linkedin.com/in/kammili

Ravi Kammili

Information Security Professional

Summary

Highly motivated, energetic Information Security Professional with strong knowledge and a keen interest in security tools, platforms, technologies, and methodologies with outstanding organizational, problem resolution, multitasking, and team building skills. Adept at communicating with colleagues and clients in a clear and understandable manner and quick to learn new skills in fast-paced IT environments.

Work History

Apr 2015Present

Information Security Analyst

CareCentrix

Security Remediation Initiative

- Guide and assist in architecting a multi-tier network, supplemented with network segmentation to improve access controls and reduce threat surface

- Review application design for information security standards and assist development teams in sound security framework

- Document, prioritize, and analyze security threats, incidents and key metrics.

- Champion Annual SSAE16 audit process.

- Periodically review, re-certify, and update company policies, standards and specifications to ensure compliant, effective data management with clients and external vendors

Vulnerability Management

- Manage and maintain vulnerability scanning and reporting as part of the overall vulnerability and patch management process.

- Responsible for detecting and tracking vulnerabilities through the vulnerability life cycle, consulting with internal teams and business units to, assess threats, associated risks and remediate accordingly.
- Prepare comprehensive, customized reports based on risk ratings of vulnerabilities, severity and business impact. Present findings and propose countermeasures to senior technology executives.
Application Whitelisting

- Lead the planning, implementation and management of application whitelisting solution across all enterprise workstations to better prevent, detect and respond to malware and advanced threats.

Jun 2014Mar 2015

Network and Security Engineer

G14 Solutions

SIEM Monitoring

- Used AlienVault USM to aggregate data from multiple sources, including Host/Network IDSs, and SNMP traps to consolidate monitored data to help avoid missing crucial events.
- Automated the gathering of compliance data, producing reports that adapt to existing security, governance, and auditing processes.

Network Engineering
- Designed and implemented secure infrastructure solutions, including firewalls, IDS/IPS, SIEM infrastructure, vulnerability scanning tools, VPN, load-balancing systems and other tools.
- Managed Checkpoint firewall and BlueCoat products by establishing and enforcing policies; Responsible for defining and monitoring and auditing access controls.
- Installed, configured and maintained VMware ESXi environments. Experienced with vCenter, DRS, HA, vMotion

Certifications

Nov 2015Present

Offensive Security Professional (OSCP)

Offensive Security

Currently in Progress

20142017

CCNA Routing and Switching, CCNA Security

Cisco

20142017

Linux+, Network+, Security+

CompTIA

Objective

To obtain a challenging and engaging position of Information Security Engineer to contribute my work experience and technical skills in maintaining, designing and implementing security controls to protect the firm's business practices and assets.

Education

20152016

BS Information Technology - Security

Western Governors University

2014

Diploma - Java Technologies

NIIT

20082012

Cellular and Molecular Biology

University of Connecticut

Qualifications

- Highly adaptable with a proven ability to grasp new technologies and tools, analyze problems, and provide solutions and strategies.
- Experience with IDS/IPS technologies, web and email content filtering, SIEM infrastructure, enterprise security solutions, packet-level network monitoring, log analysis, HIPPA, PCI DSS, and SSAE16 processes
- Possess robust planning, organizational, leadership, and technical skills.
- Strong knowledge of TCP/IP stack and security protocols including HTTP(S), DNS, SMTP, SSH, IPSec, RADIUS and general cryptography techniques as related to different operating systems.

Skills & Technologies

Skills - Application Whitelisting, Identity and Access Management (IAM), Web & Email Content Filtering, Firewall Management, Endpoint Protection, Intrusion Detection & Prevention, Vulnerability Management, Packet Analysis, OS Hardening, VPN, Two-Factor Authentication, Log Analysis, Virtualization, VDI Environments, Security Metrics

Tools - Cisco IronPort, Cisco IPS/IDS, F5 LBs, Duo Mobile, CheckPoint, Palo Alto NGFW, Tenable SecurityCenter & Nessus, ELK Stack, Splunk, NeXpose, AlienVault USM, Symantec CCS, Symantec Protection Suite, QualysGuard, Snort, Wireshark

Operating Systems - Windows Server 2008/2012, Windows XP/7/8, Linux, OSX, VMware ESXi

Networking - TCP/IP Stack, Routers, Switches, Firewalls, TLS, IPSec, 802.1x, NFS, 802.11, SMTP, DNS

Programming Languages - Java, Python, SQL