Sr. Security Engineer
Al Rostamani communications LLC
مجموع سنوات الخبرة :10 years, 9 أشهر
- Project implementations for customers in various sectors - Govt., Banking, Health care and private.
- Engaging in projects for deployment of various products around the Security portfolio, starting with pre-sales discussion and then on to post-sales implementation and support.
- Providing support to managed customers with implementation, Upgrades, Issues and carrying out Quarterly health checks.
- Handing product portfolios such as Trellix- ENS, DLP, MOVE, Drive Encryption, Trend micro - Apex one, Deep security, SMEX, LogRhythm - SIEM, Authlogics - MFA, PSM, Get visibility - Data classification, SealPath - IRM, Force point - DLP, Proxy, Fortinet - Forti Sandbox, Tenable - Nessus, Ivanti - Patch management and more.
- Carrying out POC’s for any new products in the customer environment and providing use cases and knowledge transfer.
- Engaging with Vendors for project deployments.
- Project documentations and deliverables.
- Management, Troubleshooting, maintenance and upgrades of Symantec SEPM.
- Endpoint security policies and application control using tools like Carbon Black Protection.
- Handling Daily operations & troubleshooting issues of email security gateway
- Handling Force point Proxy which includes troubleshooting internet connectivity issues for users and server subnets by providing least privileged access.
- Analysis and review of Data Leakage Prevention (DLP) through Force point DLP for various channels such as Email, Removable media and web.
- Vulnerability assessment and reporting using Nessus and Qualys and patch management cycles in coordination with asset owners.
- Incident review and analysis on APT tools like Fire Eye (NX, EX, CM)
- Email security and analysis to identify threats, Phishing/Spam emails, creating advisories and perform employee awareness.
- Splunk Enterprise Security for notable events and Incident response
- Log analysis and correlation from various heterogeneous devices i.e., proxy, firewall, endpoint security, IPS, APT, Threat intelligence feeds
- Investigation and administration on Cisco umbrella for notable events and remediation’s.
- SIEM administration with customer onboarding, log source addition of heterogeneous log source types, use case creation (correlation rules), reports generation etc.
- Perform Incident handling through SIEM and provide Incident response when analysis confirms actionable incident.
- Perform threat and vulnerability analysis and provide security advisory services. Investigate, document, and report on information security issues and emerging trends.
- Day to day management of Anti-malware solution through installation of agents, generate reports and watch out for actionable items.
- Administration and management of Privilege Identity Management/Privileged Access Management (PIM/PAM) solution.
- Management of Web Application Firewall (WAF) within the organization.
- Day to day management of the Endpoint Detection and Response (EDR) solution. Perform vulnerability assessment and facilitate remediation of vulnerabilities.
- Lead the patch Management process in order to ensure all systems are patched and up to date.
- Started working with Mainframe technology, Natural and JCL in support and change developments for an Insurance company based out in Ireland.
- Worked as a Microsoft Dynamics CRM developer, working with languages such as
.NET C#, JavaScript, HTML etc.
- Worked extensively in customization, configurations, development of plugins and services, and integration of .Net with CRM
- Worked in Agile methodology of SDLC, perform requirement gathering, analysis, development, testing and change management through frequent interaction with the client to deliver the desired product.
-