Delhi, India
I have over 15+ years of extensive, hands-on experience in IT infrastructure and operations, with a strong focus on planning, designing, implementing, and maintaining complex DC Network Security solutions. My expertise spans Security Architecture, Security Operations, and large-scale DC migrations and hardware/software Firewall refresh projects. I currently manage over 20000+ FortiGate FW (FG-100E/100F), along with Cisco ASA (5545-X, 5555-X, 5585-X), Cisco Firepower (FPR 1120, FPR-4125, FPR-4145). Cisco Nexus (93180YC-EX, C9336PQ Spine, C9372TX Leaf, C3048TP 3K), and Palo Alto (PA-220, PA-820, PA-5445) appliances. I’m highly proficient in troubleshooting complex network issues using advanced tools and techniques, including debugging, packet tracer, and packet capture analysis. In the past, I have worked in various capacities within the IT industry. These roles have included AM/Team Lead/Administrator/Engineer in Network & Security & Cybersecurity. I hold a Bachelor of Engineering degree in Computer Engineering, graduating in 2008. My expertise lies in Network Security and Cybersecurity. I possess a strong foundation in Cisco technologies, holding certifications including CCNA-R&S, CCNA-Security, CCNP-R&S, and CCNP-Security. Fortinet Certified Associate in Cybersecurity, Fortinet Certified Fundamentals in Cybersecurity In addition to these, I have earned over 4700+ Certificates of Completion from platforms such as LinkedIn, Coursera, Skillsoft, Microsoft, Fortinet, and Udemy.
"VZ-CYSC-EE-ADC/RDC-Clt-LABNWScEng-NSE-RT" Here i am responsible for planning, designing, implementing, managing and troubleshooting of complex modern Verizon Data Centre infrastructure. In which I am handling and Managing 20000+ Fortigate FG-100E firewall, I am Involved in Data Center Migration and Hardware Refresh of all legacy Firewall EoL/EoS From FG-200B and FG-100D to FG-100E. I am also managing Cisco Security Device like ASA 5545-X ASA 5555-X, 5585-X, FPR-4145, FPR-4125. i am handling all the escalation related to migration of DC and legacy firewall. I am doing Configuration and Management of Different vendors firewall in failover mode, implementation & Configuration of VPNs between firewall and routers for secure encrypted communications and Site-To-Site VPN, High-Availability and Redundancy of FW. Security policy using Access-list and NAT/PAT and applying ACE and configuring Object-Group in firewall. Adding Firewall in CSM, FMC, Forti manager, Forti Analyzer.
"NCR Corp-NOR-EN-T&M-Firewall Support" Here i am responsible for planning, designing, implementing, management and troubleshooting of complex modern IT data Centre infrastructure. In which I am handling NCR Data Centre and handling Cisco Security Device ASA 5555-x, 5585-x, FTD 2140, Nexus 9K(93180YC-EX) and 3K(C3048TP). Configuration and Management Cisco ASA firewall in failover mode, implementation & Configuration of VPN’s between firewall and routers for secure encrypted communications and Site-To-Site VPN, HSRP Gateway Redundancy, Gateway Load Balancing and Interface tracking, Data VLAN & redundancy, Security policy using Access-list and NAT/PAT and applying ACE and configuring Object-Group in firewall.
Responsible for planning, designing and managements of complex modern OT infrastructure. Responsible for Sec-OT security of things security operations, cyber security monitoring, Intrusion detection For secured OT networks. Working with Microsoft D4IoT for Continuous monitoring for threats and vulnerabilities, with IoT/OT-aware behavioural analytics and threat intelligence. Proactively addressing vulnerabilities in IoT/OT environment. Identifying risks such as missing patches, open ports, unauthorized applications, and unauthorized subnet connections. Detect changes to device configurations, controller logic, and firmware. Working on leading projects from US, Europe & several Asian regions. Utilizing my hands on experience of networking security technologies (Firewalls, DNS, DHCP, VPNs, Routing, Gigamon on my day to day analysing alerts and troubleshooting on OT devices. I have understanding of various industry standards like NIST 800-82, PCI-CPP (Payment Card Industry Card Production and Provisioning) & PCI-DSS (Payment Card Industry Data Security Standard), NPCI (National Payment Corporation of India), SAS (Security Accreditation Scheme) & ISO-27001. I am using my technical engineering and process management skills on my day-to-day activity. To Extract Configuration and outputs from all managed network devices for each site in scope. Analyse routing information from ICS/OT site to ascertain Enterprise-wide design. Provide analysis of security policies from ACLs from configuration of network devices. Gather information to define flows and system to be connected to intelligent tap solution, to streamline application flows, such as deduplication, header, RBAC, Integrations. Analyse discovered data to create baseline requirements for future-state site network designs. Validate and implement ICS/OT cybersecurity monitoring solution at each site in scope. Analyse routing information from ICS/OT site to ascertain Enterprise-wide design.
Here I was responsible for planning, designing, implementing and management of the complex modern IT data centre infrastructure. In which I was handling all the Cisco FPR, ASA FW, Switch, & handling audit of various compliances, Cyber Security Analyst, Information Security. I was responsible for installing configuring implementation and administration of Cisco FPR, ASA FW, Switch, Web gateway, Internal gateway SFTP/FTP server configuration, I was also handling Incident Management, Change Management, Request Management, Problem Management, technical troubleshooting, SLA management, facilities management, Security Management. I was handling audit from Network perspective of various compliances like PCI-CPP (Payment Card Industry Card Production and Provisioning) & PCI-DSS (Payment Card Industry Data Security Standard), NPCI (National Payment Corporation of India), SAS (Security Accreditation Scheme) & ISO-27001. I was taking care of resource allocation for internal & external projects, IT budgeting for financial years, vendor coordination for existing & new projects, monitoring system management as per define SLA, KPI/KRA management for teams, Solution design & support team.
Managing Maintaining and Securing Data Centre Network of Manesar, New Delhi and Chennai Locations. comprising of products like:- Cisco Security Device ASA 5555-x, 5585-x, FTD 2140, Nexus 9K and 3K Switches, ACI and APIC Controller. GSR Router, ASR Routers, Cyber Security Analyst, Information Security. Working on many ongoing projects, like firewall migration, MPLS link shifting, ITNM tool integration with network devices, attending meeting for new infrastructure projects. SD-WAN connectivity, NSO project. Cloud services.
Maintaining a Network comprising of products like:- Cisco Security Device ASA 5520, 5510, Router 7206, 3960, 2800, 1800 Switch 6509, 4506, 3560, 3760 and 3750 (PoE Series) basic configuration of Palo alto PA-220 PA-820, PA-840, Cyber Security Analyst, Information Security. Implementation and configuration of backbone infrastructure for Data & Inbound Voice Process. Configuration and management of Router and Switches (L2 and L3) with redundancy for availability of network without any downtime. Installation, Configuration & management Cisco ASA firewall in failover mode. Applying various security policies and implementation & Configuration of VPN’s between firewall and routers for secure encrypted communications and Remote Access VPN. Implementing changes into Network after discussing with Change Advisory Board. Configuration and Management of Gateway Redundancy, Gateway Load Balancing and Interface tracking using HSRP and VRRP. Configuration and Management of Data and Voice VLAN & redundancy, and stacking of Switches. Co-ordinate with service provider like Bharti, Aircel, Reliance, Tata, and Spectranet for different Internet, WAN and IPLC links Configuring and troubleshooting EIGRP and OSPF routing protocol and other network related issues. Implementing Security policy using Access-list and NAT/PAT, and applying ACE and configuring Object-Group in firewall. Backup and restoring the Cisco IOS and Configuration. Managing and Monitoring networks through Network Monitoring tools, Wireshark, MRTG, What’s UPGold and Syslog server. Implementation and planning of new Projects coming in the facility.
Maintaining a Network comprising of products like:- Cisco Security Device ASA 5520, 5510, Router 7206, 3960, 2800, 1800 Switch 6509, 4506, 3560, 3760 and 3750 (PoE Series) Implementation and configuration of backbone infrastructure for Data & Inbound Voice Process. Configuration and management of Router and Switches (L2 and L3) with redundancy for availability of network without any downtime. Installation, Configuration & management Cisco ASA firewall in failover mode, Cyber Security Analyst, Information Security. Applying various security policies and implementation & Configuration of VPN’s between firewall and routers for different sites to connect USA, Poland and UK client’s Server or secure encrypted communications and Remote Access VPN. Implementing changes into Network after discussing with Change Advisory Board. Configuration and Management of Gateway Redundancy, Gateway Load Balancing and Interface tracking using HSRP and VRRP. Configuration and Management of Data and Voice VLAN & redundancy, and stacking of Switches. Co-ordinate with service provider like Bharti, Aircel, Reliance, Tata, and Spectranet for different Internet, WAN and IPLC links Configuring and troubleshooting EIGRP and OSPF routing protocol. Implementing Security policy using Access-list and NAT/PAT, and applying ACE and configuring Object-Group in firewall. Backup and restoring the Cisco IOS and Configuration. Managing and Monitoring networks through Network Monitoring tools, Wireshark, MRTG, What’s UPGold and Syslog server. Implementation and planning of new Projects coming in the facility. Providing the solution to the client as per SLA with 99.98% up time.