Project lead for deploying OS hardening using CIS framework and benchmark for Windows and Linux systems for the company’s next generation software defined data center, clusters with high availability design and automation using Salt Stack and Istio.Deploy, configure and manage Wazuh for Security Analytics, Intrusion Detection, and Log data analysis, file integrity monitoring, vulnerability detection, security configuration assessment, incident response, cloud security and container security.Implemented enterprise identify & access cloud architecture, LDAP Directory Clusters with SSO for front end users, internal users, partners and business associates including key management.Developed and implemented automated solutions for healthcare Cloud products and infrastructure.Supported initiatives related to the compliance and security integrity of the environment.Partnered with other teams, managers, and program managers in order to develop automation, alerting, monitoring, and remediation strategies for mission-critical services.Supported new development and revisions to existing capabilities for Compute/IaaS.Provided technical escalation support for other Infrastructure Operations teams.Process documentation and periodic review of existing processes to facilitate automation

Project lead for deploying CIS OS hardening benchmark for all Windows and Linux systems companywide as the company’s FedRAMP initiativesRan CIS scan reports and use it as a baseline for OS hardeningAutomated CIS benchmark OS hardening using Cavirin product as Proof of ConceptProject lead, Proof of Concept for Algosec for firewall and network assurances and implemented such a tool companywideUsed Algosec to bring company’s firewalls and network assurances to NIST for U.S. and ISO 27001 for Europe and recommended changes to Networking teamMonitored active threats and vulnerability, analyzed them using Balbix vulnerability management tools and respond to incidents accordinglySaved the company $1m per month by hardening seventy RedHat Linux 7 servers for Capital One clientDeveloped a playbook for Windows OS hardening using Active Directory Group Policy and Managed to harden thousands of Windows 10 Workstations from thirty to eighty percent CIS standardShared all tasks run by me for all changes I brought to the company to all stakeholders and communicated if there were any ambiguities Administered Palo Alto Network Panorama that managed 350 Palo Alto Firewalls in HA mode and made any necessary changes as neededProject lead, Proof of Concept for Safeguard privileged password management

Project lead for deploying One Identity, Safeguard Privileged Identity Access Management in a cluster environment for managing privileged accounts Configure Safeguard to give root access based on users requests with recording and monitoring capabilities in all sessions Project lead for Skybox appliance for firewall and network assurancesUse Skybox to bring company’s firewalls and network assurances to NIST 800 standardsManage to Identify security policy violations and platform vulnerabilities to reduce attack surface and network traffic Find inconsistencies in firewalls rules such as “any” in three fields, NTP, Domain, banners, UN-necessary insecure open ports using Skybox and request change control for corrections Administer Balbix appliance for vulnerability management and respond to incidents accordinglyRun weekly server patch management remediation using Balbix for company’s three domainsDiscover vulnerabilities on systems using Balbix, export and pivot the finding document report and share with management on a weekly basisExtended Balbix appliance as central vulnerability management in company’s headquarter and remote offices in a cluster environment for visibilitiesLogRhythm SIEM, product owner and administrator company wideConfigure and monitor LogRhythm SIEM for logs collected on a daily basis and see any abnormalities in system’s behaviors by checking system’s heartbeat to the SIEMConfigure Palo Alto Network firewalls and remediate finding issues using Skybox firewall assurance issues with change management approvalProject lead to migrate fifteen SonicWALL firewalls to Palo Alto Network firewallsDeployed Acalvio honeypot with more twenty five decoy sensors in multiple locationsMonitor Acalvio for any suspicious activities and if found, investigate for remediation Configured any suspicious activities detected by Acalvio off hours, to notify our group

Provided 3rd level support for HP ProLiant servers Generation 6,7,8,9 Administered HP Arch sight, reviewed generated logs for any abnormal incidents in the network Performed Pixie network boot to install various Operating Systems such as Windows, Linux RedHat, CentOS, Solaris and VMware ESX6 on HP ProLiant serversMonitored account review periodically for privileged access accountsAdministered HP 3Pardata Storage Array Network for Windows server 2008 and 2012 platformsFollowed company’s policies and guidelines to grant subjects access to data through proper identification, authentication and authorizationRevoked user’s access when they no longer were with the company voluntarily or involuntarilyActed as a point of contact between the customer and Engineering Lab ITMonitored and prioritized tasks using Bugzilla ticketing system for user’s requests Ensured proper documentation, timely follow-up, appropriate escalation with resultsAdhered to service level expectations between teams to resolve issues in a timely mannerTroubleshoot server’s issues in a heterogynous datacenter server environment Configured 3paradata server storage, virtualizations, network segmentations and proxy configuration for different projects Configured iPDU IP browser based power supplies monitoring for servers as well as sshConfigured Linux for static IP addresses, DNS, nsswitch.conf, and resolv.confDirect communicator with different vendors and RMA process

Performed Active Directory, LDAP, and remote access provisioning and DE-provisioning activities for Gap, Inc.'s global network infrastructureAdministered Symantec data center security server to enforce security to endpoint systems and end users following company’s security guidelinesMonitored Symantec data center security Server logs to make sure securities are not breached Leveraged the Symantec data center security to manage privileged access to approved usersMonitored user’s access, the groups they belonged to within Active Directory domainProvisioned and de-provisioned access to internal and external users Involved in implementing and improving PCI compliance level 1 protecting customers and stockholders information restricting un-authorized accessActively involved to high 12 level of PCI compliance in accordance to auditing and risk mitigationProvisioning remote access via VPN and RSA SecurID products.Mapped Active Directory Network Drive for users and business partnersMonitored Service Now application ticketing system to resolve problems.Administer Enterprise Softerra LDAP application to add or remove objects such as users and attributes related to each object.Monitored incoming security incidents through ticketing management system, responded to problems and prioritized them accordingly as neededMonitored security incidents using Nessus application and responded to incidents accordingly

Verified Access Management security needs for users and gave access to services for viewing sensitive data based on identity and if they had legitimate requirements or credentials for using services while restricting access to non-authorized usersAdministered VMware vSphere for various virtualized internal servers Administered Livelink Document Management System tasks such as creating different groups and adding users to the groups with proper permission for different project workspacesInvolved in PKI implementation within the Intranet with help of HR and company’s policy using Internal Certificate Authority and single sign on using LDAP to corporate networkGranted users secure access to ReQLogic financial system with purchase orders authorityAdministered Windows 2008 Windows 2008 R2 Virtual servers using VMwareActively monitored the network using open source Wireshark to capture unsolicited activitiesResolved problems, performed upgrades, and maintained end user’s MAC computer Systems

Job involved Troubleshooting security and computer software/hardware issues on a daily basisInstalled and maintained Microsoft Windows Server 8 R2 Active Directory for two sitesAudited Active Directory using Active Directory Toolkit for security risks in the network environmentEstablished group policies using starter group policy object templates with ADMX format in Windows 2008 environment and linked it to multiple Organizational UnitsInstalled different applications on different systems such as Access, Intuit financial database, various Windows Operating Systems and Microsoft Office Suites and configure for secure operationEstablished a secure wireless network at the company for mobile computingPut network printer servers in different locations for convenient use

Managed over five hundred lab systems connected to different pharma lab devicesDeployed four VLANs separating lab systems from the regular data VLANs to Supported end users using Remedy ticketing management systemMade sure systems compliance with core 21CFR Part 11 requirementsFollowed FDA comprehensive guidelines for the integrity and security of lab computer systemsMade sure lab system’s compliance and validation with Good Manufacturing Practices (GMPs), Good Laboratory Practices (GLPs), and Good Clinical Practices (GCPs)Supported scientists with their lab computers in direct access to animal colonies for their research projects such as HIV, Parkinson, Alzheimer’s diseases Installed Symantec Antivirus Corporate edition on client machines, making them managed by server so that virus updates were pushed to clients automaticallyHelped scientists to install and package the various applications for lab devices connected to desktop computers such as Hewlett Packard Liquid ChemstationAdministered the Enterprise Microsoft Windows 2000 Server Active Directory’s organizational unit for company’s Palo Alto site to add users, groups, and computers and deployed consistent group policies at the organizational unit levelValidated computer systems to be compliant with FDA regulations for different lab projects, ensuring that latest Windows patches would not halt the lab systems, affecting the production Consistent in communication with client’s needs in regard to their computer networking