Summary
Overview
Work History
Education
Skills
Timeline
Generic

Mohammed Farhan Sheikh Aslam

Princeton,New Jersey

Summary

Cyber Security Analyst with proficient and thorough experience and a good understanding of information technology. Specialized in proactive network monitoring of SIEM (Splunk). Have a deep knowledge in identifying and analyzing suspicious event. Able to use various security tools to perform logs and packet analysis. Finally, can perform malware analysis with the overall objective to ensure confidentiality, integrity and availability of the systems, networks, and data.

A logical thinker with experience of 5+ years in the field of Cyber Security skilled with Incidence Response and Handling, Security Operation Centre(SOC), Firewall Operations, Risk Management, Malware Analysis, Intrusion Detection and Prevention System (IDS/IPS), Web Application Security, Unauthorized Access, Viruses and a wide range of Vulnerabilities and Threats. Self - motivated and proactive leader with technical and exemplary communication skills. Exceptional ability to create, implement and improve IT standards, policies, and procedures. Identified and evaluated potential threats and vulnerabilities. Examined and evaluated computer software and hardware to uncover access attempts. Performed Penetration Testing for large enterprise networks. Capable of defining and monitoring risk management, compliance, and information security programs. Assisted with applications/tools including but not limited to SIEM, Wireshark, Intrusion detection Systems (IDS), Data loss prevention controls (DLP), e-mail gateway protection, VPN operations. Developed security documentation to include policies and procedures for the Vulnerability Assessment Team. Ensured authorized access to files by revoking access, investigating unauthorized access. Assisted and supported Cyber Security Incident or Service Response Teams when necessary. SOC Analysis, Log analysis, proactive monitoring and response to network and security incidents. In-depth understanding of TCP-IP concepts and packet capture review utilizing tools such as WireShark to investigate suspicious events and anomalies.

Overview

7
7
years of professional experience

Work History

Cyber Security Analyst

Blackrock
05.2022 - Current
  • Identifies security risks, threats and vulnerabilities of networks, systems, applications and new Installing Crowdstrike Falcon sensors under POC and installing as an end-point security solution on RHEL servers
  • Hands on experience in implementing Security Orchestration and Automation Solutions such as Phantom, Demisto
  • Measuring performance metrics of CPU, Memory Disk space utilization before and after the installation of Crowdstrike sensors using Splunk
  • Work with the Demisto SOAR Teams to resolve the issues and write Automation Scripts
  • Configurirng rules and MaintainingPaloAlto Firewalls& Analysis of firewall logs using various tools
  • Implemented Positive Enforcement Model with the help of PaloAlto Networks
  • Writing automation scripts in python and bash
  • Provided leadership in architecting andimplementingsecuritysolutions towards Qualys and SIEM tools like Splunk, Solutionary and LogRythm
  • VulnerabilityManagement Configured Qualys,NessusGuard Tool forVulnerabilityAnalysis of Devices and Applications
  • Create and Manage Private Lab with Dell PowerEdge and AWS to host Splunk Clustered Environment
  • Making API calls using PYTHON scripts to retrieve data from cloud and writing on the disk and then On-boarding it into Splunk using file monitoring inputs
  • Use Splunk Search Processing Language (SPL) and Regular expressions
  • Creating, maintain, support, repair, customizing System & Splunk applications, search queries and dashboards
  • Deploy new Splunk systems and Monitor Splunk internal logs from the monitoring Console (MC) to identify and troubleshoot existing or potential issues
  • Creation of indexes, forwarder & indexer management, Splunk Field Extractor IFX, Search head Clustering, Indexer clustering, Splunk upgradation
  • Schedule scans by making Asset Groups and Scan Schedule Option in Qualysguard and record issues occurring during scan
  • Also, schedule ad hoc scans using Option Profile
  • Integrated different feeds to Splunk Environment
  • Track malware events daily through Sophos, Zscaler, and Splunk
  • Provided leadership in architecting and implementing security solutions towards Qualys and SIEM tools like Splunk, Solutionary, LogRhythm, SCCM, Altiris, LanDesk, BigFix, McAfee/Symantec
  • Performing continuous controls monitoring of assets using Panaseer
  • Designing and implementing Splunk - based best practice solutions
  • Push configurations and updates to multiple Splunk Enterprise instances via the Splunk Deployment Server.

Information security Analyst

Anthem Inc
03.2020 - 04.2022
  • Adept with QRadar, Symantec PCAP, Symantec CloudSOC, PAN Firewall, PAN WildFire, PAN TRAPS, PAN Redlock, FireEye, ThreatQ, Microsoft SCEP, Microsoft O365 Security and Compliance Portal, ProofPoint
  • Working with McAfee ePO for managing client's workstations for providing end point security
  • Facilitate implementations of information security policies, account security policies and standards for logical and physical security
  • Worked on SIEM, as well as solar winds, Symantec end to end point security for malware detection and threat analysis
  • Experience with national, international, and/or sectoral cloud security assurance/compliance regimes and frameworks such as Federal Risk and Authorization Management Program (FedRAMP)
  • Responsible for performing application penetration testing on web, thick client, and other types of applications to identify significant vulnerabilities that threaten the confidentiality, integrity, and availability of customer systems
  • Installation and maintenance of McAfee Drive Encryption used to encrypt all workstation hard drives in the environment to secure the data stored on them
  • Installation, maintenance and monitoring of McAfee Data Loss Prevention Endpoint, one piece of the Removable Media Encryption suite
  • Installation, maintenance and monitoring of McAfee File and Removable Media Protection, the second piece of the Removable Media Encryption suite
  • Tested and certified new software such as Tanium Protect (an access control software) and PEGA trouble ticketing software
  • Audit Support: Facilitated the PCI DSS external audit for the client, took charge of end to end co- ordination and support during the onsite assessment
  • Oversee the design and development of security solutions and manage cross-platform integration of a range of on-premised and public cloud security designs and configurations, Amazon CloudFront and Amazon Route 53
  • Troubleshooting day to day issues in IT infrastructure in Business Environment tools like Splunk, ArcSight, Solutionary, PIA, LogRhythm, SCCM, Altiris, LanDesk, BigFix, McAfee/Symantec
  • Automated DLP Incident metrics using splunk
  • Developed monthly, weekly metrics and dashboards using splunk.

Information security Analyst

Bristol Myers Squibb
07.2017 - 03.2020
  • Perform Foot printing, Scanning, Sniffing and monitoring Network activities by using Open source & commercial tools like (Wireshark, Nmap)
  • Developed Vulnerability Scanning process for all environment builds, and on-going monthly scanning reporting using Nessus
  • Monitor and respond to ServiceNow tickets regarding security access requests
  • Analyzed and remediated phishing emails, malware, and other suspicious activity confronting the network
  • Reviewed system logs to identify and research suspicious activities
  • Reviewed group policy security settings and user access to network resources and folders and assists administrators with testing group policy changes
  • Utilized Active Directory to create, edit, and maintain accounts
  • Utilized Unix based applications to provide end users with the proper access to the proper networks
  • Provided risk analysis, information assurance and IT project management using tools like SharePoint and RSAM
  • Monitored security status of networks and networking devices, responded to security incidents with appropriate levels of action
  • Coordinated with other IT teams to resolve incidents
  • Led project to improve Access Control by moderating user access control of computers
  • Computed and encrypted data, installed firewalls, viruses and malwares software to protect internal data
  • Assessed the quality and completeness of Information Security Program artifacts, such as program management plan, information security strategic and tactical plan, program risk assessment and management plan, risk register
  • Focused on Security monitoring and configuring networks tools and services
  • Partnered with security analysts to maintain VPN Management Security Solution Director and closely monitored remote IDS sensors for reliable reporting of network intrusion attempts
  • Deployed and monitored a signature-based IDS combined with packet capture software to monitor for and investigate
  • Installed Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) intrusions.

Education

Master of Science - Computer Science

University of Bridgeport
Bridgeport, CT

Bachelor of Engineering - Information Science and Engineering

Visvesvaraya Technological University

Master of Science - Computer Science

University of Bridgeport
Bridgeport, CT

Bachelor of Engineering - Information Science and Engineering

Visvesvaraya Technological University

Skills

SIEM Tools: QRadar, Splunk, McAfee ESM

undefined

Timeline

Cyber Security Analyst

Blackrock
05.2022 - Current

Information security Analyst

Anthem Inc
03.2020 - 04.2022

Information security Analyst

Bristol Myers Squibb
07.2017 - 03.2020

Master of Science - Computer Science

University of Bridgeport

Bachelor of Engineering - Information Science and Engineering

Visvesvaraya Technological University

Master of Science - Computer Science

University of Bridgeport

Bachelor of Engineering - Information Science and Engineering

Visvesvaraya Technological University

Similar Profiles

CREATE PROFILE
Mohammed Farhan Sheikh Aslam