Home

indhira dhanush - Cyber Security Engineer

[email protected]

Location: Remote, Remote, USA

Relocation: yes

Visa: h1b

INDHIRA DHANUSH BASKARAN +1 (571) 307-8240 | [email protected] | Fairfax, VA, 22030 Summary: Experience in Cyber security domain for Around 7 Years in SOC Analyst, Security Automation, Network Security, IAM, Risk management, Incident Response, Malware detection and System Administrator. Work in Threat Intelligence and Threat Hunting using STRIDE, MITRE ATT&CK, MISP and Threat connect for proactively searching incidents through IoC, TTPs. Experience Deploying Security controls such as McAfee, Symantec, ESET Antivirus & DLP and WSUS. Worked on Network security environment using Nmap, Nessus, Wireshark, Netcat, tcpdump, Metasploit, Aircrack-ng, NextGen Firewall, Snort, CloudFlare. Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point Firewall R80, R81 & R81.10 through Multi Domain Manager command line & GUI. Configure Palo Alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale firewall deployments. Experience in various scripting languages like Shell, Ruby and Python focus on Devops tools, CI/CD and AWS Cloud Architecture. And implement Akamai WAF solution on existing and new public facing Agent Platform Applications. Worked on Identity Access Management solution such as Okta, AWS IAM, MS Active directory, CyberArk, Oauth, OpenID, MFA, Tokens, SAML. Awareness of computing and OS infrastructures Windows 10/11, Kali Linux, MS Server 2012/2016, Ubuntu, Mac, VMWare, Microsoft Hyper-V. Having knowledge in social engineering Techniques for Phishing campaign, User Awareness using GoPhish, Maltego, OSINT, SET. Configuring user and network device access on Cisco ISE. Triage and remediate Internal, external threats using Splunk ES, IBM Qradar, Cortex, crowdstrike falcon, MS defender. Stay up to date of Cyber breaches and threats through SANS threat Intel, Alient Vault OTX, DarkReading, threatpost and Hacker News. Knowledge on Red Teaming techniques and procedure, worked in authorized ethical hacking task for assessment purpose such as wifi password cracking, phishing emails, Testing Web-site cracking, Internal Employee Social engineering. Education George Mason University, Fairfax, Virginia 2022 Master s in Applied Information Technology, Concentration in Cybersecurity George Mason University, Fairfax, Virginia 2022 Bachelor of Engineering, Electronics and Communications Engineering CERTIFICATIONS Microsoft: Security Operations Analyst Associate (SC-200) Microsoft: Azure Security Engineer Associate (AZ-500) Technical skills Network Engineering: Packet Analysis, FortiGate, Wireshark PCAP Analysis, IDS/IPS, LAN/MAN/WAN, Layer 2/Layer 3 Routing, Cisco Catalyst, Routing Protocols, Network Security Devices, Network Management Systems, BGP, OSPF, Layer 2 Switching, Cisco iOS, EIGRP, GRE, IPv6, IPsec. Cybersecurity: Information Security, Access Management, SIEM, Vulnerability Scanning, Threat Analysis, Risk Assessments, Incident Response, SSL/TLS, Security Compliance, JUnit, LDAP, Firewall management, least-privilege principles. Operating Systems: Linux, Windows, Ubuntu, CentOS, macOS. Programming Languages: Python, C/C++, Java, R, SQL, JavaScript, Angular, HTML, CSS, C, PHP, Ruby, Go, Golang, C#. Database: MySQL, MongoDB, Tableau, Plotly. Framework: MITRE ATTCCK, Cyber Kill Chain, OWASP, SANS, Spring. Cloud Computing s Virtualization: Azure, VMware vSphere, vCenter, NoSQL, AWS, GCP. Testing Tools: Playwright, Jest, UI Testing, automated testing. Collaboration: Strong problem-solving abilities, leadership, and experience in fast-paced environments, working cross-functionally and collaboratively. Classification: Experienced in developing and maintaining cybersecurity policies and ensuring compliance with industry standards, with a focus on SaaS and infrastructure security. Process Improvement: Implementing and managing security measures using SonarQube. Continuous Integration: Using Jenkins for CI/CD and automated tests. Automation Tools: Ansible for configuration management, Kubernetes, Docker. Scripting: Python and Bash for automation tasks. Pipeline: Experienced in setting up CI/CD pipelines for continuous integration and deployment Professional Experience OneSight Technologies Inc, GA Dec 2023 to till date Cloud Security Engineer Responsibilities: Designed and implemented security architecture with robust IAM, encryption policies, and Azure Network Security Groups (NSGs). Conducted vulnerability assessments, resolving 90% of critical issues and enhancing network security. Automated security operations with Infrastructure-as-code (IaC) tools, improving efficiency by 50%. Facilitated Security Monitoring and Incident Response using Azure Sentinel, enhancing threat detection. Enhanced DNS security with DNSSEC, reducing unauthorized access attempts by 20%. Managed security measures and compliance projects, ensuring adherence to NIST, GDPR, and ISO 27001. Integrated automation tools like Ansible and Jenkins for streamlined processes and CI/CD practices. Collaborated effectively in scrum teams and engaged in project management activities to drive successful delivery. Utilized SSH for secure system administration and communication. Developed software engineering solutions to improve security measures. Employed Golang for high-performance network security applications. Integrated automated testing processes for enhanced security validation. Leveraged macOS for development and security testing. Mizuho Bank, NY, USA Jan 2023 Nov 2023 Cyber Security Analyst Responsibilities: Working as a SOC Tier-3 to Perform forensic analysis of security logs to identified and resolved high severity and critical threats Zero-day, phishing, Credentials, Privilege escalation and reducing response time by 30%. Design, create, and update Incident response playbooks that outline the sequence of automated actions to be taken in response to specific security incidents. Guided to Junior security analysts to assist in development of IOC for active defensive countermeasures and passive detection signatures. Worked on Cortex XSOAR to automate 50% repetitive incident tasks and implement dynamic playbook branching to ensure workflow adapt. Integrated Cortex XSOAR with other security tools Splunk ES, Crowstrike Falcon, and Autofocus Threat intelligence. worked in Email security DMARC, DKIM, SPF in enterprise using Mimecast platform. Wrote complex SPL within Splunk ES to correlate and analyze security event data, including system logs, network traffic and endpoint activity. Conducted vulnerabilities assessment to assess the security posture of systems and network against NIST 800-53. Leveraged infrastructure as code tool AWS cloud Formation and terraform to automate deployment of secure cloud resources. Implemented CI/CD pipeline as code using Jenkins & Kubernetes, and Developed build and deployment scripts using MAVEN as build tool, and integrated SonarQube in Jenkins to perform the automated integration test. Developed Incident response procedure for AWS, utilized tools like AWS cloud trail and Amazon detective for forensic analysis. Participated in Threat hunting activities for proactively hunt for hidden threats using splunk, crowdstrike falcon and MITRE att&ck. Ensure the integrity of the network infrastructure through routine patch management and updates using Ansible, Puppet, and Chef for automated network security configuration. Maintained compliance with NIST 800-53, PCI DSS frameworks, supporting audit readiness. Conducated security awareness training for 230+ Employees and 10 Stakeholders, reducing phishing incidents by 30%. Supreme Courts Of VA, USA Dec 2021 Dec 2022 Cloud Security Engineer Responsibilities: As an Identity and Access Management Specialist at AWS services, I specialize in guidance around managing and securing access to AWS resources for organizations of all sizes. Responding to threats and remediating findings detected by Amazon GuardDuty, Security Hub, Inspector, Audit Manager, Splunk cloud. Applied network security measures like NACLs, VPNs, and AWS Private Link to protect sensitive data and resources. Set up and manage VPCs (Virtual Private Clouds), subnets, route tables, and security groups to create secure and isolated network environments Utilized AWS services such as EC2, S3, RDS, Lambda, IAM, VPC, CloudFormation, and CloudWatch to meet business requirements As a security specialist, work in OWASP top vulnerabilities like, SQL Injection, XSS scripting, and other injection attacks, to help developer to write a code secure way. And provide some security related guidance. Familiarity with the NIST Risk Management Framework process and DOD Information Assurance Vulnerability Management program Ensured AWS compliance with frameworks like CIS and PCI DSS, automating audits with AWS Config and Security Hub. Reduced IAM misconfig by 40% enforce least privilege policies and implement MFA for critical accounts. Work with developer team to gather requirement of product and report to in case vulnerability find into product by fuzz testing and OAWSAP ZAP tool. Drove threat hunting initiatives from scouring the network environment for indicators of compromise (IOCs) and suspicious activities. Implemented GitHub Actions to automate build, test, and deployment processes, improving CI/CD workflows Incorporate MITRE ATT&CK into incident response playbooks to ensure a comprehensive and standardized approach to handling security incidents. Deployed AWS shield advanced and WAF to mitigate DDoS and Web application attacks, resulting in zero downtime during peak attack periods. Hewlett Packard Enterprise, India June 2019 july 2021 Technical Solutions Consultant Responsibilities: Directed installation and integration of HPE Blade servers using VMware vSphere and vCenter. Deployed Python scripts within HPE-Composer for efficient issue resolution. Boosted client business rates by 35% through effective key account management. Customized HPE products in collaboration with engineering and product teams. Provided technical training and workshops on HPE products to stakeholders. Implemented security policies aligned with NIST, GDPR, and ISO 27001 standards. Managed and optimized IPv6 and IPsec configurations for improved network security. Leveraged PHP, Ruby, and AI in Linux/Unix environments for secure operations and agile development. Developed C# solutions to enhance product functionality and security. Managed AWS cloud solutions for secure and scalable deployments. Utilized bash scripting for automation tasks. Value Labs, India Nov 2017 to May 2019 Network Security Consultant Responsibilities: Implementing security policies as per the requirements on Checkpoint provider 1, Cisco ASA 5505/5510/5520, Checkpoint crossbeams, Palo Alto and Juniper firewalls. Working with Cisco TAC on escalated issues. Conducting root cause analysis on major network security incidents. Hands-on with Cisco Security Manager and Cisco Event viewer for troubleshooting. FortiGate firewall administration, upgrades, backups, configuration, and diagnostics. FortiManager administration, operation and integration. Troubleshoot and Worked with Security issues related to Cisco ASA/PIX, Checkpoint, IDS/IPS and Juniper Netscreen firewalls. Responsible for integrating all network and security devices with Algosec for cleanup and optimize firewall policy. Deploy Cisco ISE in infrastructure to establish secure and authenticated network with profiling and certificate-based authentication. Adding/removing endpoints, GWLAN WLC, guest accounts, MAC whitelisting in ISE. Adding/removing devices from ISE in TACACS and creating authorization policy in ISE. Integrating active directory with Cisco ISE and certificate addition for guest services. Upgrading ISE nodes to latest version and clearing cache buildup using Cisco TAC support. Thanks and Regards, Siddharth Bench Sales Recruiter [email protected] D: +1 (469) 598 1611 linkedin.com/in/dimpu-15a478260 Keywords: cprogramm cplusplus csharp continuous integration continuous deployment artificial intelligence user interface sthree rlang golang microsoft Arizona Georgia New York Pennsylvania South Carolina Virginia