The document provides a resume and profile for Chirag Dobariya. It details his education, certifications, technical skills and experiences working as an Information/Cloud Security Engineer and Lead Cyber/Cloud Security Engineer.
The document provides a resume and profile for Chirag Dobariya. It details his education, certifications, technical skills and experiences working as an Information/Cloud Security Engineer and Lead Cyber/Cloud Security Engineer.
The document provides a resume and profile for Chirag Dobariya. It details his education, certifications, technical skills and experiences working as an Information/Cloud Security Engineer and Lead Cyber/Cloud Security Engineer.
The document provides a resume and profile for Chirag Dobariya. It details his education, certifications, technical skills and experiences working as an Information/Cloud Security Engineer and Lead Cyber/Cloud Security Engineer.
Download as DOCX, PDF, TXT or read online from Scribd
Download as docx, pdf, or txt
You are on page 1/ 7
Chirag Dobariya
Security Engineer CDOBARIYA@GMAIL.COM
1-703-541-8217
PROFILE:
To make career with an institute that provides quality education and which enables me to apply my knowledge and potential to achieve institute objectives and to give contribution to the society. Always curious why this is working as way it is working, what is the other way.
Compliance: PCI-DSS, NIST-800 & Internal Audits, CIS Benchmarks. Vulnerabilities: Rapid7VM, Tenable IO, Qualys Finding and Mitigation on Security Devices. SIEM Tool: Rapid7IDR, Splunk, Sumologic and Tableau EXPERIENCES:
Information/Cloud Security Engineer June 2022 – Present.
Client: Washington Health Benefit Exchange (WAHBE)
Responsibilities:
Develop and implement Azure cloud security controls, Third Party cloud-based tools, and Automate cloud security Process. Evaluate and Deploy the CASB (Cloud Access Security Broker) solution, Configure the Z-Scaler zero-trust solution on Perm and Cloud resources. Participate in Information security tools proof of concepts to evaluate security tools that fits the business requirements. Assess the GitHub Security and Its Self-Hosted and Large Runner with IRS Guidelines. Perform Incident Response and Forensics evaluation using security information and event management (SIEM) tools. Integrated ForgeRock IAM solution with all WAHBE applications in Cloud and On-premise. Deployed the Microsoft Defender and its security solution for DLP. Deployed and configured the ForgeRock Identity solution with MFA in the cloud service provider. Analyze the Cloudflare for DDOS protections with Rate Limiting and deployed all WAF rules. Perform the Security Tools Scanning for Azure Foundations and all Windows servers. Coordinates with the Security Operations Center as internal pen tester (White hat) to proactively defend against the known exploits and vulnerabilities in Cloud Environments. Analyzes and responds to network security events/alerts/intrusion at tier 2-3 level capacity for a managed Security Operations Center (SOC). Working closely with DevOps and Developer teams on identifying security and privacy issues in AWS or Azure and finding solutions to provide required functionality securely. Help and Update the systems security documentation and artifacts such as Systems Security Plan (SSP), Information Security Risk Assessment, Privacy Impact Assessment, Systems Security Report, Correction Action Plan, Plan of Action & Milestones (POA&M). Implement and maintain of SecDevOps with Jenkins and GitHub CI/CD pipeline. Work and deploy HiTRUST, FedRamp, NIST-800-53_v4. POA&M Govern compliances. Implemented Automatic ATO and SSP process for Federal systems and procedure. Support the Technical certification on security technologies / products is desirable. Demonstrate experience with implementing CSF, CIS Benchmark, NIST and Federal Security standards on-premise and cloud environments. Familiar with ITIL concepts such as Incident, Change, and Problem Management and Updates incident and change management records Provides technical support for activities that that improves the security posture of WAHBE’s Health Plan networks. Information/Cloud Security Engineer Dec 2020 – May 2022 Federal Client: HHS/HRSA Hold Public Trust Clearance.
Responsibilities: Define, implement and maintain security policies and procedures. Working with Multiple Vendors and NIST/FedRamp Approved partner to set the policies. Support customer Security Authority in reviewing results of monthly Vulnerability Scans, engaging infrastructure and application teams as needed to address vulnerabilities. Deploy, Manage and Implement SIEM tools with validation and collect security alerts and make reports to present the meaningful insight to the management. Build NIST 800-XX framework on current Security systems, specially follow with NIST 800-53 Rev.4 for Government Security Infrastructure. Worked in Upgrades, Solution designing and implementation of various security products. Support any new initiative or incremental build, meet with Business and Engineering teams to develop understanding of network & security requirements. Based on these requirements, Design the overall changes to the network solution across both on-perm Data Centre and cloud infrastructure. Worked with stakeholders to obtain approval of design. Subdivide design into discrete tasks that can be delivered by different technical tracks; set implementation timelines and track progress. Acquired a complete understanding of a company’s technology and information systems to be able to advise on overall security and network challenges. Perform and manage the Web Application Firewalls to allow access. Review the Gap analysis and configuration issues. Responsible for maintaining & enhancing information security management program(s) to ensure integrity, confidentiality, and availability of information. Remediate security issues by applying patches (.Net, Windows, Linux) for servers and platforms Analyze/Interpret/Provide solution to vulnerabilities, writing justifications of issues, understanding of various security tools and their configurations. Develop Incident response plan and document the lesson learn techniques to avoid the same issue happen again in the future. Provide guidance and best practice recommendations for IT security policies, procedures, and standards that meet regulatory requirements and protect PHI/PII Data. Assess and recommend process improvements to ensure all operational and application system changes undergo security impact assessment. Maintain knowledge of security regulations, best practices, countermeasures, compliance standards, and current threats. Working knowledge of static code analysis and vulnerability assessment tools such as Fortify Static Code Analyzer, Fortify Web inspect, Nessus – Network scan, Netsparker, Black duck, Coverity – Application code testing scan etc. Experience in determining system risks, threats and implementing and monitoring controls to mitigate defined risks. Familiar with security tools such as Netsparker, HP Fortify, Splunk, Windows/Linux environments, and application patching for vulnerabilities. Industry-relevant security certifications are desired. Lead Cyber/Cloud Security Engineer. June 2012 – Nov 2020 Washington DC Visa Inc.
Responsibilities:
Responsible for day-to-day administration of network firewalls designed along with information security tools to protect networks and systems from malicious/unauthorized network access or misuse. All team members (including clients/customers) called “Go to guy” when they are looking for something in the network or security side. I did participate in Major incident/problem called as SME for. Experience designing and building network infrastructures for a 24/7 enterprise environment using virtual firewalls such as Check Point VSX/Palo Alto Next Generation FW systems. Participate in Information security tools proof of concepts to evaluate security tools that fits the business requirements. Primary responsibilities include, updating firewall rules/policies to meet security requirements, creating and supporting web application firewall profiles, performing CLI configuration updates on Cisco ASA/FWSM, Check Point SPLAT, Gaia platforms, Palo Alto Panorama, firewall log analysis, troubleshooting network connectivity problem via use of packet captures. Also lead to implement Policy as Global level security infrastructure to insure Confidentiality, Integrity and Availability of the valuable Data and Information. Troubleshooting firewall fault conditions and coordinating firewall rebuild efforts along with vendors. Coordinates with the Security Operations Center as internal pen tester (White hat) to proactively defend against the known exploits and vulnerabilities. Configures internet proxy servers to restrict corporate internet access to support the company’s acceptable use policy with security posture. Analyzes and responds to network security events/alerts/intrusion at tier 2-3 level capacity for a managed Security Operations Center (SOC). Diagnoses and resolves network connectivity problems in short time frames & Applies security software patches and assists in capacity expansions. Implement and maintain of SecDevOps with CI/CD pipeline. Demonstrate experience with implementing CSF, CIS Benchmark, NIST and Federal Security standards on-premise and cloud environments. Familiar with ITIL concepts such as Incident, Change, and Problem Management and Updates incident and change management records Provides technical support for activities that that improves the security posture of Visa’s large Payment networks. Provides 24x7 on-call support as per on-call rotation.
Remote Access/Network Security Engineer Feb 2011 - June 2012
International Monetary Fund (IMF)
Responsibilities: Deployment of Juniper EX/MX switches at HQs, Remote offices and Test environment. Supported Cisco ASA firewalls include with Cisco Virtual Office project with implementation, configuration and troubleshooting. Cisco Networks (firewalls, routers, wireless, access control) & Creating the VS system on the Checkpoint HW with different OS & Manage the Security Management Provider-1 to manage all CMAs and policy for the all gateways. VPN concepts, VPN configuration, and VPN deployment issues. Configuring, managing and troubleshoot the checkpoint VPN and communities. Familiarity with ITIL change management practices; Remedy Help Desk ticketing. Working with Bluecoat Proxy SG device to configure and manage the Internet traffic and policy trace. Gathering and analyzing technical requirements that feed into the evaluation, selection, configuration, deployment and support of remote access technologies implemented in the Fund’s HQ environment (which also includes a business continuity site) and/or in the Fund’s overseas offices. Collaborating with other IT teams on the configuration, deployment and support of remote access solutions. Documenting systems documents as required for describing systems architecture, technical support, Help-Desk support and ISO27001 compliance. Assisting application developers with certification testing of applications that will be deployed for use by staff working remotely. Providing backup technical support and end user support for the Citrix Terminal Server and Juniper SSL VPN. Providing Tier 3 escalation support for remote access.
Network Security Engineer/Administrator Jan 2009 – Feb 2011
Child Support Service Division/Office of the Attorney General (OAG) - DC Gov.
Responsibilities: Implementing and managing Checkpoint Provider 1.0 Scalable security management for multi-domain environments. Working with security analyst in entire organization Network. Conduct network vulnerability scanning, analyzing results, working with appropriate teams towards vulnerability resolution (Network Monitoring Tool). Managing and Deployment IT Security principals and procedures. Configuration, Managing and troubleshooting Tipping Point for IPS, Tripwire and Varonis for IDS Detection. Solve the issues and 24X7 monitoring. Evaluate and approval of systems security configuration (software security architecture). Installation, Configuration and Administration of the VMware and Microsoft Virtual Machines with integration to the Workstation and Servers. Implementation of Networking products like Servers, Proxy servers, web servers, FTP Servers, Mail servers, Anti-Virus server, Hubs, Repeaters, Switches, Bridges, Firewalls, Structured cabling, CSU/DSU. Utilizes monitoring, performance and analysis and network management equipment to trouble shoot and isolate problems, gauge network performance and track data, voice, video and imagery circuits. Familiarity or previous experience with Network management tools such as Network Monitoring Tool. Thorough understanding of network and security knowledge (TCP/IP, DNS/WINS, firewalls, routers, IDS, VPNs). Proven ability to deliver Security Architecture assessments specifically focused on perimeter, desktop and internal security and controls and also providing physical level securities. Maintain and expand working knowledge of current Trend Micro products as well as their integration and methods of support delivery. Installation & administration of Windows NT, Windows NT 4.0 Terminal Server Edition, Windows 2003 R2/2008 R2 Domain Controllers, Active Directory Design & Architecture, File/Print/Mail/Database Servers.
Level III Firewall Support for Network Services Feb 2008 - Dec 2008 AT&T, RTP NC.
Responsibilities: Installed, configured and maintained Cisco 501 Pix firewall and Checkpoint Firewall-1/VPN-1, R65/70/75 VSX to secure the Network. Configuration and troubleshooting of Local area network and wide area network. Network monitoring using what’s up gold to ensure the high availability, reliability, and performance of LAN network. Installation, Configuration and Administration of the VMware and Microsoft Virtual Machines with integration to the Workstation and Server & Cisco IDS/IPS implement and monitoring for Prevent Intrusion. Maintain and managing Documents of Current Configuration of Checkpoint/Cisco ASA Firewalls. Configured an IIS web server to provide web service capabilities. Installed and configured Outlook clients. Troubleshoot outlook issues. Act as the primary point of contact while monitoring the resolution process of security issues and institute monitoring programs to proactively assess vulnerabilities. Network maintains including security services, load monitoring, system resiliency, and back-up, and restore. Developing and implementing strategies for managing security roles, privileges and authentication for large user populations Extensive working knowledge of operation systems and platforms to include LANs, Software and Hardware, Programming techniques and database technologies.
Level III Firewall Support for Network Services Aug 2007 - Feb 2008 IBM, RTP, NC.
Responsibilities: Manage and maintain an existing network environment and making it more secure and redundant and fault tolerant and functional 24/7. Security & Internal LAN Management: VPN tunneling setup for FTP access and remote access, configure hardware Firewall/Gateway for intrusion protection, packet filtering, NAT, Web protection policies, Installation of Juniper Firewalls and IDS. Configure VPN for other remote office with, AAA RADIUS and TACACS+ Servers Configure and troubleshoot Checkpoint, Cisco and Juniper Netscreen 25 & 50 Firewalls and Monitoring IPS/IDS. Document all the installations and configurations using Visio and Word, configured packet filtering & NAT (network address translation) for securing internal network, security policies for the training room machines, perform regular patches and updates on time. Responsible for system scanning, updating anti-virus definitions and updating Windows servers, Windows 2000, XP, LINUX servers. Do necessary research and suggest buying technologies and products, which enhance our efficiency and provide a cutting edge. WEB Servers: Research and purchase hardware required for the servers, install O.S on web servers, setup Raid 0, 1, 5 management using hardware and software Raid controllers, manage and maintain IIS on these servers regularly update and patch for security purposes. REFERENCES: Available upon request.
AWS Certified Solutions Architect – Professional Exam Guide (SAP-C02): Gain the practical skills, knowledge, and confidence to ace the AWS (SAP-C02) exam on your first attempt
AWS Certified Solutions Architect – Professional Exam Guide (SAP-C02): Gain the practical skills, knowledge, and confidence to ace the AWS (SAP-C02) exam on your first attempt
