Senior Network Technology and Cyber Security Specialist
Keywords
Problem Solving
Microsoft Azure
Routing
Virtual Private Networks (VPN)
Firewalls (Computer Science)
Amazon Web Services
Cloud Computing
Computer Security
Infrastructure Management
Risk Analysis
Skills
Key Responsibilities:
- Work closely with the Project Managers to manage the Project Schedules / timelines, providing leadership and direction to the Delivery teams.
- Mindset that is excellent at solving problems and finding solutions.
- Ability to manage and collaborate with stakeholders and people.
- A good understanding of IT project estimation, budgeting processes, and Project / Program Governance such as Project Planning, Resourcing, Scheduling Deliveries, Work Allocation, Risk & Issue Management, and Communication Management.
- Knowledge of cloud technologies, adoption of Open Source components, and customization of these components.
- Network and Security design for more efficiency, implementing multisite infrastructure in Data Center.
- Accountable for wired and wireless Network Infrastructure design, validation, and implementation.
- Responsible for Cloud Networking (Azure and AWS) design, validation, and implementation.
- Azure Networking solution implementations, VNET, NSG, Hub and Spoke, Express route VPN’s and UDR. Azure Security solution Implementation such as NSG and NVA Firewalls.
- NPM, NCM tools (SolarWinds) to monitor, evaluate, and report health statistics of WAN, LAN, and systems.
- Management experience with major SIEM solutions, including Splunk.
- Perform advanced level of troubleshooting on issues related to on-prem and Cloud Networking infrastructure.
- Hands-on experience in supporting Palo Alto firewalls, Routing and Switching domain, Cisco SDN solution ACI, Nexus Switching. Experience in setting up site-to-site VPN tunnels including troubleshooting.
- Cisco ACI (Software Defined Network): Good knowledge in end-to-end implementation & operations of Cisco’s SDN solution ACI and its various components. Such as physical installation and connections of the Spine & its modules, Leaf’s, APIC’s.
- Configuration & Troubleshooting of ACI: Tenants / VRF’s / Bridge Domains / Application profiles, EPG;s / Contracts / VPC’s / Interface policy groups / Interface profiles / Leaf profiles / Service graphs / VMM integration / Software upgrades / configuration snapshots & backups on APIC or FTP or SFTP server / L2 and L3-Out / static & dynamic routing / change, planning and implementation.
- Routing & Switching: Configuration and troubleshooting routing protocols (IP / BGP / OSPF / EIGRP / IGRP / RIP) HSRP / redistribution / route-summarization / route filtering (route map / prefix list / access list). Static routing / SSH / AAA radius & Tacacs / L2 & L3 Switching (VLAN / VTP / STP / VSS / TCP/IP / SNMP / DHCP/Snooping / Ether-channels / Switch stacks / Port mirroring (SPAN) / MAC & NAC based Port security / IOS upgradation / hardening of devices as per CISO’s compliance / password & configuration recovery.
- Documentation: Project Documentation /HLD & LLD / SOP’s/ Network diagrams in PPT and Visio / DR Failover documents / Inventory / Network Risk assessments / daily, weekly & monthly reports.
- Perform advanced level troubleshooting on issues related to Site-to-Site VPN, Bandwidth management solutions, Load balancers and network infrastructure.
- Deploying, configuring, managing, and troubleshooting different security NVA solution deployed in Azure, AWS like FortiGate, Palo Alto, F5 and Broadcom secure web gateways.
- Provide root cause analysis report with permanent resolution/workaround for high severity incidents within defined SLA.
- Administration and hands-on of Web Security, WAF, Firewall, IPS, IDS, DDOS, VPN, SIME, Email Security, Sandbox (malware Scanner), Proxy Service, DLP (Data Loss Prevention), EDR, MFA (Multi Factor Authentication), SSO Identity Management and XDR (Extended Detection and Response).
- In Cyber Security Offensive Security (Red Team) NMAP, TheFatrat, PowerSpolit Cobalt Strike, Metasploit Framework, Empire is among the exploitation and post-exploitation frameworks I am proficient in hacking tools.
Project history
03/2023
-
03/2023
Key Responsibilities:
* Network and Security design for more efficiency, implementing multisite infrastructure in Data Center.
* Accountable for wired and wireless Network Infrastructure design, validation, and implementation.
* Responsible for Cloud Networking (Azure and AWS) design, validation, and implementation.
* Azure Networking solution implementations, VNET, NSG, Hub and Spoke, Express route VPN's and UDR.
Azure Security solution Implementation such as NSG and NVA Firewalls.
* NPM, NCM tools (SolarWinds) to monitor, evaluate, and report health statistics of WAN, LAN, and systems.
* Management experience with major SIEM solutions, including Splunk.
* Perform advanced level of troubleshooting on issues related to on-prem and Cloud Networking
infrastructure.
* Hands-on experience in supporting Palo Alto firewalls, Routing and Switching domain, Cisco SDN solution
ACI, Nexus Switching. Experience in setting up site-to-site VPN tunnels including troubleshooting.
* Cisco ACI (Software Defined Network): Good knowledge in end-to-end implementation & operations of
Cisco's SDN solution ACI and its various components. Such as physical installation and connections of the
Spine & its modules, Leaf's, APIC's.
* Configuration & Troubleshooting of ACI: Tenants / VRF's / Bridge Domains / Application profiles, EPG;s /
Contracts / VPC's / Interface policy groups / Interface profiles / Leaf profiles / Service graphs / VMM
integration / Software upgrades / configuration snapshots & backups on APIC or FTP or SFTP server / L2
and L3-Out / static & dynamic routing / change, planning and implementation.
* Routing & Switching: Configuration and troubleshooting routing protocols (IP / BGP / OSPF / EIGRP / IGRP
/ RIP) HSRP / redistribution / route-summarization / route filtering (route map / prefix list / access list).
Static routing / SSH / AAA radius & Tacacs / L2 & L3 Switching (VLAN / VTP / STP / VSS / TCP/IP / SNMP /
DHCP/Snooping / Ether-channels / Switch stacks / Port mirroring (SPAN) / MAC & NAC based Port security /
IOS upgradation / hardening of devices as per CISO's compliance / password & configuration recovery.
* Documentation: Project Documentation /HLD & LLD / SOP's/ Network diagrams in PPT and Visio / DR
Failover documents / Inventory / Network Risk assessments / daily, weekly & monthly reports.
* Perform advanced level troubleshooting on issues related to Site-to-Site VPN, Bandwidth management
solutions, Load balancers and network infrastructure.
* Deploying, configuring, managing, and troubleshooting different security NVA solution deployed in Azure,
AWS like FortiGate, Palo Alto, F5 and Broadcom secure web gateways.
* Provide root cause analysis report with permanent resolution/workaround for high severity incidents within
defined SLA.
* Administration and hands-on of Web Security, WAF, Firewall, IPS, IDS, DDOS, VPN, SIME, Email Security,
Sandbox (malware Scanner), Proxy Service, DLP (Data Loss Prevention), EDR, MFA (Multi Factor
Authentication), SSO Identity Management and XDR (Extended Detection and Response).
* In Cyber Security Offensive Security (Red Team) NMAP, TheFatrat, PowerSpolit Cobalt Strike, Metasploit
Framework, Empire is among the exploitation and post-exploitation frameworks I am proficient in hacking
tools.
* Network and Security design for more efficiency, implementing multisite infrastructure in Data Center.
* Accountable for wired and wireless Network Infrastructure design, validation, and implementation.
* Responsible for Cloud Networking (Azure and AWS) design, validation, and implementation.
* Azure Networking solution implementations, VNET, NSG, Hub and Spoke, Express route VPN's and UDR.
Azure Security solution Implementation such as NSG and NVA Firewalls.
* NPM, NCM tools (SolarWinds) to monitor, evaluate, and report health statistics of WAN, LAN, and systems.
* Management experience with major SIEM solutions, including Splunk.
* Perform advanced level of troubleshooting on issues related to on-prem and Cloud Networking
infrastructure.
* Hands-on experience in supporting Palo Alto firewalls, Routing and Switching domain, Cisco SDN solution
ACI, Nexus Switching. Experience in setting up site-to-site VPN tunnels including troubleshooting.
* Cisco ACI (Software Defined Network): Good knowledge in end-to-end implementation & operations of
Cisco's SDN solution ACI and its various components. Such as physical installation and connections of the
Spine & its modules, Leaf's, APIC's.
* Configuration & Troubleshooting of ACI: Tenants / VRF's / Bridge Domains / Application profiles, EPG;s /
Contracts / VPC's / Interface policy groups / Interface profiles / Leaf profiles / Service graphs / VMM
integration / Software upgrades / configuration snapshots & backups on APIC or FTP or SFTP server / L2
and L3-Out / static & dynamic routing / change, planning and implementation.
* Routing & Switching: Configuration and troubleshooting routing protocols (IP / BGP / OSPF / EIGRP / IGRP
/ RIP) HSRP / redistribution / route-summarization / route filtering (route map / prefix list / access list).
Static routing / SSH / AAA radius & Tacacs / L2 & L3 Switching (VLAN / VTP / STP / VSS / TCP/IP / SNMP /
DHCP/Snooping / Ether-channels / Switch stacks / Port mirroring (SPAN) / MAC & NAC based Port security /
IOS upgradation / hardening of devices as per CISO's compliance / password & configuration recovery.
* Documentation: Project Documentation /HLD & LLD / SOP's/ Network diagrams in PPT and Visio / DR
Failover documents / Inventory / Network Risk assessments / daily, weekly & monthly reports.
* Perform advanced level troubleshooting on issues related to Site-to-Site VPN, Bandwidth management
solutions, Load balancers and network infrastructure.
* Deploying, configuring, managing, and troubleshooting different security NVA solution deployed in Azure,
AWS like FortiGate, Palo Alto, F5 and Broadcom secure web gateways.
* Provide root cause analysis report with permanent resolution/workaround for high severity incidents within
defined SLA.
* Administration and hands-on of Web Security, WAF, Firewall, IPS, IDS, DDOS, VPN, SIME, Email Security,
Sandbox (malware Scanner), Proxy Service, DLP (Data Loss Prevention), EDR, MFA (Multi Factor
Authentication), SSO Identity Management and XDR (Extended Detection and Response).
* In Cyber Security Offensive Security (Red Team) NMAP, TheFatrat, PowerSpolit Cobalt Strike, Metasploit
Framework, Empire is among the exploitation and post-exploitation frameworks I am proficient in hacking
tools.
Certifications
CCIE Data Center
Cisco
2023
PCNSE
Palo Alto
2023
CEH
EC Council
2023
Local Availability
Only available for remote work
Other
Summary
- More than 15+ year’s extensive experience as DC Network, Security, Cloud Networking & Security and Cyber Security Profession.
- Designing and implementation of Data Center Virtualization Solution, Cloud Networking, Security (Azure and AWS) design, validation, and implementation (VNET, NSG, Hub and Spoke, Express route VPN S2S, UDR, Hub & Spoke structure, Azure AD & Firewall, Network Security, Manage Identity and Access).
- Designing and implementation of DC & Campus Network, Wi-Fi Network, and system infrastructure for the Data Center. Cisco ACI, SD WAN, SD ACCESS, NAC, UCS, Nexus Switches.
- Designing and implementation of Network and Security Solution Policy, Access list, Site to Site VPN in next generation firewall FTD, FMC, Cisco ISE dot1x, ISE Compliance policy, dynamic profiling, posture security, SIEM (Security Incident & Event Management), Splunk logs, BYOD, Cisco AnyConnect VPN, ISE, RSA token Authentication and Palo Alto Next generation FW, Panorama, Firewall Configuration, Firewall Deployment, Firewall Management, Firewall Troubleshooting, PAN-OS, Prisma Access and Cyber-attacks. Network Security, Vulnerability Scanning, Log Management, Security products such as TCP/IP, Routing, Firewall, IPS, IDS, Proxy, SSL VPN, Load Balancer, WAF, AntiSpam Antimalware Sandbox, Antivirus EDR and XDR.
- Knowledge and hands-on Offensive Cyber Security (Red Team), IS Governance Frameworks and Tools (NIST, COBIT, ITIL, CISM) etc. Experience working in Cyber Security Technologies, penetration testing, SIEM Solutions, understanding of the Cyber Kill Chain Model, MITRE-ATT&CK, and TTP. Red Team tools, OSINT (Passive Attacks), Maltego, Social Engineering Toolkit (SET), SHODAN, OWASP-AMASS, SNIPER, Burp Suite, NMAP, TheFatrat, PowerSpolit Cobalt Strike, Metasploit Framework, Empire & many more are among the exploitation and post-exploitation frameworks.
