RB

Rohit Bhola

available

Last update: 28.11.2022

Cryptographic, PKI, Encryption Consultant

Graduation: not provided
Hourly-/Daily rates: show
Languages: English (Full Professional)

Keywords

Cryptography Microsoft Azure Cloud Computing Hardware Security Module Virtual Private Networks (VPN) Public Key Infrastructure Firewalls (Computer Science) Application Programming Interfaces (APIs) Amazon Web Services Proxy Servers + 34 more keywords

Attachments

rohit_bhola_2022.pdf
Rohit-Bhola-2022_281122.pdf

Skills

Cryptography, FIPS, PCI, APIs, cloud, Key Management, Cyber Security, HSM, Hardware Security Module, Encryption, AZURE Cloud, SSL, Network Security, PCI-DSS, SOX, JWT, AWS, GCP, AZURE, PKI, UNIX, LINUX, firewalls, R70, R75, R76, ISG1000, ISG2000, SSGs, Cisco ASA, Wireshark, TCPDUMP, VPNs, firewall, Bluecoat Proxy Server, Blackberry, Wide Area Networks, PIX, ASA, BGP, HSRP, GLBP, RSTP, network performance, core routing, LAN, WAN, Cisco Catalyst 6500s, routers, Sniffer, Ethereal, CiscoWorks, Ethernet, OSPF, VLANs, STP, DHCP, DNS, DSL, ISDN, Frame Relay, VPN, CHAP, IPSEC, Tacas+, Radius

Project history

05/2018 - 01/2020
Subject Matter Expert - (Cryptographic Services)
HSBC

Working within the Cyber Security Maturity Improvement Programme for
delivering improvements in the Cryptographic Services space for HSBC
Global Cryptographic Estate . As a Tech Consultant for the Cryptographic
services, my role is to:
* Design and implement Remote Management and pro-active Monitoring for
the global HSM Estate (Thales payShield and nCipher nShield HSMs),
within the Bank.
* Working as a subject matter expert in Cryptography field to support a team
in delivering engagements at scale.
* Providing training and mentorship to BAU teams on technical subjects and
Implementing industry best practice security standards.
* Assist with the Secure Key Management activities during the upgrade of
the Hardware Security Module (HSMs)
* Define and update policies and procedures in line with various regulatory
compliance frameworks (PCI/NIST) for use of the tools and the
responsibilities.
* Producing Business Requirement Documents (BRD), Solution Design
Document (SDD) conforming to the best security practice.
* Defining, discussing and getting approvals for various Critical Success
Factors with Higher Management.
* Identifying, Assessing and raising and managing Risks and Issues through
out different stages of the project.
* Work with Vendors to get resolutions to the issue faced
* Deploying Encryption and Cryptography on the AZURE Cloud using
nCipher Bring Your Own Key (BYOK) Solution.
* Also as part of the project, involved in rolling out the Venafi Trust
Protection Platform for SSL certificates and SSH key management.

09/2012 - 04/2018
Network Security and Cryptography Specialist
Santander UK

Being part of Network Security team, I have been involved in various tasks.
Some of the responsibilities include:
* Reviewing and managing the Key Management Procedure keeping in
mind the Audit Requirements by various schemes like VISA, and LINK.
* Defining policies to make sure the compliance against Standards like
PCI-PIN, PCI-DSS and SOX.
* Providing consultancy and support to various Payments and web
applications teams about the use of various cryptographic tools like
Digital Signatures or Symmetric Encryption to secure the applications.
* Managing Cloud HSM and associated keys for various applications
requiring Json Web tokens (JWT) to be signed and/or encrypted.
* Implemented the encryption within the Various Cloud (AWS/GCP and
AZURE) environments - Using Various tools like Thales Vormetric, DSM
and Bring your own key (BYOK) solution using the Thales nShield.
* Implementation and management of PKI infrastructure including Internal
and Externally signed Certificates in various different formats
(.pfx/.cer/.p12 etc).
* Evaluated various automated certificate and SSH key management tools
including Venafi, AppViewX and Comodo.

WINDOWS/UNIX/LINUX

03/2008 - 01/2012
Technical Consultant
Telindus Ltd

My Role and Responsibilities as a Technical Consultant were:

* Worked on Network Optimization Project as a Technical Lead and
managing a team of up to 5 Technical engineers and provide technical
input on networking environment for secured sites of various clients such

as Bucks County Council, Yell, Debenhams and other large enterprise
networks.
* Liaise with the customers to understand their network, provide reports &
recommendations which meet the technical requirements detailed to
support the success of business opportunities.
* Manage full lifecycle for solutions development test and deployment.
* Generating conceptual, logical, and physical network architectural network
design as per customer's requirements.
* Assisting during the full life cycle of the project lifecycle from ordering and
procurement of kit through to the testing, implementation and support of
global, internal, data and voice communication systems, including Local
Area Networks (LANs), Wide Area Networks (WANs), and voice networks
for big corporate customers like DLA piper, Robert Mcbrides and various
Tier 1 and Tier 2 service providers like Virgin Media, Griffin Internet,
Claranet and Reliance Globalcom.
* Designed and implemented high availability managed solutions utilizing
PIX, ASA, BGP, HSRP, GLBP and RSTP
* Troubleshoot network performance issues, as well as analyse network
traffic and provide capacity planning solutions.
* Provide high level technical support to the Remote Resolution team in
various complex issues relating to Firewalls, VPNs and core routing and
switching.
* Conducting design reviews for various projects for Westminster City
Council and supporting the Wireless Parking Camera infrastructure.
* Liaise with management and support teams in pursuit of technically
excellent network solutions.
* Write technical and business documentation for Remote Resolution Team
to assist them in supporting the solution proposed.
* Visiting Customer Network Sites/Data Centre to perform ongoing
maintenance & network troubleshooting.

10/2007 - 11/2007
2nd Line Network Support Engineer
Camden Council

My duties within this role included:
* Supporting, maintaining, monitoring, optimising and ensuring the existing
and expandability of the LAN and WAN environments of these clients
using Real Time Network Control monitoring tool.
* Maintaining and upgrading the image on the Supervisory Engines and
Multi-Layer Switch Functionality blades on their Cisco Catalyst 6500s.
* Hardware, software, installations, and the configuration of Firewalls,
routers, switches, user account administration, troubleshooting and
upgrades in a fast-paced, 24x7 environment.
* Troubleshooting network issues and monitoring network performance
assuring Business continuity to Clients and keeping to their SLA using
various tools like Sniffer, Ethereal, and CiscoWorks.
* Configuration and high level troubleshooting of VPLS service in an IP
network of Alcatel 7750 Service Router connected by Ethernet
connections and using OSPF or IS-IS as routing protocols.
* Install and Document LANs (VLANs, STP, QOS, Cabling, DHCP &
DNS), WAN (DSL, ISDN, Frame Relay, Leased Circuit) and
security(VPN, CHAP, IPSEC, Tacas+ & Radius)

Local Availability

Only available in these countries: United Kingdom
Flexible with Travel.
Profileimage by Rohit Bhola Cryptographic, PKI, Encryption Consultant from MiltonKeynes Cryptographic, PKI, Encryption Consultant
Register