Security Analyst Resume Examples
- Admin of Privileged Identity Management (ARCOS)
- Vulnerabilities & Threat Assessment.
- Involved in Configuration Audit
- Firewall Rule Base review.
- Security Events & Incident Management using PIM Tool.
- Security Systems Implementation.
- Encrypt data transmissions and erect firewalls to conceal confidential information as it is being transmitted and to keep out tainted digital transfers.
- Monitor current reports of computer viruses to determine when to update virus protection systems.
- Train users and promote security awareness to ensure system security and to improve server and network efficiency.
- Coordinate implementation of computer system plan with establishment personnel and outside vendors.
- Document computer security and emergency measures policies, procedures, and tests.
- Research of malwares’ network traffic
- Develop protections against network traffic of malwares
- Web applications’ analysis
- Data analysis using SQL
- Manage the content of the Anti-Bot product, including urgent releases of zero day protections
- Facilitate the weekly release cycle in coordination with the AB release manager
- Python Programming – Development of integration and automation tools
- Performing Dynamic application security testing of the web applications.
- Testing and analysis of bench-marking the application against industry standards such as OWASP Top 10, SANS 25.
- Documenting all the vulnerabilities and providing mitigation and explaining the impact of the vulnerability to the developers and managers.
- Conduct OWASP Top 10 training and Information security awareness programmed to developers and testers.
- Test cases are identified based on security requirements and Company policies.
- Test case coverage include check for Authentication, Authorization, Data Protection, In-formation Leakage, Error handling, Input Validation, Privilege Escalation, Session Management, Audit and Alerts.
- Verifying the user access reconciliation reports, enforcing security quiz compliance, identifying security incidents and its closure, con-ducting spot checks within the accounts, coordinating internal security audits, system security assessments of organizational infrastructure.
senior security analyst
- Onsite at BNP Paribas Bank – (APAC SMC IT Security )
- Real time Identification, Analysis and resolution of security events detected by SIEM tool (ArcSight Ver.6.8.0).
- Understanding with Custom Rules, Reports, Queries, Filters and Dashboards, Active Channels in ArcSight (SIEM tool) as per business requirement.
- Tools use in daily basis : Symantec Data Loss prevention,MATD, WAF,Tripwire, IronPort, ArcSight logger, VirusTotal,
- Different reports analysis i.e. IPS reports, Firewall reports, Unix, Windows, Web server access log analysis etc.
- Conduct Vulnerabilities Assessment and Penetration Testing for Applications & Servers, Network Devices(Firewall/Switch).
- Conduct PCI-DSS, ISO-27001 compliance internal audit for MobiKwik. Conduct RBI internal audit for MobiKwik.
- Run Bug Bounty Program for MobiKwik
- Made custom Security Test Cases and automated them through JMeter which runs automatically after every release on production after integrating with Jenkins.
- Collaborate with legal department and IT department for understanding their requirements.
- Developed coordinated, implemented and maintained standards and procedures to protect the security and integrity of information systems and data.
- Follow-up and closure of the vulnerabilities with respective application owners.
- Using automated port scanners like NMAP and Vulnerability Scanner like IBM AppScan, services running and identified vulnerabilities.
- Assisting the stakeholders in closing the identified vulnerabilities within the agreed time-line.
- Monitoring security patch levels of the servers, workstations and network.
- Perform the loganalysis for detecting any anomalies.
- Monitor,analyse and triage security events using industry leading tools (Splunk, FireEye and Symantec)
- Brand Protection: Building Scumblr for mining social media to gather indicators around brand protection.
- Custom Malware Sandbox: Customising sandboxing capabilities to detect custom packed malware targeted against Intuit.
- Integration between Threat Intelligence and Qualys
- Monitor, Respond and Analyze potential suspicious activity across Sarawak Net
- Appointed as Team Leader for Security Analyst monitoring Team
- Responsible for setting up ELK Stack (Elasticsearch, Logstash and Kibana) for the use of centralized log monitoring center.
- Maintain Bro/Zeek (Network Analyzer) for suspicious activity investigation.
- Defining use cases and creating custom correlation rule, alerts as per organization network architecture.
- Administration of SIEM Qradar, Forescout CounterAct and Fireeye devices.
- Quality analysis of SIEM and Forescout implementation in transition and deployment stage of each projects
- log source integration and Health check analysis for Qradar and Forescout.
- Attempt to reduce false positive and false negative in SIEM.
- Preparing documentation and process documents for incident response.
- Handling POC’s, RFP’s and Kick-off presentations and meetings with new customers.
PROFESSIONAL RESUME TEMPLATES
Choose from 20+ tailored-built templates that have landed thousands of
people like you the jobs they were dreaming of.
people like you the jobs they were dreaming of.