Nagulapati Pavan Kumar

Phone: +1 (940)331-6711 |Email- nagulapatipavankumar18@gmail.com

Summary:

 Having 8+ years of Experience on multiple cloud environment. Identified security risks, threats and
vulnerabilities of networks, systems, applications, and new technology initiatives.
 Provided technical support in the development, testing and operation of firewalls, intrusion detection systems,
and enterprise anti - virus and software deployment tools. Assessed, prioritized, and updated existing IT security
policies and standards to reflect the GRC framework.
 Develop, Strategy Planning by utilizing Splunk and other SIEM cybersecurity tools.
 Maintaining the MS SQL Server including User Logins, Groups Creations with appropriate roles and monitoring,
dropping, and locking the logins, granting the privileges to users and groups.
 Worked with Security Operations Centre (SOC) web application security log analysis and Malware Analysis,
Phishing / Spam email Investigation, EDR tool (Titanium / Crowd Strike/Carbon black and other relevant tools.
 Knowledge of various security platforms and tools, such as firewall, CASB, proxy, Splunk-SIEM, IDS, IPS, Key-
secure, Crowed strike and SOAR.
 Working knowledge of the incident response lifecycle and MITRE ATT&CK Framework.
 Implementation of appropriate Accreditation and Authorization activities per JSIG, DoD and ICD 503 RMF,
NISPOM, or DoD Overprint to the NISPOM on customers requirement.
 Raising Tickets using ServiceNow during Investigation of Symantec DLP and understanding of Imperva
Management Console.
 Worked on continuous improvement and document IT Security technology standards, policies, and processes,
including awareness of new or revised security solutions, improved security processes and the development of
new attacks and threat vectors.
 Familiar with forensic approach to challenges and vulnerabilities in day-to-day IT infrastructure.
 Deep analysis of how cybercriminals work and ability to keep up with the fast pace of change in the
cybercriminal world.
 Perform security risk assessments for internal systems and processes, new software technology request to
include mobile apps, web applications, etc.
 Quickly responds to external risk assessments requests from customers or third-party software providers as
needed.
 Timely Conducts vulnerability scans, penetration testing, and log review to identify risk areas. Administers and
updates security measures and operate software to protect systems and information infrastructure, including
firewalls, phishing protection, and data encryption programs.
 Actively Participates in security investigations and compliance reviews, as requested by internal or external
auditors, and creates metrics and reporting for network security alerts, vulnerabilities, changes and performs
periodic audits.
 Timely Updating on information technology trends and security standards and having Strong Knowledge of cyber
security tools network protocols and operating systems.

TECHNICAL SKILLS
Networking: Packet Analysis (tcpdump, Wireshark), IDS (Bro, Snort), Splunk, Firewall, IDS/IPS, Access Control
Systems Administration: Active Directory, DNS, FTP, SSH, DHCP, SMB, HTTP, Virtualization
Vulnerability Assessment: Nmap, Nessus, Ettercap, Qualys, Metasploit, Honeypots (honeyD, inetSim), Burp Suite,
Nexpose, Acunetix, IBM App Scan, HP Web Inspect
End Point Security: McAfee Suits (VSE, HIPS & HDLP), McAfee MOVE AV, Symantec McAfee Email Security Gateways GUI
& CLI, McAfee Network Data Loss Prevention, McAfee NITRO SIEM Security Information and Event Management, Cisco
Security (Cisco AMP Umbrella, Cisco Email Security), FireEye HX
Platforms/Applications: Continuous Monitoring Vulnerability Management, Web Application Scanning, Threat Protect,
Policy Compliance, Cloud Agents, Asset Management, Governance, Risk Management and Compliance, SolarWinds,
Nexpose, Rapid7 Event Management RSA Archer, Blue Coat Proxy, IBM QRadar, NTTSecurity, LogRhythm, Pen Test Tools
Metasploit, KaliLinux, Docker, Synk, AuqaSec, Terraform, AWS cloud formation. s
Standards & Framework: OWASP, OSSTMM, PCI DSS
Security Software: Nessus, Ethereal, NMap, Metasploit, Snort, RSA Authentication, PIA
Programming Languages: C, C++, Java, Python, JavaScript, PowerShell, Linux
Protocols: TCP/IP, L2TP, PPTP, IPSEC, IKE, SSL, SSH, UDP, DHCP, DNS, NetBIOS, SNMP, TLS
Domain Knowledge: Risk Management, BCP/DRP, ISO 27001, COBIT, SWOT analysis, Cryptography, Incident Response,
Penetration Test, Risk Assessment, SCADASecurity, SCADA Audits, SIEM, ITIL, NIST, FIPS
Certifications:
 CompTIA Security+

CAREER REVIEW

Client- Commonwealth Care Alliance, MA Jan 2022 – Present

 Responsible for monitoring and, providing analysis in a 24x7x365SecurityOperation Center (SOC) using Splunk
SIEM, IDS/IPS tools.
 Lead in implementing security solutions towards SIEM tool using Splunk, and work on setting up the dashboard.
Operate closely with data security teams.
 Used Splunk Deployment Server to manage Splunk instances and analysed security-based events, risks &
reporting.
 Provide support of Splunk integration and deployment, configuration, and maintenance
 Integration of data feeds (logs) into Splunk.
 I have actively monitored the QRadar SIEM (Security Information and Event Management) platform to detect and
respond to potential security incidents.
 Managing various industries standard IPS, PIA, CASB, Firewalls, Gateways, VBlock, Rapid7 Virus and Endpoint
Managers
 Audit and validate configurations of network devices based on DISA STIGs
 Utilize RSA Archer platform 6.1.
 Expertise in implementation, customizations, and integrations of eGRCRSAArcher5.5 and 6.x version upgrades
 Develop and maintained a formalized GRC framework, utilizing standards-based controls aligned to business.
 Administrated ArcherData Feeds, questionnaires, calculated fields, workflow, reports, dashboards, I- views,
Packaging.
 Assess, prioritize, and update existing IT security policies and standards to reflect the GRC framework.
 Utilize Security Information and Event Management (SIEM), Intrusion Detection & Prevention (IDS / IPS), McAfee
Endpoint Encryption Data Leakage Prevention (DLP), PIA, Forcepoint, forensics, sniffers, and malware analysis
tools.
 Participate supporting RSA Archer version upgrades.
 Managed, configured, account creation and supported CDM Dashboard within eGRC Archer platform.
 Managed, Configured of 3rd party applications data feeds.
 Conducts complex security architecture analysis to evaluate and mitigate issues. Develops policies and procedures
for securing the system infrastructure and applications.
 Develops complex technical and programmatic assessments, evaluates engineering and integration initiatives,
and provides complex technical support to assess security policies.
 Created vulnerability risk assessments for in house, COTS, and 3rd party applications.
 Utilize Wireshark, Nessus to Pen-test and analyze the network and software’s.
 Utilize McAfee ePolicy/End Point Protection Suite administration including virus protection, HIDS/HIPS, firewall,
encryption, and other workstation security technologies.
 Address known exploits using the Host Intrusion Prevention System (HIPS) also, configured, monitored, installed,
and updated the application as well.
 Denied/Approved Software applications after testing the software for vulnerabilities and malware.
 Manage and monitor ticketing system ensuring tickets are completed in a timely manner.
 Manage system backup Manage email, spam, and virus protection Administer servers, desktop computers,
printers, routers, switches, firewalls, phones, personal digital assistants, smartphones, software deployment,
security updates and patches.
 Designed and implemented Juniper firewall solutions to secure the organization's network infrastructure,
ensuring protection against external threats and unauthorized access.
 Configured firewall rules, access control policies, and VPN tunnels to facilitate secure remote access and
communication.
 Monitor network usage and security; undertake routine preventative measures to ensure network security.
resolve technical problems with LANs, WANs, network segments, internet, intranet, and other data
communication systems; ensure network connectivity is on par with technical considerations Install, modify, and
repair server / computer hardware (cables, hubs, routers, wireless adaptors.) and software.
 Manage and maintain VMware virtual server environment.
 Manage and maintain the VMware virtual client environment.
 Manage and maintain the SAN/NAS (e.g., NetApp) storage systems.
 Setup, configure, and maintain hosted environments such as Microsoft Azure and Amazon Web Services.
 Manage and maintain Se Directory, User Accounts, Group Accounts, Computer Accounts, DHCP DNS and Domain
Controllers.
 Manage and maintain the Microsoft System Center Configuration Manager (SCCM) for server updates as well as
for client updates and automated builds and deployments.
 Ensure the proper execution of regular system backups.
 Manage, maintain, and patch Windows/Linux server operating systems and the applications running on those
servers.
 Designing and configuring process control systems based on client requirements and industry standards.
 Conducting testing and validation activities to ensure the proper functioning of process control systems.
 Remain up to date on security concerns and implement solutions as necessary.
 Oversee and manage the Office 365 based email solution.
 Utilize O365 Security Configuration, set up multi-factor authentication, Raise the level of protection against
malware in mail, protect against phishing attacks with ATP Safe Links, protect your email from phishing attacks,
Raise the level of protection against malware in mail & use dedicated admin accounts.
 I have executed comprehensive penetration tests on networks, applications, and infrastructure to identify
vulnerabilities and potential entry points for malicious actors in offense embedded.
 Performing security assessments and penetration testing on embedded systems to identify and address
vulnerabilities.
 I possess a strong command of Red team methodologies and offensive tactics. Conducted thorough penetration
tests, including network, web application, and wireless assessments, to identify vulnerabilities and provide
actionable recommendations for remediation.
 Collaborated with the Blue team to evaluate and improve the effectiveness of defensive measures, including
firewall configurations, intrusion detection systems (IDS), and security monitoring tools.
 Proficiently using the Qualys CSPM platform to assess and analyze cloud infrastructure configurations, network
security, and compliance posture.
 Conducting risk assessments based on vulnerability scan results and working closely with stakeholders to
prioritize and remediate identified vulnerabilities.
 Conducted comprehensive assessments of embedded systems, identifying, and addressing security
vulnerabilities.
 Performed reverse engineering on firmware and software components to identify potential weaknesses and
develop secure solutions.
 I have played a crucial role in identifying and assessing vulnerabilities within the organization's systems. This
includes using vulnerability scanning tools, analysing scan results, and providing detailed reports with
recommended mitigation strategies to enhance the overall security posture Setup, configure, and maintain
hosted environments such as Microsoft Azure, Google Cloud, and Amazon Web Services.
 I have hands-on experience in implementing and configuring AWS security services such as AWS Identity and
Access Management (IAM), AWS Config, AWS CloudTrail, and AWS Security Hub.
 I have contributed to the design and implementation of secure architectures for AWS cloud deployments.
 Developed custom use-cases and correlation rules in Sentinel One to identify and respond to potential security
threats and incidents effectively.
 Played a key role in managing and monitoring Sentinel One’s endpoint security solution to detect and respond to
cyber threats in real-time.
 Assisted in the selection and procurement of Sentinel One’s SIEM solution, evaluating its features and capabilities
to align with organizational needs.
 Spearheaded the successful integration of SailPoint's Identity with CyberArk's Privileged Access Management
(PAM) solution to enhance clients' identity governance capabilities.
 Played a key role in the integration of SailPoint's Identity Now with CyberArk's Enterprise Password Vault (EPV) to
streamline the management of privileged credentials.
 Designed and implemented IAM solutions leveraging OAuth, OpenID Connect, SAML, WS Fed, and MFA to ensure
secure and seamless authentication and authorization processes.
 Utilized Azure AD, FIM/MIM, Kerberos, PKI, PIM, DNS, DHCP, and GPO implementations to enhance identity and
access management capabilities.
 Provided subject matter expertise in PAM, ensuring efficient access management and privileged account security.
 Designed and implemented Palo Alto firewall solutions for clients, ensuring robust network security and seamless
traffic filtering.
 Deployed Palo Alto firewalls on-premises as well as on Azure cloud platforms, effectively extending security
measures to cloud environments.
 Developed execution plan to support the transformation to Agile methodology, including development of
processes, templates, artifacts, training materials, and lessons learned.
 Managed corporate wide Agile software engineering support across customer organization.
 Participated in vulnerability assessments and penetration testing to evaluate the security of Beyond Trust’s
implementation and make necessary improvements.
 Assisted in the deployment and integration of Beyond Trust’s privileged access security solutions across the
organization's network.
 Contributed to the development of security policies and procedures related to HashiCorp Vault usage.
 Conducted security testing and vulnerability assessments to identify and address potential risks in Vault
deployments.
 Conducted comprehensive gap assessments against NIST 800 series to identify areas of improvement and develop
remediation strategies.
 Execute compliance assessments for ISO 27001/2, SOC 2, HITRUST, and other industry frameworks, ensuring
adherence to information security and privacy requirements.
Client- Conduent, NJ, USA Feb 2020 – Dec 2021
SR Cyber Security Engineer
Responsibilities:

 Experience implementing and administering Cloud Workload Protection Platform (CWPP) or Cloud Security
Posture Management (CSPM) tools - e.g., Dome 9, Prisma Cloud, Orca etc.
 Experience securing or administering multi-account/subscription public cloud environments (AWS, Azure, GCP)
 Experience with using a broad range of AWS technologies (e.g., EC2, RDS, ELB, EBD, S3, VPC, Glacier, IAM,
CloudWatch, KMS) to develop and maintain an Amazon AWS based cloud solution, with an emphasis on best
practice cloud security.
 Implemented and managed Qualys CSPM (Cloud Security Posture Management) tool to ensure the security of
cloud environments (AWS, Azure, GCP)
 Strong knowledge and experience with AWS cloud architecture (i.e., RDS, S3, ECS, DynamoDB, API gateway, CDK,
etc.)
 Utilized cutting-edge Cyber Recovery solutions, including Data Domain and IDPA, to establish robust disaster
recovery plans, reducing downtime and ensuring data availability.
 Monitored and analysed security events in the cloud infrastructure, using Cloud Security tools to detect and
mitigate potential security breaches.
 security enhancements and risk mitigation measures based on Qualys CSPM scan results.
 Deployed Qualys Cloud Agent to provide vulnerability reporting and proactive threat mitigation across the entire
network.
 Utilized BigFix Endpoint Configuration Manager as the default patching platform, ensuring timely and efficient
patch management across all endpoints.
 Implemented Microsoft InTune for relevant systems, enabling seamless endpoint management and security for
remote and mobile devices.
 Effectively implemented CyberArk Endpoint Privilege Manager, ensuring privileged access controls and
safeguarding critical systems from unauthorized access.
 Developed and implemented vulnerability management strategies and best practices, ensuring continuous
monitoring and improvement of cloud security.
 Develop and implement secure cloud connectivity solutions to enable seamless integration of cloud services
with on-premises infrastructure.
 Design and enforce security policies, standards, and procedures to ensure the confidentiality, integrity, and
availability of data in cloud environments.
 Create and maintain architectural diagrams, documentation, and guidelines for secure cloud deployments.
 Expertise with GitHub, Gitlab, Terraform, Pulumi, Ansible or other CI/CD tools.
 Mentor junior team members on cloud security best practices.
 Responsible for detection and response to security events and incidents within global fortune 500 client
networks; utilizing ArcSight, Splunk, Tipping Point, Virus Total, IPVOID, FireEye, Wireshark, etc. to gather,
analyze, and present forensic evidence of cyber malware and intrusions.
 Conducted in-depth analysis of emerging ransomware threats and provided recommendations for mitigation to
the security team.
 Developed and implemented ransomware prevention measures, including regular security assessments,
vulnerability scanning, and patch management.
 Review System and firewall logs based on individual preset client policies, rules, and standards; also review all
host activity for specified timeframe.
 Implemented advanced security configurations on Akamai's platform to protect web applications from OWASP
Top Ten threats, DDoS attacks, and other vulnerabilities.
 Assisted in the configuration and optimization of Akamai WAF rules to enhance web application security and
mitigate potential risks.
 Implemented and fine-tuned bot mitigation strategies to detect and mitigate sophisticated bot attacks
effectively.
 Work directly with ESM engineers and Account Information Security Officers to adjust alert criteria.
 Coordinated escalations to Forensic Analyst Team with recommendations for remediation.
 Acted as liaison and interacted with leadership, account management teams, and engineers to further define
the risk and remediation plan.
 Evaluated and fulfilled requests from the Account Information Security Risk & Compliance Officers for each
client and aligned with the appropriate runbook procedures to attain Client Service Level Objectives and
Agreements.
 Adjusted network alerts temporarily to suppress excessive alerts prior to engineers making permanent threshold
changes.
 Facilitated and operated direct telephone communication in order to perform the immediate required
escalation requests or engagements of required teams to support clients.
 Researched McAfee Threat Center, Symantec, and other vulnerability and threat libraries to identify and
formulate remediation plans.
 Configured and maintained proxy servers to monitor and control internet traffic within the organization.
 Monitored and analysed proxy logs to detect and investigate potential security incidents or policy violations.
 Developed and implemented policies for web filtering, content control, and user access management through
proxies.
 Deployed and managed Data Loss Prevention (DLP) technologies to protect sensitive information and prevent
data breaches.
 Configured and fine-tuned DLP solutions to accurately identify and classify sensitive data across various
endpoints and network channels.
 Monitored DLP alerts and conducted investigations to identify potential data leaks or policy violations.
 I have a deep understanding of the PCI DSS framework and its requirements for securing payment card data.
 I assist organizations in achieving and maintaining compliance with PCI DSS by assessing their systems, networks,
and processes against the standard's security controls and providing recommendations for remediation.
 APIs into cybersecurity solutions to enhance functionality and streamline processes.
 Designing, configuring, and managing NSX-T firewall policies to protect network infrastructure and applications.
 Implementing NAT policies to provide secure and controlled access to internal network resources.
 I have extensive experience with Secure Sockets Layer (SSL) and have implemented SSL certificates for secure
communication between clients and servers. I am adept at configuring SSL/TLS protocols.
 I possess a strong understanding of Remote Desktop Protocol (RDP) and have deployed RDP solutions to enable
remote administration of servers and desktops.
 Collaborate with the IT security team to design and implement robust mainframe security solutions, with a focus
on encryption deliverables.
 Develop and maintain encryption policies and procedures to protect sensitive data on mainframe systems.
 Monitor security logs and alerts to identify and respond to security incidents, utilizing incident response
procedures to contain and mitigate threats.
 Led the successful deployment and configuration of Varonis Data Security Platform to monitor, analyse, and
protect sensitive data across the organization's network.
 Implemented data access controls and conducted regular audits, reducing the risk of data breaches by 30%.
 Collaborated with the IT team to integrate Varonis with existing security tools, enhancing the overall security
posture and enabling better incident response capabilities.
 Blue team methodologies and defensive strategies monitored security events using SIEM tools, analysed logs,
and investigated potential security incidents to identify and respond to threats in a timely manner.
 Developed and implemented incident response procedures and playbooks, ensuring a swift and effective
response to security incidents.
 Manage access control for Active Directory and Azure AD, ensuring the appropriate assignment of user
permissions and implementing role-based access control (RBAC) policies.
 Demonstrate proficiency in public IaaS platforms, AWS, and Azure, ensuring the implementation of robust
security measures for cloud-based environments.
 Assisted in the design and implementation of role-based access controls (RBAC) within the integrated IAM
framework, reducing the risk of unauthorized access to critical systems and data.
 Designed and customized Beyond Trust policies and workflows to align with the organization's security policies
and compliance requirements.
  Provided expert guidance and support to IT teams in adopting best practices for privileged access management
using Beyond Trust.
 Conducted regular audits and assessments of privileged accounts and access rights to maintain a secure and
controlled environment.
 Implemented strong encryption and access controls to safeguard sensitive data stored within HashiCorp Vault.
 Developed disaster recovery and failover strategies to maintain Vault availability during unexpected incidents.
 Assisted in incident response activities, leveraging Palo Alto firewalls' advanced threat detection capabilities to
identify and mitigate potential cyber threats.

Client- Xcel Energy, NV Sep 2018 – Jan 2020

 Evaluate network based, system level and application layer processes monitoring, detecting threats and
suspicious traffic, and troubleshooting artifacts to support assessments and audits.
 Coordinate COTS security solutions to aligned business processes and technical controls, validate activities
secure information assets, and mitigate risks to meet industry best practices.
 Manage vulnerability scans and penetration tests of systems; develop remediation plans, test controls, and
recommends countermeasure of attack vectors and incidents response.
 Create metrics to track DLP, IDS/IPS, IAM, SIEM logs reporting to meet operational level security controls and
compliance frameworks including CSA CCM, ISO 27017 best practices.
 Integrate security practices across enterprise environment including IP networking, VPNs, DNS, load balancing
and firewalling solutions-based set of security standards and processes.
 Assessed system architecture to ensure security implementations align with NIST guidelines, Risk Management
Framework (RMF) and management approved System Security Plan (SSP).
 Provide support to integrate security and compliance into all enterprise information systems and projects as
part of the Information Response Plan (IRP) process by working across team members.
 Create and maintain standards surrounding Authority to Operate (ATO) documentation related to security
processes, procedure, POA&M updating based on vulnerability/patch mgmt. remediation.
 Developed plans for remediating findings from assessments and audits, establish threat modelling to identify,
prioritize and report on cyber threats using Security Assessment Reports (SAR).
 Identify security gaps contingency, disaster, and incident response plans alignment with NIST SP to mitigate
threats from network, operating systems, databases, and applications.
 Coordinate System Security Plan (SSP) for Identity and Access Management, Email security, SAML, OAUTH and
OpenID, SSO, PKI compliance testing with NIST SP a rev4.
 Participate in system security testing, verification, simulation and post deployment and accreditation to validate
risk assessment alignment with System Security test and Evaluation (ST&E)
 Work in cross - functional environment, prepare security program, and user documentation, maintain security
governance and awareness of individual expectations across the organization.
 Extensive Knowledge on the implementation of Cisco ASA 5500 series and checkpoint R 80 firewalls.
 Software and OS patching and hardening experience.
 Linux command line experience and work on inventory, patch, and upgrade both Windows and Linux based
systems and applications.
 Have general storage experience.
 Perform in place upgrades and migrations of Check Point Security Gateways from Check Point IP Appliances and
SPLAT servers to 12k appliances running Gaia R75.40.
 Work with NAT and Access-list in Cisco ASA firewall to allow only authorized users.
 Migrating a Cisco ASA Firewall Configuration from Old Syntax to New
 Working on Cisco ASA NAT conversion tool for converting to 9.X firmware from 8.2 Firmware
 Implementing VOIP products, solve different trouble tickets and solve hardware issues of consumers.
 Firepower Series using Cisco ASA for additional vulnerability scanning.
  Conducting comprehensive security assessments of SCADA systems to identify vulnerabilities, risks, and
potential security gaps.
 Developing and implementing strategies to mitigate security risks and vulnerabilities in SCADA systems.
 Performing regular audits of SCADA systems to ensure compliance with industry standards, regulatory
requirements, and internal security policies.
 Supported PCI-DSS compliance efforts by conducting vulnerability assessments and reviewing security controls.
 Supported compliance assessments for ISO 27001/2 and PCI-DSS, conducting controls testing and evidence
gathering.

Client- Cyber Information systems pvt ltd, Bangalore. Feb 2016 – Jan 2018
SR Network Security Engineer
Responsibilities:

 Configure high availability network with Cisco ASA 5525 with Firepower service, Cisco 3850 Switches.
 Hands-on experience in Planning of Corporate Firewalls architecture and implementing in distributed
environment i.e., configuring & troubleshooting - Checkpoint, Cisco ASA and Palo Alto Firewall.
 Design, configured, secure Wireless network with Aruba 7030 Mobility controllers and Aruba 300 series Aps
 Build Check Point HA using Cluster XL and Management HA using Active/Standby
 Define, implement, and maintain corporate security policies.
 Managing Firewall products - Checkpoint Appliance 2200 Gateways, Provider-1 and VSX environment. (R77.10
and 77.20) and ASA environments.
 Successfully migrated provider-1 and R77.10 environments to R77.20.
 Publish applications securely using F5, implementing access policies and enabling secure remote access for
authorized users.
 Assisted in the application publication using F5, ensuring secure access to web-based applications.
 Working on day-to-day firewall management activities like looking into troubleshooting tickets and firewall rule
change requests.
 Configuration and implementation of Check Point Firewalls, IDS/IPS, Bluecoat Proxy.
 Maintained operational efficiency of client DLP programs.
 Reviewed business requirements and conducted task analysis.
 Planned and co-ordinate enterprise-wide infrastructure projects with other IT teams and data center team.
 Implemented business procedures and DLP security programs.
 Suggested expansions for DLP programs as per business requirements.
 Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls (60+ firewalls) - PA200, PA2000 series,
PA3000 series, PA4000 series and PA5000 series.
 Actively use, smart view tracker, and Checkpoint CLI (to security gateways) for troubleshooting. Perform
advanced troubleshooting using Packet tracer and TCPdump on firewalls.
 Review and optimize firewall rules using Secure Track Tufin tool and run firewall audit reports.
 Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
 Experience with devices Palo Alto Network firewalls such as security NAT, Threat prevention & URL filtering.
 Planning, Designing & Implementing VPN connections using Checkpoint, ASA, Cisco PIX, and Cisco Routers using
site-to-site VPN's.
 Extensive experience in Firewall technologies including general configuration, risk analysis, security policy, rules
creation and modification of Check Point Next-Generation Firewalls R65, R70 & GAIA R77.30, Palo Alto Next-
Generation firewalls, Bluecoat proxies and Cisco ASA/PIX.
 Work with Load Balancing team to build connectivity to production and disaster recovery servers through F5 Big
IP LTM load balancers.
 Configure and troubleshoot Juniper EX series switches and routers.
 Network security including NAT/PAT, ACL, and ASA/SRX Firewalls.
 Worked with Load Balancing team to build connectivity to production and disaster recovery servers through F5
Big IP LTM load balancers.
  Installation and Configuration of Cisco Catalyst switches 6500, 3750 & 3550 series and configured routing protocol
OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design Document and followed the
change process as per IT policy It also includes the configuration of port channel between core switches and
server distribution switches.
 Creating and maintaining documentation related to NSX-T Security, including firewall policies, NAT configurations,
VPN settings, and security guidelines.
 Implemented and maintained network security infrastructure, including firewalls, VPNs, and intrusion
detection/prevention systems.
 Conducted comprehensive penetration tests on critical systems and networks, identifying vulnerabilities and
providing detailed reports outlining risks and recommended remediation strategies.
 Leveraged Sentinel One for Endpoint Detection and Response, providing real-time monitoring and rapid incident
response to detect and neutralize potential security breaches.
 Managed Dell Data Protection Encryption, enabling USB encryption to prevent data leakage and protect sensitive
information.

Client- PEP SYSTEMS PVT LTD, Hyderabad, IND May 2014 – Jan 2016
SR Cyber Security Engineer
Responsibilities:

 Plan, develop, and execute security data analytics using Business Intelligence tools (Tibco Spotfire, Xtraction,
Tableau) and act as the data security analytics subject matter expert (SME) supporting the IT Compliance team,
Risk Management team, Information Security team and all other functional units with regards to IS security data.
 Managed third party/vendor risk assessment oversight for security applications/tools - check for data security
protection mechanism (data-at-rest & data-in-transit), data retention, application authentication, access control,
incident response, media protection and regulatory and compliance standard the vendor adhere to
 Advance knowledge in security threat intelligence gathering from various security tools such as Security
Information and Event Management (SIEM) Systems - RSA Netwitness, RSA eCAT, CyberArk, Active Directory,
Identity Management (IDM), Nexpose, and Infoblox.
 Perform the review of the RSA Security SIEM log and NetWitness Security Event Log - analyze various logs from
various appliances such as Cisco IDS, Proofpoint, Big-IP, Snort, application firewalls; thus, providing a strong threat
intelligence security data point for the Information Security team.
 Work extensively on various streams of Identity and Access Management (IAM) compliance with regards to -
account management, web access management (Citrix VDI), password management and user provisioning
systems using LANDesk, CyberArk, and Active Directory (AD)
 Develop and monitor Risk Management central data repository, in order to identify potential threats and
vulnerabilities, tracking identified gaps and recommended technical remediation.
 Assess and review periodically over 24 enterprise and security endpoint agents, in order to evaluate and track the
agent deployment process on all active endpoints and ensure swift agent deployment for non-compliant
endpoints.
 Provide Executive Security Metrics and Dashboards on various compliance and security findings to Executive
Management. (i.e., SIEM metrics, Asset Inventory report, Security Agent gap analysis report, patch and
vulnerability management status report, Active Directory Metrics)
 Subject Matter Expert & training facilitator for IS Security and Compliance data analyses, using data to drive
organization’s Security, Risk and Compliance exercises.
 Perform security monitoring, vulnerability management, risk management and security incident response in
identifying, coordinating, and remediating various identified vulnerabilities.
 Knowledge of AWS cloud computing concepts and cloud infrastructure technologies services such as config, IAM,
CloudWatch events, Guard Duty, CloudTrail etc.
 Strong knowledge and experience of IT Security and Compliance Tools such as Tripwire, NetWitness, Cylance,
Beyond Trust, McAfee ePolicy Orchestrator (McAfee ePO), McAfee DLP, RSA MFA, RSA SIEM, CyberArk, AirWatch
MDM.
 Implemented access management vault integration and LDAP integration to centralize and enhance access
control mechanisms.