Profiles search
Arpit Patel
Sr Information Security at BJC HealthCare
Piscataway, NJ, United States
Details
Experience:
• Configuring, implementing and maintaining all security platforms and their associated software, such as routers, switches, firewalls, intrusion detection/intrusion prevention, anti-virus, and SIEM.
• Involved in Security Operation, Vulnerability and Risk Assessment, alerting report generation and analysis with various security tools (Splunk, McAfee ePO, Symantec DLP, Imperva, Sourcefire (IDS/IPS), FireEye. Bluecoat Proxy, etc
• Responsible for capturing security and privacy requirements for clients to be compliant with Payment Card Industry (PCI)
• Administration of Splunk (SIEM), ARCOS (Privilege Identity Management), DLP (Symantec), Imperva WAF tools.
• Experienced with, DLP, Bluecoat websense, Proofpoint, Trend Micro, Nexpose (Rapid7) and Splunk Enterprise SIEM security tools to monitor network environment
• Assisted engineers with Splunk troubleshooting and deployment .
• DLP Profile deployment report for detecting servers and Update DLP policies - Incident Analysis
• Excellent Understanding of upgrade SIEM ( ESM, ELM, Receivers)
• Versatile and adaptable team player with strong analytical and problem solving skills.
• Ability to initiate things and the power to grasp business operations and concepts instantly.
• Performing periodic vulnerability testing and assisting in remediation efforts.
2020 : Present
BJC HealthCare
Sr. Information Security Engineer
• Experience in Security Incident handling SIEM using RSA Envision and IBM Qradar products.
• Security incidents to provide management oversight to the incident process.
• Perform tuning of the Security Incident and Event Manager (SIEM) filters and correlations to continuously improve monitoring.
• Expert Understanding to develop the complex Use Cases, Universal device support Modules on the QRadar SIEM. Expert in installing and configuring Splunk forwarders on Linux, UNIX and Windows.
• Expert in installing and using Splunk apps for UNIX and Linux (Splunk nix).
• Experience with deployment of Symantec DLP- Endpoint Prevent, Network Prevent for Email, and Network Prevent for Web, Network Discover, and ITA. In-depth experience with Symantec DLP in an enterprise environment. Experience with architecting Symantec DLP Platforms. Experience analysing Symantec DLP events and reports. Experience tuning Symantec DLP to reduce false positives and improving detection rates.
• Provided penetration testing for PCI, SOX, HIPAA, and compliance with ISO 27000.
• Performed Monthly and quarterly Scans using Symantec DLP and done the escalation of critical data found on Share devices and Shared drives. Created and managed DLP policies.
• Network and host DLP monitoring and logging
• Performed Monthly and quarterly Scans using Symantec DLP and done the escalation of critical data found on Share devices and Shared drives. Created and managed DLP policies.
• Utilized Security Information and Event Management (SIEM), Intrusion Detection & Prevention (IDS / IPS), Data Leakage Prevention (DLP), forensics, sniffers and malware analysis tools.
• Monitoring and remediating daily security alerts generated by end users with the tools like Intel/McAfee SIEM, ForcePoints Websense, and Intel/McAfee EPO 5.X and also responsible for effectiveness of tools and scans, as well as assessing and tracking risk of exposure.
2018 : 2020
Comcast
Cyber Security Specialist
• Initial set-up, installation, and implementation of new SIEM solution (IBM Qradar).
• Scanning Data and in-coming alerts/false positives to recognize red flags and patterns in the DLP console - Data Loss Prevention (Symantec system)
• Creating, maintaining security related documentation (excel sheets and data) and working within company processes and procedures for security documentation and alert resolution.
• Assisted in data security projects to include data classification, data discovery, data mapping and data loss prevention integration.
• Experienced on Palo Alto and Bluecoat CLI commands and make configuration changes to both platforms.
• Aggregate, correlate and analyze log data from network devices, security devices and other key assets using QRadar.
• Created SIEM dashboard for Qradar and reconciliation with Storage, Database Server,Workstation and Server and Network Devices.
• Along with creating custom views, reporting and automated alerting for both operational and security use using IBM QRadar.
• Assist multiple security projects with the goal of exceeding compliance objectives. Responsible for maintenance, administration, and configuration of the log aggregation solution.
• Responsible for maintaining availability, reporting and communication of the SIEM between it, its event-sources and the endpoints. Analysis of various use cases in the Qradar console like Malware, AD-related issues.
• Worked with Internet Engineering team in the design and configuration of BlueCoat Internet proxy. Implemented WebFilter database for URL content Filtering.
• Responsible for web traffic hygiene and threat management/prevention in large-scale financial organizations (CPPIB, Sunlife and Manulife), using Bluecoat (ProxySG, SWG, CAS).
• Used consultative selling skills to prospect, identify opportunities, overcome objections, and, Compliance (HIPPA, PCI, SOX), and Vulnerability software technology.
2015 : 2018
General Dynamics Information Technology
Cyber Security analyst
• Involved in Security Operation, Vulnerability and Risk Assessment, alerting report generation and analysis with various security tools (Splunk, McAfee ePO, Symantec DLP, Imperva, Sourcefire (IDS/IPS), FireEye. Bluecoat Proxy, etc
• Responsible for capturing security and privacy requirements for clients to be compliant with Payment Card Industry (PCI)
• Administration of Splunk (SIEM), ARCOS (Privilege Identity Management), DLP (Symantec), Imperva WAF tools.
• Experienced with, DLP, Bluecoat websense, Proofpoint, Trend Micro, Nexpose (Rapid7) and Splunk Enterprise SIEM security tools to monitor network environment
• Assisted engineers with Splunk troubleshooting and deployment .
• DLP Profile deployment report for detecting servers and Update DLP policies - Incident Analysis
• Excellent Understanding of upgrade SIEM ( ESM, ELM, Receivers)
• Versatile and adaptable team player with strong analytical and problem solving skills.
• Ability to initiate things and the power to grasp business operations and concepts instantly.
• Performing periodic vulnerability testing and assisting in remediation efforts.
2020 : Present
BJC HealthCare
Sr. Information Security Engineer
• Experience in Security Incident handling SIEM using RSA Envision and IBM Qradar products.
• Security incidents to provide management oversight to the incident process.
• Perform tuning of the Security Incident and Event Manager (SIEM) filters and correlations to continuously improve monitoring.
• Expert Understanding to develop the complex Use Cases, Universal device support Modules on the QRadar SIEM. Expert in installing and configuring Splunk forwarders on Linux, UNIX and Windows.
• Expert in installing and using Splunk apps for UNIX and Linux (Splunk nix).
• Experience with deployment of Symantec DLP- Endpoint Prevent, Network Prevent for Email, and Network Prevent for Web, Network Discover, and ITA. In-depth experience with Symantec DLP in an enterprise environment. Experience with architecting Symantec DLP Platforms. Experience analysing Symantec DLP events and reports. Experience tuning Symantec DLP to reduce false positives and improving detection rates.
• Provided penetration testing for PCI, SOX, HIPAA, and compliance with ISO 27000.
• Performed Monthly and quarterly Scans using Symantec DLP and done the escalation of critical data found on Share devices and Shared drives. Created and managed DLP policies.
• Network and host DLP monitoring and logging
• Performed Monthly and quarterly Scans using Symantec DLP and done the escalation of critical data found on Share devices and Shared drives. Created and managed DLP policies.
• Utilized Security Information and Event Management (SIEM), Intrusion Detection & Prevention (IDS / IPS), Data Leakage Prevention (DLP), forensics, sniffers and malware analysis tools.
• Monitoring and remediating daily security alerts generated by end users with the tools like Intel/McAfee SIEM, ForcePoints Websense, and Intel/McAfee EPO 5.X and also responsible for effectiveness of tools and scans, as well as assessing and tracking risk of exposure.
2018 : 2020
Comcast
Cyber Security Specialist
• Initial set-up, installation, and implementation of new SIEM solution (IBM Qradar).
• Scanning Data and in-coming alerts/false positives to recognize red flags and patterns in the DLP console - Data Loss Prevention (Symantec system)
• Creating, maintaining security related documentation (excel sheets and data) and working within company processes and procedures for security documentation and alert resolution.
• Assisted in data security projects to include data classification, data discovery, data mapping and data loss prevention integration.
• Experienced on Palo Alto and Bluecoat CLI commands and make configuration changes to both platforms.
• Aggregate, correlate and analyze log data from network devices, security devices and other key assets using QRadar.
• Created SIEM dashboard for Qradar and reconciliation with Storage, Database Server,Workstation and Server and Network Devices.
• Along with creating custom views, reporting and automated alerting for both operational and security use using IBM QRadar.
• Assist multiple security projects with the goal of exceeding compliance objectives. Responsible for maintenance, administration, and configuration of the log aggregation solution.
• Responsible for maintaining availability, reporting and communication of the SIEM between it, its event-sources and the endpoints. Analysis of various use cases in the Qradar console like Malware, AD-related issues.
• Worked with Internet Engineering team in the design and configuration of BlueCoat Internet proxy. Implemented WebFilter database for URL content Filtering.
• Responsible for web traffic hygiene and threat management/prevention in large-scale financial organizations (CPPIB, Sunlife and Manulife), using Bluecoat (ProxySG, SWG, CAS).
• Used consultative selling skills to prospect, identify opportunities, overcome objections, and, Compliance (HIPPA, PCI, SOX), and Vulnerability software technology.
2015 : 2018
General Dynamics Information Technology
Cyber Security analyst
Company:
BJC HealthCare
Profile Photo
