Vulnerability Analyst/Application Engineer
DXC TECHNOLOGY
Keywords
Skills
Cyber Security, TCP/IP Network Administration, Window IDS/IPS, Penetration Testing, Vulnerability Scanning, Anti-virus, Anti-malware, Nessus Risk, FISMA, FIPS, Firewall, Spoofing, Intrusion detection, Encryption, BigFix, Tanium/Bit Locker, SCCM/MECM, Windows 7/8/10 & 11, Linux, Server, Ubuntu, Apple, SDLC, SCRUM, Waterfall, Agile, Service Now Modules, ITSM, ITAM, ITOM, Database, Oracle 10g & 11g, MySQL, Business Objects, Crystal Reports, JavaScript & Power Shell Scripting, DNS, DHCP, LDAP, SMTP, KERBEROS, ACTIVE DIRECTORY, ADFS, User management, Nmap, Wireshark/NeXpose/BackTrack/Metasploit/AppScan/WebInspect/Burp Suite, Open Source, OWASP, cloud, SaaS, PaaS, malware, Power Shell Scripting language, script, JavaScript, HTML, ITIL, PYRAMID, COBIT, NTFS
Project history
02/2020
-
04/2022
* Provided analytical support to critical infrastructure incident response activities led by the
Department of Homeland Security (DHS), Office of Cyber and Infrastructure Analysis (OCIA),
Analysis Section.
* Kept track of new vulnerabilities on various network and infrastructure components.
* Worked on Orchestration for User management like Reset password, Add User to AD, add user to
group.
* Analyzed vulnerability test reports and suggest remediation or mitigation plans.
* Includes ability to prioritize process and reporting enhancements.
* Demonstrated penetration testing and vulnerability assessment tools such as
Nmap/Wireshark/NeXpose/BackTrack/Metasploit/AppScan/WebInspect/Burp Suite etc.
* Familiarized with ethical hacking methodologies such as Open Source Security Testing Methodology
Manual {OSSTMM}, Open Web Application Security Project {OWASP}, Penetration Testing Execution
Standard {PTES} and Penetration Testing Framework.
Department of Homeland Security (DHS), Office of Cyber and Infrastructure Analysis (OCIA),
Analysis Section.
* Kept track of new vulnerabilities on various network and infrastructure components.
* Worked on Orchestration for User management like Reset password, Add User to AD, add user to
group.
* Analyzed vulnerability test reports and suggest remediation or mitigation plans.
* Includes ability to prioritize process and reporting enhancements.
* Demonstrated penetration testing and vulnerability assessment tools such as
Nmap/Wireshark/NeXpose/BackTrack/Metasploit/AppScan/WebInspect/Burp Suite etc.
* Familiarized with ethical hacking methodologies such as Open Source Security Testing Methodology
Manual {OSSTMM}, Open Web Application Security Project {OWASP}, Penetration Testing Execution
Standard {PTES} and Penetration Testing Framework.
07/2019
-
12/2019
Cyber Security Engineer
UP WORKS FREELANCING
* Vast knowledge and understanding of cloud computing in SaaS/PaaS/Iaas and requisite security
control mechanisms.
* Utilized experience acquired in Agile development methodology (Scrum) and the Risk Management
Framework (RMF).
* Identified, recognize, respond and troubleshoot any security issues in a timely manner with
malware performances analysis.
* Familiarize with Power Shell Scripting language.
* Developed automated script to report about the specification of a ticket and also update
automatically the status of a ticket with JavaScript and HTML.
* Designed and developed solutions within the Service Now environment to include modifications of
application, forms, workflows, interfaces and any other customization required to support ITIL
process.
* Scanned through any vulnerability and penetrating testing in Cyber Security.
control mechanisms.
* Utilized experience acquired in Agile development methodology (Scrum) and the Risk Management
Framework (RMF).
* Identified, recognize, respond and troubleshoot any security issues in a timely manner with
malware performances analysis.
* Familiarize with Power Shell Scripting language.
* Developed automated script to report about the specification of a ticket and also update
automatically the status of a ticket with JavaScript and HTML.
* Designed and developed solutions within the Service Now environment to include modifications of
application, forms, workflows, interfaces and any other customization required to support ITIL
process.
* Scanned through any vulnerability and penetrating testing in Cyber Security.
07/2018
-
07/2019
Vulnerability Analyst/Systems Engineer
PYRAMID CONSULTING
* Worked on Orchestration for User management like Reset password, Add User to AD, add user to
group.
* Configured vulnerability scans and tailored it to meet up with the specific client requirements.
* Performed vulnerability assessment reports and distribute to IT Support teams for remediation.
* Thorough understanding of Cybersecurity Standards and Frameworks such as ISO 27001 &
27002/NIST/CIS/OSA/SANS/COBIT.
* Configured Bit - Locker encryption after the migration deployment to guide against end user's
profile been attacked.
group.
* Configured vulnerability scans and tailored it to meet up with the specific client requirements.
* Performed vulnerability assessment reports and distribute to IT Support teams for remediation.
* Thorough understanding of Cybersecurity Standards and Frameworks such as ISO 27001 &
27002/NIST/CIS/OSA/SANS/COBIT.
* Configured Bit - Locker encryption after the migration deployment to guide against end user's
profile been attacked.
10/2016
-
06/2018
Vulnerability Analyst/Systems Administrator
TCS "WORLD BANK GROUP
* Managed NTFS Permissions Configured DHCP and utilized Active Directory for GPO, distribution
points and organization units.
* Demonstrated thorough understanding of security concepts.
* Analyzed vulnerability scan data to identify critical vulnerabilities and to determine gaps in
patch or any vulnerability management processes.
* Developed reporting and metrics for various stakeholders as to the current vulnerability status
for the environments they are responsible for.
* Encrypted data profile by Bit Locker and BMC Remedy for troubleshooting.
* Performed a deep technical analysis of vulnerabilities and associated exploits.
* Demonstrated understanding of the Secure Development Lifecycle such as security requirements,
threat modeling and attack surface analysis.
points and organization units.
* Demonstrated thorough understanding of security concepts.
* Analyzed vulnerability scan data to identify critical vulnerabilities and to determine gaps in
patch or any vulnerability management processes.
* Developed reporting and metrics for various stakeholders as to the current vulnerability status
for the environments they are responsible for.
* Encrypted data profile by Bit Locker and BMC Remedy for troubleshooting.
* Performed a deep technical analysis of vulnerabilities and associated exploits.
* Demonstrated understanding of the Secure Development Lifecycle such as security requirements,
threat modeling and attack surface analysis.
Local Availability
Only available in these countries:
USA
I'm very flexible to travel it there's an opportunity for it.
