align with the specific security requirements of the applications. Expertise in supporting internal and external information security and vendor management audits. Experience in preparing audit documentation, conducting risk assessments, and ensuring compliance with regulatory standards. Stayed up to date on industry developments and emerging threats related to cloud security and provided recommendations for improving cloud security posture based on current best practices. Working with vendors and third-party providers to ensure secure and efficient IAM integration. Conducting IAM risk assessments and threat modeling to identify and prioritize IAM-related risks and vulnerabilities. Developed and maintained cyber security policies, procedures, and standards in alignment with SOX requirements, ensuring clear guidelines for IT governance, risk management, and compliance. Conducted regular assessments to ensure RASP effectiveness in detecting and mitigating attacks. Worked on Azure security center in reviewing Azure secure score to fix the necessary security posture management and review security alerts for key vault activity, Azure user-based high-risk activities and other anomaly-based security alerts to enforce necessary remediations. Implementing IAM solutions in cloud environments, including AWS, Azure, and Google Cloud, to ensure secure and scalable management of user identities and access permissions. Communicated findings and recommendations to technical and non-technical audiences, including management, technical staff, and business stakeholders. Ensured that regulatory compliance requirements, such as PCI-DSS, HIPAA, and GDPR, performed cloud penetration testing activities. HDFC Mumbai, India Nov 2016 May 2017 Security Analyst Responsibilities: Conducted threat modeling exercises for various systems and applications to identify potential threats, vulnerabilities, and attack vectors. Collaborated with stakeholders from different teams, including developers, architects, business analysts, and security professionals, to identify and prioritize threats and risks. Developed threat models using different methodologies, such as STRIDE, DREAD, and PASTA, to identify potential threats and evaluate the impact of security incidents. Developed and maintained disaster recovery and business continuity plans for hi-tech organizations, ensuring timely recovery and continuity of critical operations in the event of a security incident or disaster. Identifies security risks, threats, and vulnerabilities of networks, systems, applications, and new technology initiatives. Provides technical support in developing, testing, and operating firewalls, intrusion detection systems, and enterprise anti-virus and software deployment tools. Conducted threat assessments on various technologies, such as web applications, mobile applications, APIs, and cloud-based systems. Maintained detailed documentation of security configurations, incident response procedures, and compliance activities for CMS environments, and prepared regular security reports for management review and regulatory compliance purposes. Implemented and enforced branching and merging strategies in Bitbucket to facilitate parallel development and code collaboration among cybersecurity teams. Conducted regular reviews of WAF logs to detect and mitigate suspicious or malicious activities. Successfully implemented and managed secure access controls and authentication mechanisms for CJIS systems. Collaborated with law enforcement agencies to develop and enforce CJIS security policies and procedures. Use the MITRE ATT&CK framework for pen-testing and vulnerability assessment. Developed threat mitigation strategies and recommended countermeasures to address identified threats and risks. Conducting security assessments using Checkmarx to identify risks and vulnerabilities across the application stack, including web applications, APIs, mobile applications, and cloud-based applications. Analyzing Checkmarx scan results and recommending development teams to remediate identified vulnerabilities and reduce overall application risk. Worked with developers and architects to incorporate security requirements into software development lifecycle (SDLC) processes, such as design reviews, code reviews, and testing. Provided guidance and training to development teams on best practices for threat modeling, security design, and secure coding. Proficient in conducting forensic investigations and incident response related to payment card data breaches. Experience in ensuring compliance with Payment Card Industry Data Security Standard (PCI DSS) requirements. Participated in security incident response activities, including incident analysis, triage, and mitigation. Proficient in recommending and implementing security measures like encryption, tokenization, and access controls. Conducted security assessments of third-party vendors and service providers to evaluate their security posture and identify potential risks. Automating IAM processes using scripting languages like Python and PowerShell to improve efficiency and reduce the risk of manual errors. Staying up-to-date with emerging IAM trends, threats, and vulnerabilities and evaluating and recommending IAM technologies and best practices to improve security processes and procedures. Documented threat modeling activities and findings and communicated results to technical and non-technical stakeholders, including management, technical staff, and business stakeholders. Barclays Investments, Mumbai, India June 2013 Oct 2015 Security Analyst. Responsibilities Monitor Splunk dashboards to keep track of actual time security events. In-depth analysis of security alerts generated by multiple log sources. Performed Network Penetration testing using Qualys Guard, Nessus, etc. Understanding the impact and nature of the incident. Performed Penetration attack simulations on client s products to determine and exploit security flaws. Investigate incidents, remediation, and follow-up for incidents. Preparation of Daily reports and fetching the weekly/monthly report data. Segregation of SOC bin tickets daily. Performed Dynamic vulnerability assessments using HP Web Inspect, IBM App Scan, and Acunetix. Daily review of security alerts/logs with follow-up on suspicious activity. Proactively monitor, identify, and analyze complex internal and external threats, including viruses, targeted attacks, and unauthorized access, and mitigate risk to IT systems. Integrated threat intelligence feeds into Splunk to enhance the identification and analysis of potential security threats. Implemented continuous monitoring mechanisms to track compliance status, identify emerging risks, and drive ongoing improvements in cyber security controls and processes to meet evolving SOX requirements. Installed, configured, and administered Splunk deployments for log aggregation, analysis, and monitoring. Performed manual penetration testing to exploit and mitigate security threats such as XSS, CSRF, SQL Injection, Buffer Overflows, and DOS Attacks, Document all activities during an incident and provide support with status updates during the life cycle of the incident. Experienced in addressing CJIS security incidents, conducting investigations, and implementing remediation measures. Stay up-to-date with CJIS security requirements and emerging trends to ensure continuous compliance and improvement. Performed Industry standard vulnerability severity and risk ranking using CWE CVSS. Providing support for Incident Response, including evidence collection, documentation, communications, and reporting. Preparation of Daily reports and fetching the weekly/monthly report data. Responsible for shift handover. Quality check of SOC Operational tickets. Checking & maintaining the Health of SIEM on a day-to-day basis. Solving the L1 query with respective analysis and operations. Following up on SIEM issues from IBM support. Assign tickets to L2/L3 for further analysis. Security events/incidents follow-up with the appropriate User stakeholders as required. Suggest fine-tuning and modification in rules to reduce the noise in the SIEM tool Keywords: cprogramm cplusplus csharp continuous integration continuous deployment message queue javascript database information technology hewlett packard microsoft California Missouri