• Manage various IT security projects to ensure project were in scope, budget & time. Managed staff members on various cyber security projects.• Conduct data exfiltration/leakage assessment and Perform malware analysis using various tools.• Conduct analysis on captured user, computer, and network security events, in a near-real time environment, to determine security vulnerabilities, policy violations, and malicious behavior.• Identifies user behavior that may be indicative of potential malicious or counter intelligence related activity.• Monitor and analyze network traffic, IDS/IPS, security events and firewall logs and perform triage analysis to identify security incidents and false alarms using Sourcefire, FireEye & Iron Port.• Ensure products and systems comply with cyber security standards and practices. Develop test routines and monitoring solutions. Penetration testing using Nmap, Metasploit and Wireshark.• Use Splunk to collect & analyze large volumes of logs, network traffic & alerts to assess, prioritize, and differentiate between potential intrusion attempts and false alarms to uncover malicious activity going on within the network.• Implement risk management framework for organizations, develop affective strategy for continuous monitoring & develop secure guideline for cloud computing, work on projects integrating IT governance controls in cloud.• Perform penetration testing & vulnerability assessment for compliancy assessment.• Develop documentation for security authorization package/certification packages.

• Conducted proactive monitoring, investigation, and mitigation of security incidents.• Analyzed security event data from the network (IDS, SIEM).• Performed static malware analysis on isolated virtual servers.• Recognized potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.• Deploy, manage & effectively maintain security systems and their corresponding or associated software, including firewalls, proxies and routers, IDS, IPS, cryptography systems, Encryption, Tokenization, and anti-virus software. Researched new and evolving threats and vulnerabilities with potential to impact the monitored environment.• Conducted log analysis using Splunk and performed penetration testing using Metasploit.• Developed Security Assessment Report to document vulnerabilities and findings from system document review, interview with system personnel, and the Nessus scan.• Conducted vulnerability and compliance scans of the applications and network using Nessus.• Identified suspicious/malicious activities or codes.• Worked in a 24x7 Security Operations Center.• Monitored and analyzed of security events to determine intrusion and malicious events.• Searched firewall, email, and web or DNS logs to identify and mitigate intrusion attempts.• Investigated malicious phishing emails, domains and IPs using Open Source tools and recommend proper blocking based on analysis.