Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Sami Kakar

IT Professional
Arlington

Summary

Organized and dependable candidate successful at managing multiple priorities with a positive attitude. Willingness to take on added responsibilities to meet team goals.

Overview

7
7
years of professional experience
6
6
Certifications

Work History

Senior Principal Security Architect

Bank of America
2 2021 - 04.2024
  • Implemented and maintained security controls for AWS services such as EC2, S3, RDS, GuardDuty, Inspector, Macie, SecurityHub, IAM, SessionManager, SNS/SQS, WAF, AWS ELB, and VPC.
  • Conducted static application security testing (SAST) using tools such as SonarQube and Checkmarx to identify security vulnerabilities in code during the development process.
  • Implemented tools that comply with the NIST 800-207 standard for zero trust, which include measures to properly configure multi-factor authentication, identity protection, and next-generation endpoint security to authenticate users' and systems' identities. Additionally, implemented encryption for data and secure email communications to further enhance security.
  • Successfully integrated YubiKeys with various platforms, ensuring a robust and efficient two-factor authentication process for safeguarding sensitive information.
  • Designed, implemented, and managed Okta solutions to streamline identity and access management processes.
  • Successfully integrated Okta with various enterprise systems, ensuring seamless user authentication, authorization, and single sign-on experiences across diverse applications.
  • Management and Implementation of Microsoft Azure InTune, DLP, Microsoft Gateway, Defender ATP, MCAS and CASB.
  • Led the successful deployment of Azure MFA solutions, enhancing the security posture of organizational resources by implementing robust multi-factor authentication protocols.
  • Engineered seamless integrations between Azure MFA and diverse enterprise applications and services, ensuring consistent and reliable multi-factor authentication across the organization's digital ecosystem.
  • Created and maintained AWS Golden AMIs to standardize EC2 instance deployments across development, test, and production environments.
  • Conducted security reviews and audits of AWS accounts and services to ensure compliance with regulatory and industry standards.
  • Conducted dynamic application security testing (DAST) using tools such as OWASP ZAP and Burp Suite to identify security vulnerabilities in applications in a running state.
  • Configured security patches and updates within AWS Golden AMIs to ensure that instances launched from them were secure and compliant with various regulatory requirements, including HIPAA, GDPR, and PCI-DSS.
  • Acted as the Subject Matter Expert on technical requirements related to AWS compliance programs, providing guidance and direction to the team on industry standards and regulations such as CIS Benchmark and SOC 2.
  • Stayed up-to-date with emerging security threats, vulnerabilities, and technologies to continuously improve AWS security posture.
  • Continuously monitoring and improving Bank of America security posture through regular vulnerability assessments and penetration testing.
  • Developed and maintained infrastructure as code using Terraform to provision, configure, and manage cloud resources.
  • Automated infrastructure deployment and management processes using Terraform and other tools such as Jenkins and CircleCI.
  • Implementation of DLP Digital Guardian Data Classification Management for HIPAA, PII, PHI, PCI, GDPR, NIST.
  • Worked with product engineering teams to streamline processes, improve developer workflow, and raise security awareness.
  • Worked closely with development teams to ensure that applications were designed and architected for Kubernetes and followed Kubernetes best practices, resulting in more efficient and scalable applications.
  • Designed and configured Web Application Firewall (WAF) to defend against the open source web application security project (OWASP) top ten.
  • Identify security design gaps in existing and proposed architectures and recommend changes or enhancements.
  • Reviewed containers environment and assess for threats and vulnerabilities.
  • Developed tools to integrate open source applications with widely used commercial security tools.
  • Designed, installed and configured email encryption gateways with data loss prevention.
  • Designed, develops and recommends integrated security system solutions for databases that will ensure proprietary/confidential data and systems are protected.
  • Tuned rules, filters, and policies within the SIEM for detection-related security technologies to improve accuracy and visibility.
  • Stay current on security industry trends, attack techniques, mitigation techniques, security technologies and new and evolving threats to the organization by attending conferences and networking with peers.
  • Maintained Splunk systems documentation, including SOP's and design documents Integration of systems and application tools with Splunk. Deployed new Splunk instances, including clustered deployments and app, and built dashboards to monitor license, indexers, search heads.
  • Azure Cloud architectural design and planning to include hybrid on pre AD solutions. Mobile integration for laptops/desktops, tablets, and phones for InTune, and Implement InTune in SCCM hybrid solution for mobile device management.
  • Increased application security through diligent vulnerability assessments and penetration tests.

Senior Security Architect

Legal And General (Subcontractor Computer Entper)
07.2020 - 01.2021
  • Implemented, configured, and troubleshooting industry leading security technologies such as vulnerability scanners (Qualys/Tenable), endpoint protection/whitelisting (CrowdStrike, MSFT ATP and Uptycs).
  • Implemented and configured security products for each financial agency, including vulnerability scanners, endpoint protection tools, firewall, VPN and network access control.
  • Enabled Microsoft Defender ATP service and deployed the agent across several Fintech agencies using Intune.
  • Responsible for the maintaining, configuration, and reliable operation of Workspace, and on-premise virtualization.
  • Perform research, propose solutions to enhance the companies IT infrastructure security, threat analysis, mitigation and incident response.
  • Assist with planning and execution of Business Resumption simulation testing and Business Recovery in the event of a disaster.
  • Leverage and lead Vulnerability technologies and techniques along with remediation efforts to reduce risk to the organization.
  • Plans security systems by evaluating network and security technologies; developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices; designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; adhering to industry standards.
  • Assisted with Cyber audit requirements and compliance as needed.
  • Verified security systems by developing and implementing test scripts.
  • Upgrades security systems by monitoring security environment; identifying security gaps; evaluating and implementing enhancements.
  • Supported enterprise network engineering systems and implementing automation tools and procedures.

Principal DevSecOps Architect

BAE SYSTEMS
01.2020 - 07.2020
  • Developing tools to integrate open source applications with widely used commercial security tools.
  • Designed, architected and deployed web application firewall (WAF) that monitors inbound and outbound traffic.
  • Set up AWS infrastructure using terraform and ansible and monitor infrastructure using check_mk. Building and administering security devices, including network firewall, Web proxy, data loss prevention systems, and intrusion prevention systems.
  • Working with Docker and Kubernetes environments and setting up Kubernetes cluster. Designs, develops and recommends integrated security system solutions for databases that will ensure proprietary/confidential data and systems are protected.
  • Analyzing, developing, and documenting configuration management system involving implementation of endpoint protection platform such as Crowdstrike, Guardicore and Uptycs.
  • Providing technical guidance for the implementation of endpoint protection tools.
  • Developing tools to integrate open source applications with widely used commercial security tools. Manages, monitors, troubleshoots, designs, deploys, and ensures Cisco NGIPS/NGFW/AMP devices are functioning as securely and efficiently as possible.
  • Administers, troubleshoots, and makes recommendations on the Secure File Transfer System (SFTS) increasing the security of the system.
  • Responsible for system maintenance to include patch and security management on all Imperva WAF devices. Responsible for developing and maintaining standard processes and operating procedures, creating technical architecture diagrams and system build documentation.

Cyber Security & Linux Systems Engineer

Comcast Cable Communications, LLC (Randstad Tech)
08.2019 - 01.2020
  • Working with a team to build Linux Servers Endpoint requirements and review and score existing and new solutions in the space.
  • Creating Ansible Playbooks, to Deploy Crowdstirke, Uptycs, Guardicore and TrendMicro agents and install the Components as per requirements.
  • Utilized Kubernetes for the runtime environment of the CI/CD system to build, test deploy. Responsible for integrating Crowdstike, Uptycs, Tanium and Guardicore with Comcast System Information & Event Management.
  • Experienced Cloud and DevOps engineer in Automating, Configuring and deploying instances on AWS, Steel Cloud, AZURE Cloud environments and Data centers.
  • Tuning rules, filters, and policies within the Security tools for file monitoring, detection and prevention related security technologies to improve accuracy and visibility.
  • Partner with the Solution Architecture team to review proposed architecture designs, document network interconnections, end-to-end data flow, secure transport mechanisms and authentication for all new customer deals.
  • Track execution of threat models on architecture designs to identify risks and attack vectors. Collaborate cross-functionally to generate a baseline consolidated asset inventory list with internal and external systems including PCI systems, applications, databases, software, network devices, tools, ports, services with technical details.
  • Collaborate with application and system owners to implement security endpoint tools across on/off premise platforms.
  • Demonstrate continuous effort to improve technical performance, streamline work processes and work cooperatively with key stakeholders across multiple teams.
  • Leads the integration of projects into operations including instrumentation, automation, standardization, and methods/procedures.
  • AWS, OpenStack and Steel Cloud to provision new machines for clients. S3 Storage Services on AWS.
  • Experience in administering and supporting the CM tools on UNIX and Windows environments.
  • Work closely with Comcast security experts to implement latest security innovations.

Cyber Security Architect

Terra Verde Security
09.2018 - 04.2019
  • Analyzed information systems utilizing various cyber security techniques including packet analysis tools, forensics tools, intrusion prevention systems, firewalls, Security Information and Event Management (SIEM) solutions, and vulnerability assessment software to aid in detection and prevention of cyber-attacks and enhance company’s information security posture.
  • Led incident response activities such as host triage and retrieval, malware analysis, remote system analysis, end-user interviews, and remediation efforts.
  • Tuned rules, filters, and policies within the SIEM for detection-related security technologies to improve accuracy and visibility.
  • Used a combination of open source research, network, and host forensic analysis, log review and correlation to support investigations.
  • Analyzed email messages reported by customers to determine correct classification (spam, threat, ham).
  • Worked with the Threat Intelligence and Digital Forensics and Incident Response (DFIR) teams to identify threats, develop/recommend countermeasures to the clients, and performed advanced network and host analysis in the event of a compromise.
  • Managed configuration, imaging, and deployment of servers for clients. Maintained an understanding of the current vulnerabilities, response, and mitigation strategies used in cyber security operations.
  • Performed log rotation on weekly basis via SSH and WinSCP.
  • Provided clients with security monitoring services through Terra Verde CSM platform which includes monitoring of firewalls, active directory activity, mail and web gateways, deploying multi factor authentication, endpoint protection and 24/7 security monitoring of over 20,000 endpoints located all over the world both in the commercial and government sectors.
  • Configured VMware environment. Installed and administered Windows Server which included installing Active Directory, DNS and DHCP.

Network Security Engineer & Analyst

Pentor Security
09.2016 - 09.2018
  • Handled escalations and analysis on client’s network traffic using a myriad of different technologies and investigation practices to analyze alarms, trends, and anomalies on a client’s network (SIEM, IDS, IPS, DLP, Wireshark, Active Directory Analysis, and Behavioral Analysis tools).
  • Performed in depth investigations incorporating ticket creation, threat research, sandboxing, and remediation efforts all in accordance with SLAs and Rules of Engagement provided to SOC clients.
  • Participated in a team of Security Operations Engineers to investigate activities such as alerts, anomalies, errors, intrusions, and malware to identify the source of activities, determine remediation, and recommend security improvements.
  • Responsible for identifying and classifying cyber security vulnerabilities. Worked with system owners on mitigation plans to track the results of the plan execution, as well as, ensure plans are documented and clearly understood by the system owners.
  • Whitelisted/Blacklisted: Domains, IP Addresses, and Email Addresses on Barracuda and Symantec Web & Email Gateway.
  • Responsible for Network Security Control Assessments and Risk Assessments using vulnerability scanning tools, such as Nessus, Qualys and OpenVAS.
  • Monitored and analyzed client network data ingesting data from different log and data sources hunting for trends, anomalies, and alerts using SIEM and other network monitoring technologies.
  • Provided information regarding intrusion events, security incidents, and other threat indications and warning information to the client.
  • Reviewed security events that are populated in a SIEM system.
  • Utilized commercial and open source tools to quickly analyze, detect, and respond to cyber security incident.
  • Recommended tuning and instrumentation improvements to clients. Worked with the Engineering and Operations team on vulnerability remediation efforts by analyzing vulnerability results

Cyber Security Engineer

Kerberoz Shield
08.2015 - 09.2016
  • Provided detailed status updates on existing cyber security incidents daily to include follow up with client/customer to ensure satisfactory resolution.
  • Provided analysis of network packet captures, DNS, proxy, Netflow, malware, host-based security and application logs, as well as logs from various types of security sensors.
  • Worked with system owners on mitigation plans to track the results of the plan execution, as well as, ensure plans are documented and clearly understood by the system owners.
  • Interacted on regular basis with cyber intelligence analysts conducting threat analysis operations, as well as numerous IT professionals performing varying technical roles within the client organization.
  • Observed and analyzed traffic to learn valuable lessons from known malicious actors, and to determine countermeasures against such threats.
  • Monitored security patch levels of the servers, workstations, network environments, and anti-virus systems.
  • Utilized SIEM, Intrusion Detection & Prevention System (IDS / IPS), Data Leakage Prevention (DLP), forensics, sniffers, and malware analysis tools.
  • Monitored and analyzed client network data ingesting data from different log and data sources to hunt for trends, anomalies, and alerts using SIEM and other network monitoring technologies.
  • Performed network traffic analysis using raw packet data, network flow, Intrusion Detection Systems (IDS), and custom sensor output from communication networks.
  • Performed analysis on logs produced by network devices utilized within the SIEM such as firewalls, content filtering, Syslog from various sources/devices, and assorted Intrusion Detection capabilities, substantiating vulnerability scanner results, directory services, DHCP logs and Secure Email Gateway logs.
  • Conducted base level analysis to determine the legitimacy of files, domains, and emails using tools such as Wireshark and a Linux Toolkit as well as online resources such as Virus Total, URLVoid, IPVoid, and Sandbox.
  • Participated in a team of Security Operations Engineers to investigate activities such as alerts, anomalies, errors, intrusions, and malware to identify the source of the activities, determine remediation, and recommend security improvements.

Linux/Unix Systems Engineer

Medical Center Health System
02.2014 - 08.2015
  • Administered user accounts in Active Directory and performed OS patches and upgrades.
  • Provided technical support for computer hardware/software issues, network printers, peripheral devices, LAN/WAN switches, and support devices.
  • Developed Corrective Action of Plan (CAP) by identifying system problems that were of an unusual or complex nature.
  • Performed hardware and software installations, upgrades, maintenance, patch administration, kernel modification/upgrades, file system management, performance and security analysis, and network configuration/tuning.
  • Provided duties around databases, networks (LAN, WAN) and patch management.
  • Added/deleted system users, and changed user privileges, as necessary.
  • Preformed installation and configuration of applications software to establish user environments. Whitelisted/Blacklisted: Domains, IP Addresses and Email Addresses on Barracuda and Symantec Web & Email Gateway.
  • Installed, configured and administered AD, DNS, DHCP and creation private VLANs. Ran tests on computer programs, hardware elements and network devices to analyze and adjust speeds and performance to optimize levels with company's growth requirements.
  • Categorized support problems and responded with appropriate level of urgency.
  • Ensured data/media recoverability by implementing a schedule of system backups and database archive operations.
  • Assessed system problems with the network, software and/or hardware components by running diagnostics, assessing different solutions and upgrading devices when necessary.

Education

Bachelor of Science - Computer Science

University of Maryland - College Park
College Park, MD

Associate of Applied Science - Cyber Security

Northern Virginia Community College
Annandale, VA

Skills

    Endpoints: AquaSecurity - PrismaDefender - NightFall - CrowdStrike - Uptycs - Defender - CarbonBlack - Tanium - TrendMicro - ForeScout - Guardicore - Sysdig - Palo Alto Traps

SIEM: DataDog - AlientVault USM - Darktrac - CarbonBlack Defense - McAfee - FireEye - IBM QRader - Splunk - Imperva WAF, Gigamon, SourceFire

Cloud Services: AWS - OpenStack - Google Cloud - Azure - SteelCloud - VMware

Container Technologies: Kubernetes - Docker - Vagrant

CNAPP: SentinelOne, Crowdstirke, Rapid InsightCloudSec, Wiz

AppSecurity: Aqua Security, SonarQube, CheckMarx, Rapid7 Nexpose

Configuration Management tools: Ansible - Terraform - Chef - Puppet- Satellite

Framework Knowledge: Jira - Snow - Project Management - Project Life Cycles - Cybersecurity - Risk Management Framework (RMF) - NIST - FISMA - FIPS - FedRAMP - PCI DSS - SOC 2

Programming Languages: Shell Scripting - Python - SQL - YAML

Operating Systems: Windows 7,8,10 - Linux(RHEL, CentOS, Ubuntu, openSUSE, Fedora) - OS X - Windows Server 2008/2012/2016 R2

Network tools: Cisco ASA firewalls - Pfsense - Routers - IDS/IPS - Switches - Gigamon - SourceFire - Imperva WAF - IPswitch

Certification

AWS DevOps Engineer - Professional

Timeline

Senior Security Architect

Legal And General (Subcontractor Computer Entper)
07.2020 - 01.2021

Principal DevSecOps Architect

BAE SYSTEMS
01.2020 - 07.2020

Cyber Security & Linux Systems Engineer

Comcast Cable Communications, LLC (Randstad Tech)
08.2019 - 01.2020

Cyber Security Architect

Terra Verde Security
09.2018 - 04.2019

Network Security Engineer & Analyst

Pentor Security
09.2016 - 09.2018

Cyber Security Engineer

Kerberoz Shield
08.2015 - 09.2016

Linux/Unix Systems Engineer

Medical Center Health System
02.2014 - 08.2015

Senior Principal Security Architect

Bank of America
2 2021 - 04.2024

Bachelor of Science - Computer Science

University of Maryland - College Park

Associate of Applied Science - Cyber Security

Northern Virginia Community College
Sami KakarIT Professional