
Sunny Bangotra
- CyberArk Administrator
- Jersey City, NJ
- Member Since Apr 14, 2023
Sunny Bangotra
Professional Summary:
Technical Skills:
|
Security Tools |
CyberArk, QualysGuard, Symantec ESM, Sailpoint IIQ, ESSO, OKTA, Datasecure, Safeword, etoken. |
|
CRM Tools Used |
Remedy, Onyx, Microsoft Dynamics 4.0 |
|
Datacenter Technologies |
Active Directory, SQL 2005 & 2008, MS-Access |
|
Virtualization |
VMware |
|
Networking
|
Radius, TCP/IP, DHCP, DNS. |
|
Security Concepts |
Cryptography, Identity and Access Management, PCI and SOX Compliance, Application Security, System Security, SSL, PPP. |
|
Operating System: |
Windows 2003/2008/2012/XP/vista/7 and UNIX. |
|
Language |
java and C# |
|
Scripting Language |
PowerShell |
|
PKI concepts |
Symmetric & Asymmetric Encryption, PKI Model, SSO. |
Certifications:
# Qualys Guard Vulnerability Management Certified Specialist.
# CyberArk Certified Adminstrator.
# CyberArk certified custom plugin creator.
# SANS SEC 401 Trained.
# VMWARE Certified Associate.
# Windows 2012 Microsoft trained professional.
# Safeword certified Engineer (Identity and Access management)
# Datasecure Certified Engineer (Hardware Security Module)
# Pursuing CISSP
EMPLOYMENT and PROJECTS:
Experience Summary (Nov 2017 – Till Date)
JPMorgan Chase & CO.
Currently working with JPMorgan Chase & CO. as Associate in Global Identity and Access Management domain.
JOB PROFILE:
· Designing and implementing Privilege Access Management Architecture.
· Running Vulnerability scans and further removing vulnerabilities found.
· Keeping track of Vulnerability using Information technology Risk Control portal.
· Writing Web-services code for CyberArk in order to integrate with different applications
· Performing bug fixes and providing new releases for the security solution as per requirement.
· Performing POC for any new implementations.
· Writing technical documents.
· Deploying and managing security solutions and providing L3 support on day to day issues.
Experience Summary (Nov 2015 – Nov 2017)
Infosys Ltd
Currently working with Infosys Ltd as Senior Consultant in Enterprise Security and Risk Management domain.
Infosys Limited is an multinational corporation that provides business consulting, information technology, software engineering and outsourcing services.
JOB PROFILE:
· Security solution responses of RFP/RFI for global customers and providing the corresponding effort estimations.
· Designing and implementing CyberArk for various clients
· Writing Web-services code for CyberArk in order to integrate with different applications
· Designing and implementation of various components of CyberArk - EPV, PVWA, CPM, PSM, PSMP, AIM, PTA and Viewfinity(endpoint privilege manager).
· Designing and deployment of Security applications and tools Like Sailpoint IIQ, OKTA, Enterprise Single sign on (SSO) in clients environment.
· Performing bug fixes and providing new releases for the security solution as per customer’s requirement.
· Performing POC for any new requirements.
· Writing technical documents for clients.
· Providing in house training to other teams dealing in security domain.
· Deploying and managing security solutions and providing L3 support to clients for any day to day issues.
|
Project Title |
CyberArk Design, Installation and Configuration |
|
Position |
Tech Arch |
|
Responsibilities |
|
|
Project Title |
CyberArk integration with Third party tools. |
|
Position |
Team Lead |
|
Responsibilities |
|
|
Project Title |
CyberArk AIM integration with applications |
|
Position |
Team Lead |
|
Responsibilities |
|
Experience Summary (July 2013 – Nov 2015)
STMicroelectronics PVT Ltd
Worked with STMicroelectronics Pvt Ltd as a Senior Information Security Engineer.
STMicroelectronics is global leader in providing semiconductor solutions and is known as one of the world’s largest semiconductor companies.
JOB PROFILE:
· Deploying and managing CyberArk PIM solution within ST environment to cater to World Wide datacenter.
· Looking after the Security of the Infrastructure of the Company especially windows environment and removing Vulnerabilities from the environment.
· Running regular Vulnerability scans using QUALYS GUARD in order to make sure all vulnerabilities are captured and changes are made accordingly.
· Designing new security solutions for different Projects in order to make the applications more secure.
· Making sure that the servers are PCI and SOX Compliant using Qualys GUARD Policy Compliance module.
· Implementing Privilege Identity management (Using CyberArk) and Multifactor authentication (using Safeword token) within ST environment.
· Performing Security Hardening of servers as per security guidelines.
· Doing POC for any new security product before they are implemented in the environment.
· Writing Technical documents for employees within the company in order to make sure Information security Standards are complied with.
|
Project Title |
CyberArk Privilege Identity Management Deployment |
|
Position |
Team Lead |
|
Responsibilities |
|
|
Project Title |
CyberArk solution Administration/ Customization |
|
Position |
Team Lead |
|
Responsibilities |
|
|
Project Title |
Vulnerability assessment and Management through Qualys Guard |
|
Position |
Team member |
|
Responsibilities |
|
|
Project Title |
Compliance monitoring through Qualys Guard tool |
|
Position |
Team member |
|
Responsibilities |
|
|
Project Title |
PKI based Authentication |
|
Position |
Individual Contributor |
|
Responsibilities |
|
|
Project Description |
There was a requirement from the Business to implement PKI based authentication between Windows and Linux machines. I was able to achieve the same using Opensh. This allowed important data transfer between Windows and linux machines and Vice versa using scripts without the need of embedding the Passwords in scripts. |
|
Project Title |
Domain Login (Two Factor Authentication) |
|
Position |
Individual Contributor |
|
Responsibilities |
Implementing use of one time passcode (event based and time based) for users so as to log onto their workstation.
|
|
Project Description |
The SafeWord Domain Login Agent (DLA) provides strong authentication for Windows Domain access using workstations or Terminal Services. The DLA Supports Windows XP/2003/2008/Vista.The Domain Login Agent (DLA) can be configured using the Active Directory Group Policy Object Editor (GPOE). The DLA requires that all domain users configured to use SafeWord and only log on to their workstations using Safeword passcode .Along with their passcode they would be entering their domain username and password. The agent also provides support for group configurations such as nested groups, Active Directory Group-based Host Exclusions/Inclusions (those not requiring SafeWord strong authentication). We can specific group of user under a domain who should be only allowed to log in incase they have their Safeword one time passcode. |
|
Project Title |
Handling Security Aspect of Windows environment |
|
Position |
Team member |
|
Responsibilities |
· Managing the Security Aspects of AD environment of the company.
· Created a standard document for server hardening for all the servers within the environment. · Make sure before any server is rolled out it goes through all the steps and is vulnerability free
|
Experience Summary (May2009 to July2011; Oct 2012 to July 2013):
SAFENET INFOTECH PVT LTD
Have worked in Past with Safenet InfoTech Pvt Ltd as Information Security Engineer. SafeNet is into providing Information Security solutions to its global clients on embedded and enterprise technologies.
JOB PROFILE:
· Integrating Information Security products into different customer’s environment. These products would be based on technologies like PKI, Two factor authentication (Safeword,RSA) ,Cryptography, Multifactor authentication including certificate based PKI usb authenticator(Etoken),Content filtering etc.
· Creating sample codes in JAVA and C# for the customers so that they can use their application with our products.
· Creating Customer release notes for new builds and assisting Engineering team in bug reporting and fixing them.
· Working as Administrator and setting up customer’s environment so as to implement different integrations.
· Integrate customer’s applications (Citrix Applications, Microsoft Outlook Web Access (OWA), Microsoft IAS, VPNs from Cisco, Checkpoint, Juniper and others) for multiple level of authentication to enhance security.
· Over three year of experience in customer interfacing, security consulting, pre sales and solution designing.
Work Profile:
• Writing technical documents and integration guides on PKI, Radius and two factor authentication.
• Researching and holding discussions with Engineering for proposing product enhancements.
• Help sales people to derive the business.
• creating sample codes in C# and java so as to integrate HSM(Hardware security module) in customers environment.
• Providing in-house training to internal and external customers.
• Preparing release notes for new builds and updating customers about the same.
• Managing Incidents through the CRM (Onyx) and providing resolution to the customer with in stipulated time frame.
Projects Handled in Safenet:
|
Project Title |
Integration of Datasecure(HSM) at application level |
|
Position |
Team member |
|
Responsibilities |
|
|
Project Description |
Datasecure is a Network attached encryption server that performs crypto operations and also act as a key store. In this project customer’s application are integrated with datasecure device so that all the encryption is done at the application level and the data that transferred to the database is already encrypted. This allows customers to get rid of any security threats that could have access to database. |
|
Project Title |
Database level Integration of datasecure(HSM) |
|
Position |
Team member |
|
Responsibilities |
|
|
Project Description |
Datasecure is a Network attached encryption server that performs crypto operations and also act as a key store. In this project customer’s database is integrated with datasecure device so that all database that is stored is in encrypted format. The encryption is done at column level and customer can encrypt any column in any table they want. This allows customer to make sure that the sensitive data is secure. The keys that encrypt data are stored on the datasecure server and can be accessed only through an authorized user. |
|
Project Title |
Single Sign On |
|
Position |
Team member |
|
Responsibilities |
Implementing use of Single Sign On (SSO) for windows logon, application logon, Web logon.
|