Experiences at cognizant technology solutions

Cognizant Technology Solutions Corporation, TEANECK, nj
1/03 - 12/03

JP Morgan, Newyork, NY
Vulnerability Assessment of critical Servers (Consultant)
9/03 - 11/03

To remotely assess and analyze the systems and/or resources of JP Morgan across wide spread locations, as seen from outside the system's local area network (LAN). This provides a "hacker's eye view" of the system to discover its potential vulnerabilities and weaknesses to possible hacker penetrations or attacks.

Responsibilities included:

Performed vulnerability assessments of distributed networks and critical enterprise servers using open source methodology from ISECOM and tools.
Developed strategies and processes for driving towards remediation of vulnerability issues discovered.

Environment:

Nessus, NMap, MBSA, Shavlik HfNetChk, Ethereal, Whisker, ISS Internet & Database Scanner; Windows NT 5.0, IIS 5.0 and MS SQL Server


Union bank of california, LOs ANGELES, CA
Security Audit "Banking Infrastructure" Project (Consultant)
7/03 - 9/03

The scope of the audit is targeted at banking technology areas and operational support functions throughout the enterprise.

Responsibilities included:

Performed security reviews of various trading platforms, Internet-based operations, communications infrastructure, emerging technologies, and disaster recovery.
Created effective security audit documentation, supporting work performed, including formal communication on audit results.
Delivered effective presentations to management on summary of work performed, findings and proposed solutions to mitigate risk.

Environment:

Solaris 2.7/8, F5 , Nokia & Check Point Firewall, Cisco Routers & Switches, HPOV, IBM DB2, IBM WebSphere Application Server and IBM MQ Series

Cognizant Technology Solutions Corporation
Identify & Remediate "Unmanaged Hosts" (Internal)
2/03 - 4/03

CTS Security Engineering initiated this project after the outbreak of the "Slammer" worm in the year 2003. After the outbreak, it was determined that the majority of infected machines were "rogue" PC's and Servers attached to the CTS wires that were not being effectively managed. I worked to identify these machines using CERT's advisory and the tools. We could then query for any machine that did not meet the proper installation criteria (out-of date NAV, security patches, etc). We then either contacted the owners, or remotely connected to the host to remediate. We initially identified over 400 hosts that were not managed and reduced that number to zero.

Responsibilities included:

Working with every major IT group at CTS, engineering, development, etc. to identify ownership and set remediation deadlines.
Coordinating remediation efforts with London and Asia branches.
Developing SQL queries to identify rogue machines.
Using remote management tools to connect and remediate hosts as needed.

Environment:

SQL Server 2000, Fsecure's F-Slammer, Symatec's W32.SQLExp.Worm removal tool, SQL queries and Windows NT...