SUMMARY

• Areas of expertise in Enterprise Network and Security Design, Implementation & Risk Management
• Experienced in appropriate security solutions, architecture, designing, implementation, configuration, upgrades of Networking and Security equipment, troubleshoot routing protocols, Content switching, IDS and VPN
• Effectively designed and Implemented Network infrastructure for clients which resulted in increased new business and client satisfaction
• Proficient in Cloud Security Solution Design and assessment of security vulnerability
• Capable of producing a variety of solution documents that outlines process and procedure
• Completed Certification Arcsight Logger +6.0 Administration & Operations - HP Instructor Led
• Juniper Networks Certified Internet Assoc(JNCIA-502)
• Foundry Certified Network Engineer
• Certified on BSCN (Building Scalable Cisco Network)
• Completed Certified Check Point Security Administrator and Engineer Course (CCSA & CCSE)
• Competent in SIEM assessment for enterprise environment
• Integrated Arcsight & Splunk SIEM technology into client environment
• Knowledgeable in Cloud Access Security Brokers(CASB), Amazon Web services (EC2, S3, VPC, Cloud formation) and Google Cloud platform and NIST 800.53 framework
• Completed Checkpoint CloudGuard IaaS Specialist - Public Cloud Administrator
• Zscaler Certified Cloud Administrator Internet Access (ZCCA - IA)
• Completed LevelUP: PRISMA Cloud Channel Sales
• Valid Secret Clearance Holder

TECHNICAL SKILLS

Protocols: TCP/IP, RIP2, IGRP, EIGRP, OSPF, BGP, SNMP, Spanning tree, 802.1 & Static

Internetworking: Fast Ethernet, Giga Ethernet, T1, T3, SONET, OC3, OC12 and Frame-relay

Security: Checkpoint Firewall (R77.30, R80.10 &20),Cisco Security Manager (CSM), PIX FWSM, Encryption, GRE Tunneling and Load balancing, Cisco IDS, IBM Proventia IDS, AS 5545, SIEM( ArcSight, QRadar & Splunk), Ironport, FireEye, WAF.

Operating Systems: ASA 9.x.x. Win2000, UNIX and Bluecoat

IT Audit: IBM Information Technology Security Standards(ITCS104), SOX, ISO 27001 and 27002, SAS 70, PCI-DSS 3.1, IOSCO and NIST

Vendors: Cisco, Foundry, Checkpoint, F5, Palo Alto, FireEye, Websense, Nortel, HP, IBM, AT&T, and Dell, Fortinet, Amazon AWS, Microsoft Azure

Language: Python, Javascript, Solidity, Hyperledger

PROFESSIONAL EXPERIENCE

Senior Security Analyst

Confidential

Responsibilities:

• Manage day-to-day requests from the customer
• Troubleshoot outages and after changes traffic issue
• Incident response such as DDos, O/S vulnerability, DLP
• Log monitoring for Palo Alto, Cisco ASA, Checkpoint and Fortigate firewalls
• Worked on AWS and Zscaler cloud migration and support request
• Work with change management regarding any change or incident issue
• Educate others within the team and other teams
• Perform testing according to test plans, monitor and report on results, and work with clients on problem resolution
• Work as a team, supporting other members of the team in achieving project/business objectives and providing satisfactory client services

Setup & Troubleshooting: Firewalls policies, routing, NAT, IDS, IPS, VPN

Vendors and Hardware: Cisco ASA, Source FirePower IPS/IDS, FTD, Checkpoint R80.10, Juniper SRX, Fortigate, FortiAnalyzer, Palo Alto, Tufin,AWS, Zscaler

Solution Architect

Confidential

Responsibilities:

• Design and implemented AWS Landing zone / Control Tower including, network, security, account management, monitoring and logging and following the best practice architecture for security policy and governance objectives
• Define requirements and scope for network, security, monitoring and account management
• Define account strategy including account governance, cross-account Identity, federation capabilities and single sign-on (SSO)
• Designed and Implemented CloudWatch for monitoring
• Building VPC infrastructure, Cloudwatch and CloudTrail
• Knowledgeable in Account Vending Machine, Amazon Connect
• Knowledgeable in Patch management,
• Installed Palo Alto and Checkpoint firewalls, Docker Container on AWS cloud for lab environment

Design: AWS Landing Zone, Virtual Private Cloud (VPC), Identity Access Management (IAM), CloudTrail, Cloudfront CDN, S3 Bucket, EC3, Elastic Load Balancer

Setup: EC3, S3, ELB, VPC, Route53, CloudTrail, IAM

Delivery: Network Security Design and Architecture for Landing Zone including VPC, CLoudwatch, CLoudtrail, IAM,AWS Service, Cloudwatch Dashboard

Security Solution Architect

Confidential

Responsibilities:

• Lead the delivery of the security solution design based on business, operational, technical and security requirements, as well as IT strategies
• Providing security solutions for presales bid management & complex solutions and providing security architectural support for existing customers ( Transition & Transformation)
• Managed various stakeholder groups to ensure the right solution is developed that meets the client's requirements
• Assisted in optimizing the development and completion of comprehensive financial analysis of proposed solutions developed and get approval at appropriate sign-off levels
• Engaged with sales specialists and account team (account managers, design engineers, solution architects, product managers, operations managers, and others) to develop security solutions which met clients’ business requirement and align with Confidential ’ offering
• Research new technology developments and industry trends; and recommend technologies that will enhance productivity and the achievement of the client’s business requirements
• Solutions include SIEM (Arcsight & Splunk),Palo Alto firewall, Cisco ASA, Web Application Firewall (F5 ASM)
• Contributed to the development of the overall Cyber Security Solution Architecture processes for clients including standards and templates
• Provided consulting on and assessed log integration of client sensitive data to its SIEM solution for the purpose of security, log retention and compliance.
• Involved in evaluating customer’s Security Standard and providing recommendation
• Selected and evaluated security solutions or enhancements to existing security solutions to improve overall protection levels and respond to RFP

Security Architect

Confidential

Responsibilities:

• Security planning and design for one of the largest retail chain store in Canada
• Lead the development of security solutions that matches customer security requirements
• Assessed the technology solutions for compliance based on ISO27001, ISO27002 and PCI-DSS3.1 framework
• Solutions include Palo Alto firewall, Web Application Firewall(WAF) (F5 ASM), Big Data (Hadoop), Identity Access management (IAM), 2Factor Authentication and others.
• Involved in several projects and managing projects expectations
• Conducted Proof of Concept (POC) for Data storage Encryption
• Involved in firewall change requests on Checkpoint and Palo Alto firewalls
• Worked with security audit team and involved in vulnerability assessment and discussed testing techniques
• Assisted in multimillion-dollar projects aligning business goals with technology solutions to drive process improvements, competitive advantage and bottom-line gains.
• Worked with external partners and internal business stake holders providing support and guidance
• Involved in rule remediation project for security risk analysis