Lead Security Engineer Resume

SUMMARY

GCIH, GDSA, GDAT and Cisco Certified Security Engineer with over 5 years of experience in network design and security operations, forensics investigations and incident handling experience for perimeter and endpoint security Firewalls, IPS, Web Proxy, Cloud Firewalls, automation & orchestration, audit and compliance tools and Endpoint security and management.

TECHNICAL SKILLS

Perimeter Security: PAN firewalls, Cisco ASA and FTDs, Checkpoint, Fortinet firewalls, ZScaler Proxy and private access, Cisco ACI Fabric

NAC: TACACS+, RADIUS, Cisco ACS 5.8, Cisco ISE, Aruba ClearPass

Network Monitoring: Solar winds, Riverbed, Wireshark, tshark, SevOne, Stat seeker

EDR & EDM: Cylance, Crowdstrike, Cortex XDR, Tanium and Cortex XSOAR

SIEM: Splunk enterprise, HP Arc sight ESM, Google Chronicle, Qradar

IR and Forensics Tools: EnCase, FTK, SleuthKit, Cellebrite, X - Ways, Sift, Volatility, Rekall & REMnux

PROFESSIONAL EXPERIENCE

Confidential

Lead Security Engineer

Responsibilities:

Experience in cloud based Incident Response and Monitoring services in AWS.
Design and development of Security Operations process and procedures.
Developed IR playbooks for Standard Attack vectors for automated response.
Experience conducting vulnerability assessments, code reviews, against web application and services or native applications/services to find flaws and exploits.
Architect, Design and strategize Zero-Trust Architecture enterprise wide.
Lab and PoC experience with PAN Cortex XSOAR and XDR(Traps).
Power User Experience for SIEM solutions in Splunk.
Design and deployment of SSL Decryption for SSL forward Proxy, Inbound inspection for Palo alto Networks firewalls and Zscaler proxy.
Experience with security operations and forensics investigations for IPS tuning, URL filtering and DNS Sinkhole for Cisco FTD and PAN firewalls
Work closely with product and platform teams to engineer and implement cloud security controls with a focus on DevSecOps.
Defined and developed Threat hunts based on MITRE Framework and working with MSSP.
Experience with TableTop Exercises for Managed hunts across the environment.

Confidential

Lead Security Engineer

Responsibilities:

Design, configuration, deployment and maintenance of the Palo Alto Networks threat prevention profiles (IPS), URL Filtering, User-ID, DNS Security, Anti-virus, Wildfire and Panorama.
Design, configure and deploy ACI Segmentation, tenant and contracts working towards for Zero-Trust Network Architecture.
Experience with configuring Autofocus and Minemeld miners for security operations and forensics investigations.
Experience configuring and deploying SAML SSO and SCIM provisioning with Microsoft Azure AD.
Incident handling and forensics investigation experience leveraging PAN firewalls, Zscaler proxy, Crowdstrike, Tanium etc.
Design, configure and deploy conditional access (MFA) within Microsoft Azure enterprise wide.
Experience with Tanium administration and operations in Interact, Deploy, Protect, Connect, Asset and Threat Response module in Tanium.
Design and configuration experience with the network orchestration tool Skybox
Design, Deployment and maintenance of the Zscaler proxy and Zscaler private access.
Experience with DNS security rules for Infoblox.
Experience with designing security workflows, process workflows and information governance.
Experience of designing and incorporating technical security controls that align to industry standards (ex: NIST r4).

Confidential

Network Design Engineer

Responsibilities:

Experience configuring Cisco NextGen Firewall 5516-X and addressing the Design constraints.
Successful migration of Legacy IPS to Firepower module on Cisco ASA 55XX series.
Experience with Design and migration of ACS 5.8 to Cisco ISE 2.2 and NAC.
Migration of Cisco and palo alto firewalls to PAN firewalls.
Deployment and maintenance of the ZScaler internet Access.
Experience creating Splunk reports and dashboards for Metrics.
Design, Deployment and configuration of Checkpoint GAIA R80 Firewalls and IPS and url filtering blades.
Defined and documented standards for enterprise-wide network security devices with Cisco/Tufin/Checkpoint best practices and ensured compliance to PCI DSS, GDPR.
Design Experience and working Knowledge of Cisco Encore for traversing the traffic from FMC Console to the ArcSight server.
Experience with Defining the Signature for the Security posture on the FMC Console and configuring the HA for FMC Console.
Hands-on experience with the network orchestration tool Tufin and NETMri.
Design and implementation of the High Availability for the Firepower Manager i.e. FMC Console to address the issue of the Single point of Failure.

Confidential

Security Analyst

Responsibilities:

Design, Build and Implement Cisco best practices configuration on Cisco network Security devices.
Experience in administering antivirus solutions in an enterprise class environment especially in administering and supporting the Cylance and McAfee Endpoint Protection.
Experienced with Cisco IPS and PAN IDS/IPS technologies and vulnerability assessment tools & monitoring.
Experience integrating complex multi-vendor solution using open standard protocols and APIs (e.g. SOAP, XML, and vendor APIs).
Experience with enterprise vulnerability and assessment tool rapid7.
Outstanding experience in designing and configuring of Layer 2 / 3 networking features such as VLAN, ISL, STP, VTP, 802.1X, PortSecurity, L2PT and SPAN.
Troubleshooting issues related to Security Devices and co-ordination with Cybersecurity team to harden the security posture of the Network Devices.
Update logical and physical network diagrams for data center, backbone and campus in Visio.
Worked on Infoblox DNS IPAM for DNS/DHCP setup, management and forward, reverse lookup.
IPsec; knowledge of main, extended & quick mode; ISAKMP, IKE & ESP
Hands on experience with a packet sniffer, TCP DUMP and Wireshark for packet monitoring.

Confidential

Network Lab Assistant.

Responsibilities: