Your browser does not support javascript! Please enable it, otherwise web will not work for you. A professional cyber security engineer | CV - QWER
« BACK

xxxxxxx xxxxx

ICT Security Specialists
xx@xxxxxxxxxxxx.xxx
xxxx xxx xxx
xxxxx://xxxxxxxx.xxx/xxxxxxxxxxxx
A professional cyber security engineer
Address:
x xxxxx xx, xxxxx xxxxxxxx xxx, xxxxxxxxx
About
A professional Security Consultant & Full Stack Security Integration Developer with more than 10 years of industrial experience. I have strong coding skills in multiple languages and worked with the most recent security tools to protect corporate environment with high-end cyber security techniques that can challenge complex modern cyber-attacks. My experience lies in automating Security Information & Event Management (SIEM), Threat Hunting, Investigating, PCI compliance, Splunk Enterprise Security, etc.
Skills
cyber security splunk siem firewall waf endpoint trendmicro sophos crowdstrike threat hunting compliance pci gdpr iso 27001 soc2 fim proofpoint sumologic tenable qualys ismsjqwueryphp
Visa Status
Australian Citizen
Key Deliveries/Achievement(s)
  • Built operational SOC for Cover-More Travel Insurance, Insurance Australia Group (IAG) and Qantas.
  • Rollout DLP for Suncorp Group using Symantec DLP.
  • Identified some major threats in the Qantas network that are not been blocked by the protective tools.
  • Performing auditing and advising on security best practises & enhancements for Mash Marketing and Queensland Supreme Court.
  • Always at timely delivery with all the contracts I worked so far.
Qualification
Course Institute Completion
Certified Ethical Hacker xx xxxxxxx Aug 2018
Master of Information Technology (MIT) xxxxx xxxx xxxxxxxxxx Discontinued
Computer Science & Engineer xxxx xxxxxxxxxx Oct 2011
ISO 27001 xxx xxxxxx Oct 2019
SOC Engineer
xxxxx-xxxx xxxxxx xxxxxxxxx
Oct 2018 - Current
  • Built an operational Security Operations Centre using Splunk & Service-Now.
  • Leading a team, I am managing projects, BAU and compliance while handling security attacks.
  • Assigning contractors their tasks and helping them with any technical challenges.
  • Maintaining good relationship with staff and clients and providing them support in timely fashion.
  • Automating the Security Incident Response process using python scripts and web APIs.
  • Designing use-cases for their security tools based on Mitre Framework.
  • Tuning logs and triggering adaptive responses to block the incident or sent for investigation.
  • Performing vulnerability scans and assessing the risks.
  • Managing all BAU activities including Proxy, DLP, Firewall, scanning.
  • Installing and setting up tools such as TrendMicro Apex1, HSM.
  • Resetting up the Trend Micro Data Loss Prevention with fresh policies and rules.
  • Maintaining PCI DSS, ISMS, SOC 2 and GDPR compliance.
Senior Security Engineer
xxxxxxxxx xxxxxxxxx xxxxx (xxx)
Oct 2017 - Oct 2018
  • Highly involved in building the SOC, and the transformation program to upgrade the proxy, data loss prevention and CASB using Symantec Bluecoat and Symantec DLP.
  • Setting up data-loss prevention for Endpoint, Web and Email channels by installing the on-prem detection servers and cloud-based email connector for Office 365 and message labs
  • Implementing web based DLP using ICAP request modifications or response modifications in proxy and performing SSL interception.
  • Wrote data-loss policies for PCI, PII, various regulatory compliance using both predefined templates as well as custom using regular expressions.
  • Testing the policies using wireshark packet capture and other online tools.
  • Tuned DLP policies by writing Regex based exceptions to decrease the number of false positives.
Security Analyst
xxxxxxx xxxxx
Jun 2017 - Oct 2017
  • Installing, configuring and managing Symantec Enforce Console on Three Tier Platform and writing policies for data loss prevention that supports Windows 7 Embedded in Thin Client Wyse Terminals.
  • Setting up the entire data-loss prevention including POC, Pilot and rollout to 15000 Endpoints.
  • Upgrading bluecoat proxies to SG400-30
  • Upgrading Blue Coat Content Analysis CAS to S400-A3
  • Upgrading Blue Coat Malware Analysis to MAA-S500-10
  • Reviewing and updating firewall policies of F5.
  • Setting up Splunk add-ons, on-boarding logs and creating dashboards and generating Splunk reports.
  • Monitoring DLP and Firewall policy behaviour in Splunk.
  • Creating Splunk dashboard for Application Security Management (ASM/WAF).
  • Creating Splunk dashboard for Blue Coat traffic & bandwidth of internal staff.
  • Testing network compliance using Splunk logs.
Security Engineer
xxxx xxxxxxxxx
Jan 2017 - Jun 2017
  • Improving the company Security Posture.
  • Reviewing the ruby on rails code and updating the large-scale application to the latest version of ruby & latest version of rails with thousands of lines of hand written code.
  • Performing database migrations and adding encryptions & hashing to the sensitive data wherever required.
  • Writing use-cases for Splunk to create dashboards, generate reports and generate alerts. Investigating events and performing drilldown searches to identify the origin.
  • Performing penetration testing and improving the WAF rules wherever required.
Security Analyst
xxxxxx
Sep 2016 - Jan 2017
  • Building their SOC by writing Splunk use-cases in Splunk ES.
  • Automating actual incidents to trigger a script with response action.
  • On a daily-basis, I did review the incidents in Splunk Enterprise Security and look through dashboards & run search queries to investigate it.
  • Designed & developed Splunk use-cases to create alerts for detecting anomaly & vulnerabilities in IAM. IRM, DSS, DLP, PCI Compliance, Malware, Firewalls, DNS, Proxies, etc.
  • Migrating logs, dashboards and search strings from ArcSight to Splunk.
  • Designed Splunk dashboards to visually identify the treats and WAF activities to identify the potential & actual treats that are not blocked by WAF.
  • Monitored logs from 9000 servers hosted in AWS, IBM, TCS, Fujitsu & other data centres and work on Windows, RHEL, Solaris, Mainframe, AIX, etc.
Security Engineer
xxxx xxxxxxxxx
Jan 2016 - Aug 2016
  • On a daily-basis, I did review the incidents in McAfee ePO dashboard & AWS WAF and respond to the incidents.
  • Created AWS instances with security groups, disk encryptions, IAM, installing patches, backing up, snapshotting.
  • Setup cloudfront, AWS WAF, replicating data across multiple availabilities zones, monitoring EC2 performance & usage.
  • Installed McAfee ePO and did setup DLP rules and application access rules for the client workstations.
  • Created auto scaling groups for the AWS instances.
  • Configured VPN connection with proxy servers.
  • Installing Splunk and Splunk Enterprise Security App for SIEM and compliance monitoring.
  • Developing Splunk use-cases for PCI continuous monitoring. Performed Penetration Testing.
Security Integration Developer
xxxxx xxxx
Sep 2015 - Jan 2016
  • Configured network as per PCI Compliance Regulations Checklist.
  • Designed the application as per the standards of OWASP.
  • Connected the ReSTful API to call Sphinx using encryption.
  • Deployed the AWS instances for this project.
  • Configured firewall and IAM rules for the AWS instances.
Security Integration Developer
xxxxxxxxxx xxxxxxx xxxxx
Jan 2015 - Sep 2015
  • Designed the application as per the standards of OWASP.
  • Deployed the AWS instances for this project.
  • Configured the WAF and McAfee tools in the instance.
  • Create Splunk to detect security breaches, analytics.
  • Assembled IAM roles within the web application for access management.
  • Built ReST API for external access of the application.
  • Configured the web server and mail server with SSL certificates.
  • Monitoring events in ArcSight for identity access management, web application firewall and improving WAF & firewall rules.
Blockchain Developer
xxxxxxxx xxxxxxx
Jul 2014 - Jan 2015
  • Initially developing apps for Bitcoin Blockchain to sign plain text message into Bitcoin Blockchain.
  • Created API to generate wallets.
  • Created apps & API to sign transactions.
  • Created API to sign plain text with the public key and decrypting it using private key.
  • Created API to check the blockchain for transaction history, confirmations, balance, etc.
  • Worked on data encryption, key pairs, distributed ledgers, etc.
  • Later connected it to Ethereum using Solidity (in 2016 soon Ethereum arrived in market).
  • Configured the network as per PCI compliance regulations checklist.
  • Developed a payment gateway for bitcoin.
Security Integration Developer
xxxxxxx (xxx)
Dec 2013 - Jul 2014
  • Designed Web Application as per PCI Compliance Regulations for Web Application.
  • Created Web Application as per OWASP.
  • Deployed the dedicated cloud server for this project.
  • Configured IAM for this web application.
  • Created encryptions for REST API for EAN XML & JSON API.
  • Built up WAF and cloudflare, configured firewall rules, web server, SSL, mail servers, etc.
  • Configured ArcSight to monitor server workloads, network traffic, applications usage, Endpoint events, anti-malware events, firewall events, identity access management, etc.
Employment Reference(s)
xxxx xxxxx
xxxxxxx xx xxxxxxxx xxxxxxxxxx
xxxxxx xxxxxxx
xxxx xxx xxx
xxxx.xxxxx@xxxxxx.xxx.xx
xxxx xxxxx
xxxxx xxxxxxxx xxxxxxx
xxxxx-xxxx xxxxxxxxx
xxxx xxx xxx
xxxx.xxxxx@xxxxxxxxx.xxx
Status
Actively looking
Category
ICT Security Specialists
Visa Status
Australian Citizen
Work rights
Full Time Work Rights
Experience
10 years or more
Salary Range
Annual Base:
$140,000 - $150,000
Day Rates:
$800 - $1,000
Hourly Rates:
$100 - $150
Interests Roles
Permanent Full Time
Contract Full Time
Contract
Copyrights © 2021 QWER Pty. Ltd. - All Rights Reserved
ACN: 643 516 241 | ABN: 56 643 516 241