MARIAN JOHN SECURITY ENGINEER

Developed and implemented an enterprise security program for an ed-tech startup, ensuring strong cybersecurity. Managed Incident Response for a phishing attack, swiftly mitigating threats and minimizing damage. Developed a security plan and roadmap integrating SIEM, IDS, firewalls, and compliance with NIST, ISO, and cyber laws.

Led the development and implementation of an integrated security solution using IPS, IDS, and EDR technologies. Performed network security assessments, identified vulnerabilities, deployed endpoint security, and enforced DLP strategies. Implemented SOAR tools for efficient incident response and disaster recovery.

Comprehensive cloud security implementation covering IAM, AWS GuardDuty, WAF configurations, and security hardening across AWS and Azure environments. Focused on cloud security compliance and best practices.

Hands-on penetration testing projects covering web application exploitation, network attacks, privilege escalation, and post-exploitation techniques using industry-standard tools.

Implementation of secure coding practices, vulnerability analysis, and building secure applications. Focus on preventing common vulnerabilities like SQL injection, XSS, and CSRF.

Low-level binary exploitation, reverse engineering, and vulnerability research in C programs and Unix systems. Includes buffer overflow, format string exploits, and return-oriented programming.

Network security implementations including packet analysis, intrusion detection, firewall configurations, and network-based attacks and defenses.

Comprehensive exploration of security tools and frameworks used in information security, including SIEM, vulnerability scanners, and security automation.

Security analysis and exploitation of embedded systems, IoT devices, and hardware security including firmware analysis and hardware hacking techniques.