| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name
Ph: PHONE NUMBER AVAILABLE EMAIL AVAILABLELinkedIn profile: LINKEDIN LINK AVAILABLEObjectiveAn experienced network professional having around 9+ yrs. of professional industry experience as Network engineer and seeking an opportunity to enhance my skillset in Network security services.SummaryExperienced Network Engineer with a demonstrated history of working in the information technology and services industry. A strong information technology professional skilled in Cisco IOS, Technical Support, Secure Sockets Layer (SSL), SSL Certificates, Palo Alto Firewalls, Checkpoint Firewalls, Cisco ASA & FP Firewalls, Juniper Firewalls.Experience in routing, switching, firewall technologies, system design, implementation and troubleshooting of complex network systems.In-depth knowledge of deploying and troubleshooting LAN, WAN, Frame-Relay, Ether-channel, IP Routing Protocols - (RIPV2, OSPF, EIGRP & BGP), NAT, VLAN, STP, VTP, HSRP & GLBP, QoS.Experienced in performing URL and web content filtering in Zscaler and Bluecoat Proxy secure web gateways.Experienced in implementing and providing operational support for B2B VPNs, Extranets, site-to-site VPNMPLS & MPLS-VPN.Experienced with AWS (VPCs, VPC peerings, Transit Gateway, EC2, CloudFormation Stacks, Cloud Watch logs, Cloud Trail, IAM policies, Route 53, Direct Connect, Global Accelerator, CloudFront, Network Load Balancers and Application Load Balancers).Experience in Aruba Wireless, Meraki Wireless and Ubiquiti Wireless Technologies.Have experience on different network tools like Tufin, Firemon, Algosec, Splunk, IBM Qradar.Good Understanding of various security frameworks, attack vectors and methodologies (e.g. MITRE ATT&CK, NIST, CIS, etc)..Good experience working on Endpoint security solutions such as Crowdstrike, PAN Cortex-XDR, Trend Micro, Symantec, VMware Carbon Black, etc.Hands-on technical expertise with IDS/IPS implementation, both network-based and host-based with multiple technology providers such as Palo alto, cisco, checkpoint, snort, Fire eye, etc.Development, implementation, troubleshooting and maintenance of network & security environments such as Cisco routers and switches, multiple vendor firewalls.Dealt with monitoring tools like (CA Network performance management, NetScout nGenius Client, SolarWinds, Logic Monitor, Cisco Prime), network packet capture tools like Wireshark.Good understanding and experience in migration from multiple vendor technologies to Next Gen Palo Alto Firewall.Experienced configuring and staging RAS-vpn technologies such as PA Global protect, Juniper Pulse, Cisco AnyConnect with multi factor authentication technology providers such as Microsoft MFA, RSA SecureID, Okta & Duo security.Experienced in integrating multiple Fortinet security products into cohesive Security Fabric architectures, enabling seamless communication and threat intelligence sharing across different security layers within the network infrastructure.Proficient in leveraging FortiManager for centralized security policy management, configuration updates, and automation tasks, streamlining administrative workflows and ensuring consistent security posture across distributed environments.Successfully deployed Forescout NAC appliances across the network infrastructure, ensuring seamless integration with existing systems.Integrated Forescout NAC with various network components such as switches, routers, and authentication servers, enabling comprehensive visibility and control.configuring and managing FireMon Firewall Management solutions, ensuring optimal firewall performance and security posture.Utilized FireMon's robust features to streamline and optimize firewall rule sets, enhancing network security while minimizing complexity and rule conflicts.Successfully deployed Forescout NAC solutions across multiple network environments, ensuring seamless integration and minimal disruption to operations.Demonstrated expertise in configuring Forescout CounterACT platform to enforce network access control policies based on device visibility, user identity, and security posture.Build & test network models in tools such as Riverbed Netplanner or Cisco modelling labs, to anticipate the impact on production changes.Implement, Configure, Maintain, Fine-tune & troubleshoot McAfee Data Leak Prevention (DLP) Solution.Worked with network load balancers F5 Big IP, both LTM & GTM.Worked with Information security office to remediate network vulnerabilities with scanning tools such as IBM Qradar, Nessus and Qualys vulnerability scanner.Knowledge of DNS, DHCP, Domain controllers, Active Directory and Group Policies in AD.Experienced in shell/bash scripting to push major network changes during a scheduled window.Familiar with network automation scripting languages Python, Perl, Bash & Tool command language (Tcl).Well skilled in configuring protocols like HSRP, VRRP, GLBP, SSH, ICMP, IGMP, PPP, HDLC, SNMP and SMTP.Experienced implementing authentication protocols such as LDAP, TACACS+ & RADIUS across network devices for access control & privilege management.Implement automated deployment scripts using tools like Ansible or Python to streamline the installation process of IOS-XR across multiple devices simultaneously.Utilize configuration management tools such as Puppet or Chef to maintain consistency and enforce configuration standards across IOS-XR devices.Familiarize with feature sets available in IOS-XR and activate specific features as per network requirements using feature sets like IP/MPLS, BGP, MPLS-TE, Segment Routing, etc.Utilize feature-specific licenses and entitlements to enable advanced functionalities such as MPLS VPNs, IPsec VPNs, Multicast, etc., ensuring compliance with licensing agreements.Technical SkillsRouters & Switches(Cisco ASR, Catalyst & Nexus series, Arista, Brocade and Juniper devices)Routing ProtocolBGP, OSPF, EIGRP, IGRP, IGMP, RIP, IS-IS), ISR, ASR, Routed Protocol TCP/IP, Multicasting (PIM), OMP.LAN ProtocolVLAN, VxLAN, PVLAN, VTP, Inter-vLAN routing, ISL, dot1q, ARP, CDP, STP, IS-IS, RSTP, MSTP, ISL PVST, LACP, HSRP, VSS, GLBP, VPC, VDC, Ethernet, Port security.WAN TechnologyFrame Relay, WiSM Module in 6509, X.25, L2VPN, L3VPN, E1/T1/DS1/DS3,ISIS,MPLSNetwork ManagementSNMP v2, v3, Cisco Works, 3Com Network Analyzer, MRTG, SolarWinds, and OrionFirewallsPaloAlto-PA-500/PA-2K/PA-3K/PA-5K/PA-7k, ASA-PHONE NUMBER AVAILABLE, Checkpoint- R65/R70/R75, ISA 2004/2006Professional Experience: -UBS Financial Services,NJ. Jan 2022 PresentNetwork Security EngineerResponsibilities:Developed HLD/LLD/SOP for Network, Network security, Wireless networks & Endpoint security infrastructure as a lead for products like Cisco, Cisco Meraki, Palo Alto Networks, Aruba networks, Arctic wolf Networks, Web Titan proxy, PAN Endpoint security solution Cortex-XDR, VMware ESXi, AWS, etc.Conduct security event alert investigation by reviewing logs from multiple sources such as Network firewall, endpoint security manager, windows event logs, email security appliance, MDR appliance etc.Good Understanding of various security frameworks, attack vectors and methodologies (e.g. MITRE ATT&CK, NIST, CIS, etc).Worked on different AWS accounts which includes creating S3 buckets for static website hosting and redirecting applications using Route 53.Established IPSEC site to site VPN tunnels between AWS VPCs and on-prem network devices.Implemented NACLs for filtering traffic in AWS VPC and Security Groups for filtering traffic at the instance levels.Setting up IPSEC Site to Site VPN tunnels both with multiple vendors which includes route based and policy based on the Palo Alto Firewalls & Cisco ASAs. VPN tunnels between the AWS Transit Gateway and the firewalls.Setting up account/user permissions, group policies and Multi factor authentication for additional security in IAM on AWS console.ServiceNOW as a ticketing platform, with all network changes are due approval with Change approval board.Managed public key infrastructure (PKI) from a third party cert authority (CA) for trust forward & encryption among computer systems.Worked with Palo alto networks vendor, to run proof of concept (POC) for their network firewall in the Organizations environment.Implemented comprehensive network access control policies tailored to organizational requirements, enhancing security posture and compliance with industry regulations.Integrated Forescout NAC seamlessly with existing network infrastructure, including switches, routers, and VPN gateways, to enforce consistent security policies across the network.Proven ability to troubleshoot and resolve issues promptly, ensuring the continuous operation of Forescout NAC deployments and minimizing downtime.Negotiated network firewall hardware & license sales with Palo alto networks vendor, about what suits the firm needs. Threat prevention, Wildfire, DNS security, URL filtering, etc subscriptions.Migrated HQ network firewall from Meraki MX400 (standalone) to Palo alto networks PA-3220 (HA pair).Deployed and configured Panorama virtual instance at 10.2 code, for Palo alto firewall management.Decommissioned a firm network, acquired as a part of acquisition, with Cisco Firepower 2110 as primary network security appliance. Assisted App team in service transition.Initial configuration of PA-3220 appliance, security policies, NAT policies, routing, IDS/IPS profile, log management, etc.Configure & associate security profile groups with security policies on PAN firewall, for IDS/IPS functionality.Implement security policies on PAN network firewall, for zone/ network/ service/ app-id/ URL category-based access control.Led comprehensive risk assessment initiatives using FireMon tools, identifying vulnerabilities, and implementing mitigation strategies to fortify network defenses.Spearheaded change management processes within FireMon, ensuring meticulous documentation, testing, and approval of firewall rule changes to maintain security and compliance standards.Configure the Decryption policy for Encrypted traffic which is passing through the PA firewall for granular app-id based access control policies and to enable blocking for traffic with deprecated lower versions of transport layer security.Configured Global Protect portal & gateway on PAN firewall for employee vpn/ remote user vpn/ ras vpn service.Integrated Azure AD SSO with Global protect vpn, a means to authenticate remote user identity. Always-on vpn for remote users.Aided in Global protect client agent deployment across all devices, deployment job was done Microsoft In-tune tool.Migrated & built IPsec vpns between HQ firewall and branch offices, extranets, private cloud, DR site, etc.Ran Best practice Assessment (BPA) on PAN firewall & implemented the recommended changes on the device using BPA+ tool.Ran security posture reports on network firewall & report to management on status.Worked on PAN AIOPS cloud app for PA network firewall health posture check.Configured & implemented SD-WAN policies on Palo Alto & Cisco Meraki appliances.Migrated Endpoint security solution, from Fortinet FortiClient to Palo Alto Networks Cortex-XDR.Aided in endpoint security agent initial package deployment, deployment job was done using Microsoft Intune.Did initial dashboard & policy configuration for PAN Cortex-XDR endpoint security manager.Worked on day-to-day operations for PAN cortex-XDR Incident/alert handling.Proficient in deploying, configuring, and managing FortiGate firewalls across diverse network environments, ensuring robust perimeter security through firewall policies, NAT configurations, VPN setups, and security profiles.Demonstrated proficiency in leveraging Fortinet solutions to implement comprehensive UTM features such as antivirus, intrusion prevention, web filtering, application control, and data loss prevention, effectively safeguarding networks from various threats.Re-did the network topology of HQ network from stand-alone to redundant high-availability architecture.Implemented LAN segmentation & access control policies across the segments, for a secure network topology.Worked on the transition process to BGP or dynamic routing, across all sites.Configured & deployed new switch stacks, Cisco catalyst 9k, to accommodate for growth and expansion.Did initial configuration & deployed proofpoint e-mail security solution (Proofpoint ESA) in the environment, followed up with developing a standard operating procedure for operations on phishing event investigation.Worked on Disaster Recovery (DR) Site implementation, failover design, conditions, etc with iLand Zerto DRaaS.Implement Managed Detection & Response (MDR) service from Arctic Wolf Networks. Worked with vendor on service subscription, which does the job of a traditional SIEM platform, by ingesting the network traffic logs, network firewall threat logs, endpoint security manager alert table data, cloud app logs (e.g. Azure connector integration), endpoint event logs, etc.Worked with vendor on coming up desktop & server hardening policies & have them implemented in place by desktop engineering.Worked on day-to-day operations for security alert investigation, on Arctic wolf networks dashboard.Migrated wireless access points (WAP) infrastructure form Cisco Meraki to Aruba networks devices.Configured wireless network for HQ in Aruba central, followed by Guest network design (authentication through Arubas cloud captive portal), included access control policies for guest devices such as segmentation, bandwidth, threat filtering, URL filtering, etc.Provide required assistance on transitioning the Mobile device management (MDM) solution from Cisco Meraki MDM to Jamf (for MacOS & IOS) and Microsoft In-tune for Windows platform.Participate and aid in annual PCI DSS audit processes.Developed and implemented robust access control policies tailored to organizational needs, enforcing compliance with security standards and regulatory requirements.Utilized Forescout NAC's capabilities to enforce network segmentation and quarantine unauthorized or non-compliant devices effectively.Established continuous monitoring processes, leveraging Forescout NAC's real-time visibility to detect and assess security risks associated with connected devices.Implemented proactive measures to identify and respond to potential threats and vulnerabilities, enhancing overall network security posture.Configured advanced intrusion detection and prevention features on Firemound firewalls to detect and block malicious traffic and unauthorized access attempts.Integrated threat intelligence feeds and security updates to enhance firewall protection against emerging threats and vulnerabilities.Implemented robust log management practices, collecting and analyzing firewall logs on Firemound to identify security incidents, policy violations, and anomalous activities.Conducted thorough forensic analysis of firewall logs to investigate security breaches, assess the scope of incidents, and facilitate incident response efforts.Adhere to industry compliance standards such as PCI DSS, HIPAA, or GDPR by configuring IOS-XR devices to enforce security policies, access controls, and data encryption requirements.Conduct periodic audits and security assessments of IOS-XR configurations using tools like Cisco SecureX or third-party solutions to ensure compliance with regulatory mandates and organizational policies.Foster collaboration between network engineering teams and DevOps teams by integrating IOS-XR infrastructure into CI/CD pipelines and version control systems like GitLab or GitHub.Enable infrastructure as code (IaC) practices by representing IOS-XR configurations as code using tools like Terraform or Ansible, facilitating seamless integration with application deployment workflows.Engage in continuous learning and professional development activities through participation in IOS-XR training programs, webinars, and community forums to stay abreast of emerging technologies and best practices.Proactively contribute to IOS-XR feature enhancements and bug fixes by providing feedback to Cisco's product development teams and participating in early field trial (EFT) programs for new releases.Verizon Wireless World, Fort Worth, TX. Nov 2019 Jan 2022Network Security EngineerResponsibilities:Developed HLD/LLD/SOP for Network security infrastructure as a lead for products like Cisco, Arista, Palo Alto firewall, Imperva WAF, Zscaler Proxy, F5 BIG IP, Citrix VM, VMware NSX-T, Crowdstrike AV, McAfee DLP solution etc.Configured Palo Alto Firewall models PA-3k, PA-5k, PA-7k and centralized management system (Panorama) to manage large scale Firewall deployments.Managing major projects for the client base to include system installations, migrations from legacy to VoIP, expansions and decommissions.Worked with Palo Alto engineering TAC to identify a bug in the 8.1.3 code on PA 5020 device that caused a major service disruption, bug was about DP1 not being used when DP0 queue was full.Provided network support for on-boarding process of all client public domains & web-applications to Imperva cloud web-application firewall. Additional responsibilities include imposing restrictions on network firewalls to allow traffic from Imperva networks alone.Provided network support to deploy Crowdstrike Falcon endpoint security agent to all end points and necessary network changes to allow end points to get updated AV content through internet.Deployed new workstations on AWS cloud to cope up with COVID 19 remote work requirements and integrated the cloud network with the corporate network through a private cloud model.Performed a code upgrade to 9.0 on global data centers PA firewall devices with the best practices recommended by the Palo Alto networks.Performed a security rule clean up on the global PA firewall devices based on the Palo Alto rule usage feature, as pre work required for firewall performance optimization recommended by Palo Alto networks.Worked on transition from port-based rules to App-id based rules based on the report from Palo alto app-id identifying feature as a part of firewall performance optimization project.Identify, flag and decommission unused B2B extranet VPN connections to optimize running device config and shut down unauthorized access to corporate network.Ensured compliance with regulatory standards such as GDPR, HIPAA, and PCI-DSS by implementing Forescout NAC solutions with robust security controls and monitoring capabilities.Ensured adherence to regulatory requirements and industry standards by leveraging FireMon's auditing capabilities to generate compliance reports and conduct regular security audits.Applied advanced techniques within FireMon to optimize firewall performance, monitor traffic patterns, and identify areas for improvement, ensuring network efficiency.Provided training and support to network administrators and end-users on Forescout NAC functionality, usage, and best practices for secure network access.Actively involved in evaluating new features and updates released by Forescout, incorporating them into existing deployments to enhance security effectiveness and efficiency.Transition from static routing to BGP on a B2B VPN to support dynamic failover, in case of a failure on the primary.Provided firewall support for migration of the current infrastructure to private cloud model.Support the RAS service migration from Juniper Pulse secure to Palo alto Global protect VPN, worked on integrating Okta cloud multi-factor authentication services with the PA GP client.Worked on transition of RAS service from Juniper SA 6500 SSL VPN, PSA 5000/7000 (Active/Active & Active/Passive),to Palo Alto Global Protect VPN and also handled end user support post migration.Deployed & managed Palo Alto VM series firewalls, including Panorama, for IPS & content analysis on AWS public cloud environment.Providing comprehensive networking support leveraging VMware, Active Directory, SolarWinds Orion, with Cisco Catalyst and Nexus switches. Involved in load balancing web-based application traffic using Big IPs F5 LTM and GTM.Implement and enforce stricter IPS inspection over production traffic using Palo alto firewalls.Worked with Information security office to remediate network vulnerabilities with scanning tools such as IBM Qradar, Nessus and Qualys vulnerability scanner.Worked alongside with the network automation for firewall configuration scanning through HPNA to automate security rule reporting and pushing minor network changes.Worked on pushing a python script to retrieve decommissioned IP network security rule base reporting, to follow up with a rule base clean up on the PA firewall devices.ZIA admin on Zsclaer cloud proxy for employee internet access.Monitored Global Support Service desk for tickets that were opened dealing with VoIP troubles or changes.Deploying, installing and troubleshooting Palo Alto firewall and Panorama with integration of Cisco routers, switches, WLAN components.Migrations of client ASA firewalls to Palo Alto and post migration support, configuring the security policies on Palo alto firewalls, as per the requirement based on User-ID, APP-ID and Content-ID.Performing network monitoring, providing analysis using various tools like Enterprise Network performance monitoring tool (CAPM), Wireshark, etcFamiliar with Cyber Ark Privileged Access Management (CA PAM) architecture.Reporting, review and optimize Firewall rule base using Palo alto expedition tool, Tufin SecureTrack tool and Firewall audit reports.Worked on Packet capture tools like Wireshark, Net scout nGenius client troubleshoot the issues.Experience in designing MPLS VPN and (QoS) for architecture using Cisco multi-layer switches.Worked on migration from BlueCoat proxy to Zscaler cloud proxy, implementing Zscaler in Production.Experience in implementing an IPSEC VPN with Cisco routers for third party business connectivity.Created virtual systems (Firewalls) in the Palo Alto Environment & migrated vsys from EOL PA devices to newer boxes.Monitoring, optimizing, and troubleshooting active directory issues.Worked alongside a DNS engineer on migrating to BlueCat server for DNS, DHCP & IPAM services.Worked alongside with the network automation for firewall configuration scanning through HPNA to automate security rule reporting and pushing minor network changes.Have worked on documenting & handling network gear & equipment on ServiceNow CMDB.Conducted regular compliance assessments and audits using Forescout NAC's reporting capabilities, ensuring adherence to security policies and industry regulations.Generated comprehensive reports on device inventory, security posture, and compliance status, facilitating decision-making and risk management.Leverage the modular architecture of IOS-XR to deploy service modules (SMUs) and patches independently, allowing for targeted updates and minimizing service disruptions.Implement service insertion and removal dynamically using the modular Service Separation Architecture (SSA) to accommodate changing network demands without impacting existing services.Integrate IOS-XR devices with network automation frameworks like Cisco NSO (Network Services Orchestrator) or Open Daylight to automate repetitive tasks such as provisioning, configuration updates, and service deployments.Utilize YANG models and NETCONF/RESTCONF protocols to programmatically interact with IOS-XR devices and orchestrate network-wide changes efficiently.Implement telemetry streaming using technologies like gRPC, gNMI, or SNMP to collect real-time operational data and performance metrics from IOS-XR devices.Utilize streaming telemetry data for proactive monitoring, trend analysis, and predictive maintenance, enabling pre-emptive actions to address potential issues before they impact network operations.Integrate IOS-XR devices with cloud platforms such as Cisco Cloud Services Router (CSR) 1000V or Cisco SD-WAN (Software-Defined Wide Area Network) to extend network connectivity and services into cloud environments.Implement hybrid cloud architectures leveraging IOS-XR's seamless integration with cloud-native services and APIs for workload mobility, disaster recovery, and application scaling.Orchestrated incident response procedures leveraging Forescout NAC's automated remediation capabilities to contain and mitigate security incidents promptly.Collaborated with cross-functional teams to investigate security breaches, analyze root causes, and implement preventive measures to mitigate future risks.Implemented disciplined change management processes to track and document firewall rule modifications on Firemound, ensuring transparency and accountability.Ensured firewall configurations remained compliant with industry standards, regulatory requirements, and internal policies, mitigating risks associated with non-compliance.Monitored firewall performance metrics such as throughput, latency, and resource utilization on Firemound, identifying potential bottlenecks and optimizing configurations accordingly.Conducted periodic performance assessments and capacity planning exercises to ensure firewall infrastructure met evolving business needs and security requirements.BlackRock, CO. Sep 2017 Nov 2019Network Security EngineerResponsibilities:Developed HLD/LLD/SOP for Network security infrastructure for products like Cisco, Check point, Juniper, Bluecoat Proxy, Palo alto firewall. Citrix VM ESXi, McAfee, DLP antivirus solution etc.Configured Palo Alto Firewall models PA-3k, PA-5k, PA-7k and centralized management system (Panorama) to manage large-scale Firewall deployments, including multi-vsys environment to protect Data Centre and provided L3 support for routers/switches/Firewalls.Experienced with installation of AWS CLI to control various AWS services through SHELL/BASH scripting and experience with AWS Cloud formation Templates.Deployed and managed FireEye CM 4400 and FX 5400 threat protection platform for malware analysis systemsExperienced in monitoring and analysing the load balancing of network traffic using Solar winds.Providing comprehensive networking support leveraging VMware, Active Directory, SolarWinds Orion, with Cisco Catalyst and Nexus switches. Involved in load balancing web-based application traffic using Big IPs F5 LTM and GTM.Using Meraki and Ubiquiti Networks maintained switching, routing, and firewall wireless configurations.Involved in implementing the LLBs and GSLBs to ensure traffic is equally distributed using different Load Balancing techniques.Implemented Fire eye Appliances for Malware File Detonation and Whitelisting False positive Malware events.Deploying, installing and troubleshooting Palo Alto firewall and Panorama with integration of Cisco routers, switches, WLAN components and PROVIDED post migration support.Meraki Network creation and configuration - Location, Tags, DHCP, Wired/Wireless setup, Firewall, etc.Installation of IBM QRadar 3128 manager and 1628 event collector on test environment creating X-Force alerts metrics forwarding.Enhanced incident response capabilities by leveraging FireMon's real-time monitoring features to swiftly detect, analyze, and mitigate security incidents.Established strong partnerships with FireMon vendors to stay abreast of the latest updates, patches, and security trends, ensuring the effective utilization of FireMon tools.Configured security policies on Palo alto firewall, as per the need, based on User-ID, APP-ID and Content-ID.Configure the Decryption policy for Encrypted traffic which is passing through the PA firewall to enable blocking for traffic with lower versions of transport layer security.Evaluate, Plan, Test, and Deploy migration of DNS and DHCP to Infoblox Appliances and post administration.Load balancing the web applications using BIG-IPs F5 LTM and Cisco ACE load balancer.Installing Cisco LAN, WAN, Wired, Wireless network infrastructure for Core, Access and Distribution layers, throughout all data centers.Experience in designing MPLS VPN and (QoS) for architecture using Cisco multi-layer switches.Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX Security appliance, Failover DMZ zoning & configuring VLANs/routing/NAT with the firewalls as per the design.Extensively managed Network ACL's, EC2 and Security Groups in migrating traditional on-premises infrastructure to AWS cloud services which now hosts 20+ AWS services.Identified and mitigated network security risks through continuous monitoring, threat intelligence analysis, and proactive enforcement of access control policies.Played a key role in incident response activities, leveraging Forescout NAC's capabilities to contain and remediate security incidents quickly and effectively.Maintained comprehensive documentation of Forescout NAC configurations, policies, and incidents, facilitating audits, compliance assessments, and post-incident analysis.Created monitors, alarms and notifications for EC2 hosts using Cloud Watch and configured AWS Identity Access Management (IAM) Group and users for improved login authentication.Replacing BlueCoat proxy with Zscaler and worked on implementing Zscaler in Production.Worked on advanced knowledge of Checkpoint, Fortinet, Cisco ASA 5500 series, JUNOS and Palo Alto PA-200.Proven track record in utilizing Fortinet tools and solutions for real-time threat detection, incident response, and mitigation strategies, including advanced monitoring, log analysis, and forensic investigations.Experienced in conducting security |
