Home

KARAM - CYBER SECURITY ENG, CISM

[email protected]

Location: Alpharetta, Georgia, USA

Relocation:

Visa: H1B

Employer : [email protected]; [email protected]; (609) 778-4215 ext 1000 VADAN CISM Summary Committed Senior Cybersecurity Professional with 12+ years of experience driving strategic security solutions across diverse industries. Specializes in aligning cybersecurity initiatives with ITIL framework and business objectives to enhance compliance, mitigate risks and protect information systems. Experience in IT in Linux, Windows, Amazon web services (AWS) and Microsoft Azure. Implemented and managed security systems for client organizations, reducing potential risks by 30%. Developed and implemented Mitigation Strategies to resolve complex security issues, resulting in significant reduction of risk for 15 clients. Planned, tested, audited and migrated security solutions (EDR, DLP, SIEM) for 15 clients, ensuring successful implementation and exceeding GRC goals (HIPAA, NIST, GDPR, ISO 27001 SOC) and secure frameworks (MITRE ATT&CK, Zero Trust). Training programs (phishing simulations, table-top exercises) led to a 30% rise in reported security incidents, enabling proactive threat detection. Worked closely with stakeholders to establish security strategy and business requirements that improved overall system security by 40%. Increased client compliance by 18% (82% to 99.98%) and improved overall security posture by 35%. (Combines compliance and security improvement) Optimized agent upgrades (3 days vs. 2 weeks) and fixed issues impacting 9000+ endpoints for better efficiency. Migrated 1,000+ log sources to the cloud, integrated security solutions (Guardium-QRadar SIEM), and conducted a successful new SIEM PoC, enhancing security visibility and control. Implemented advanced Security Services to protect client data, ensuring compliance with all relevant regulations and standards to achieve project goals. Education BTech, Computer Science, Computer Science - JNTU, Hyderabad India - 2008 MS (ISACA Certified course), Information Security - University of Salford, Manchester, UK - 2010 Certifications Certified Information Security Manager (CISM) AWS Certified Security Specialty (ongoing) AWS Certified Cloud Practitioner Thales KeySecure Certified Engineer IBM Certified Administrator - Security Guardium V10.0 Splunk Administrator and Knowledge Manager CEH Key Skills Security: Endpoint Protection | SIEM | MFA | Database Security | Email Security | GRC & Security Frameworks | Certificate Management | DLP | RBAC| EUBA (Exabeam) | IDS |Windows/Linux/MacOS | Threat Intelligence | Vulnerability Assessment | Testing | Blue Teaming Technical Expertise: EDR (SentinelOne, Microsoft Defender, Cisco AMP, Cybereason, CrowdStrike Falcon) | SEIM (Microsoft Sentinel, QRadar, Arcsight, Splunk ES) | Email Security (Mimecast, Proofpoint) | Database Security (IBM Guardium) |IAM Knowledge (Sailpoint IdentityNow) | Certificate Management (Microsoft CA, Venafi) | DLP (Microsoft Purview, Forcepoint) | Security Management (Intune) | AWS Security Services (Detective, Cloudtrail, IAM, Shield, GuardDuty) | MDM (Airwatch) Soft Skills: Analytical | Problem-Solving Skills | Critical Thinking | Strong Communications | Time Management | Innovative | Flexibility | Collaboration | KPIs & KRIs. Cloud: AWS | Azure. Professional Experience Warner Media, Atlanta, GA Sep 2023 Present Sr. Security Consultant Planned, tested, architected and administered SentinelOne EDR for Warner Media, providing expert guidance and consultation on cybersecurity practices and strategies. Spearheaded the development of comprehensive incident response plans and facilitated tabletop exercises to ensure preparedness for security incidents. Utilized SentinelOne EDR solution to investigate security incidents, suspicious activities, identify root causes, and streamline response efforts. Implemented and architected robust SentinelOne controls across diverse environments, ensuring compliance with security frameworks. Provided expert guidance in Certificate Management, by leveraging Microsoft CA to contribute significantly to the organization's cybersecurity infrastructure. Established key performance and risk indicators KPIs & KRIs w.r.t. security review and audit to measure the effectiveness of implemented security solutions. Provided comprehensive advisory on Threat Modelling techniques, significantly improving the team's capability in managing complex security projects. Built a strong security culture by training and mentoring cross-functional team's, integrating vendor solutions, and creating a holistic security posture. Successfully led teams through demanding security initiatives utilizing strong Project Management abilities as a Sr. Security Consultant. Identified and enabled classification of high-impact security risks, prioritizing based on likelihood and potential business impact. Leveraged strong communication skills to effectively liaise with clients and provide optimal security solutions. Old National Bank | Evansville, IN Apr 2022 Aug 2023 Endpoint Security SME Defined robust endpoint security controls such as sites, groups, policies, exclusions, reports, file categorization and overlooked deployment of latest versions of SentinelOne. Applied the SentinelOne solutions to quickly understand root causes and the history of events leading up to any suspicious activity or potential threat. Provided advisory in developing effective plans for Security Architecture Design, streamlining efforts in identifying and mitigating potential cyber threats. Led training sessions on Cyber Security Incident Management, enhancing the team's ability to detect and respond to cyber security incidents promptly. Conducted comprehensive security audits via gap analysis and improved the overall compliance percentage via actionable corrective actions in the environment. Designed comprehensive security solutions using Microsoft Purview, Intune, Defender and Sentinel driving improvements in system integrity and resilience. Leveraged expertise in Cloud Security (AWS/Azure) to provide strategic guidance and security management solutions in terms of various security services for the company's cloud-based infrastructure. Proactively responded to requests for changes, updates, and improvements to information security policies and procedures ensuring optimal security posture while adhering to risk and compliance frameworks. Spearheaded the development of an enterprise-wide incident response plan, outlining roles, responsibilities, and procedures for various incident scenarios. Facilitated discussions during tabletop exercises, prompting teams to consider different response strategies and decision-making processes. LA County Internal Services Dept | Downey, CA Apr 2020 Mar 2022 Security Engineer Administered and implemented Cisco AMP for over 100k Endpoints and oversaw deployment of the latest versions of AMP on the Endpoints throughout the environment to ensure compliance. Helped customers perform monthly upgrades of the Cisco AMP to keep up with the latest version for ensuring coverage of new bug fixes, threats, and features. Ensured Cisco AMP's audit logging was configured correctly to capture relevant security events for auditors to review. Contributed to the creation of audit reports by providing details on Cisco AMP's findings and its effectiveness in endpoint threat analysis, detection and prevention. Led security and compliance initiatives on Cisco AMP and facilitated essential strategy and advisory as required. Audited target endpoint groups for version history, agent health, and performed remediation to ensure compliant and updated Cisco AMP versions ensuring optimal data protection. Tapestry | NYC, New York Oct 2019 Apr 2020 Sr. Cyber Security Analyst Led the cloud migration of QRadar Log Source, facilitating site decommission and optimizing resource utilization. Developed and optimized use cases for QRadar SIEM, minimizing false positives and streamlining the identification of suspicious activity. Utilized QRadar for security event analysis, historical data correlation, and threat investigation, yielding valuable insights into the organization's security posture. Applied Root Cause Analysis techniques in investigating cyber incidents, providing detailed reports and recommendations for preventing future attacks. Ensured system performance, EPS/licensing compliance, and data retention, leading to reduction of EPS cost estimates by $1 million. Applied strategic budget planning to ensure the cost-effective implementation of security measures and systems. WaveStrong Inc | Pleasanton, CA Jan 2019 Oct 2019 Sr. Security Engineer Administered and maintained IBM Infosphere Guardium, ensuring optimal database security through installation, configuration, patch management, and policy enforcement. Designed, implemented, and optimized Forcepoint Data Loss Prevention (DLP) policies to safeguard sensitive data related to various Information Systems, adhering to PCI-DSS regulations. Developed and implemented comprehensive Security Assessments methodologies for various clients systems. As a Sr. Security Engineer, led risk assessment initiatives as per Regulatory Compliance to protect sensitive information. Managed and designed robust security controls utilizing Microsoft Defender for a variety of clients leading to improved system efficiency. Enhanced the company's digital security measures by implementing advanced Certificate Management strategies through Venafi. Leveraged CrowdStrike to uncover threats, investigate incidents, and generate security awareness reports. Expertise in cyber kill chains, malware, and IOCs. AIG | Livingston, NJ Jun 2018 Dec 2018 Platform Security Engineer Analyzed industry best practices, identified prerequisisstes, and performed gap analysis to ensure optimal functionality of Cybereason EDR-NGAV in AIG environment. Deployed and tested new versions of EDR and Next Gen anti-virus, monitored sensor activity, and tracked key security metrics through IT security dashboards to maintain Cybereason performance. Leveraged a thorough understanding of Cybereason components to investigate, troubleshoot and resolve deployment issues. Extracted daily data on sensor activity to verify performance and adherence to security regulations, ensuring endpoint security compliance. Discussed key findings and functionality issues with the Cybereason vendor, escalating critical problems when needed. Stamford Health | Stamford, CT Oct 2017 Jun 2018 Cybersecurity Administrator Strengthened client's security posture via Tenable through detailed Risk Assessments, vulnerability management and subsequent implementation of recommended measures. Performed network vulnerability scans with Tenable and advised on patch management strategies for efficient remediation. Utilized Mimecast for reviewing suspicious emails, conducting sandboxing, managing email security policies including blocking/allowing emails, and ensuring backups. Implemented Websense and Cisco Firepower for secure web filtering by establishing whitelisting and blacklisting policies. Administered user access and permissions via Active Directory, conducting regular audits for security compliance. Ensured adherence to HIPAA regulations by collecting relevant data and facilitated secure patient care access by configuring mobile devices with Airwatch and Duo MFA. Provided expert guidance on the use of multiple Security Tools, leading to a significant improvement in overall system defense. Synchrony Financial | Stamford, CT Oct 2015 Sep 2017 Security Analyst II Provided Level 2 support for the SOC using SIEM tools (Splunk ES) to analyze alerts, investigate security incidents including email-based malware, escalate critical issues, document new investigation methods, and adhere to ticketing workflows. Used Symantec Endpoint Protection to remediate endpoint threats and leveraged Splunk ES to identify key malware incidents. Conducted investigations and reviewed alerts within SIEM tools (Splunk ES), Symantec MSS to assess validity, prioritize them, and analyze correlation rules for optimization based on evolving threats. Reviewed and triaged incidents handled by Level 1 analysts, ensuring proper investigation and resolution. Additionally, conducted sample audits to maintain quality control. Collaborated with cross-functional teams to implement Security Incident Management protocols, effectively minimizing potential cyber threats. Created, enhanced and maintained documentation for new investigation methods, promoting technical knowledge sharing within the security team. Deloitte | Hyderabad, India Dec 2013 Oct 2015 Information Security Consultant Optimized Arcsight SIEM for security effectiveness, including crafting custom alerts, managing access, developing security use cases for threat detection, designing correlation rules and dashboards, and performing comprehensive log analysis to identify potential security incidents. HSBC | Hyderabad, India Jan 2012 Dec 2013 Information Security Analyst Collaborated with the Security Operations Center to proactively monitor security threats, investigate incidents (including malware outbreaks), and address emerging security issues. This included monitoring tools like IBM Site Protector IDS, McAfee ePO, managing various regular tasks and analyzing suspicious activity for phishing/spearphishing attempts, with appropriate reporting and response actions. Keywords: rlang information technology microsoft California Connecticut Georgia Louisiana New Jersey