Talented Network Security Engineer with over 7 years of experience seeks position that will utilize exceptional training, certifications and experience as a network support specialist.
Expertise in medium/large sized LAN/WAN design/configuration & implementation with CISCO, wireless network design/configuration & implementation, strong working knowledge on Wide Area Networks (WANs) e.g. T1, Frame Relay, ISDN etc., support of multi-vendor routers and switches.
Implementing technology solutions for clients that will address their needs in Networking, Security, Enterprise Data Center, SDN & SD-WAN focused solutions.
Strong capabilities around Data Center, Virtualization, Storage, SDN, SD-WAN, Security, Compute & Cloud solutions.
Expertise in performing network forensics, investigating suspected instances of fraud, waste and abuse, data spills, and network penetrations, providing computer incident and violation response support, and cyber security awareness and training.
Strong hands on experience in configuring CISCO based routing e.g. RIP, EIGRP, IGRP, OSPF, BGP, HSRP, VRRP, route redistribution etc., and switching e.g. VLAN implementation, STP, VTP, Access lists, L3 Switching, Firewalls such as Cisco ASA, Palo Alto, Checkpoint etc.
Hands on experience in designing cable and wireless networks, structured network cabling such as STP, UTP, coaxial etc., installation and configuration of LAN, WAN with active components such as routers, switches, firewalls, modems, access points, repeaters etc. break / fix engineering.
Quick learner with ability to grasp new technologies. Proven ability to work under pressure and team environment. Willing to relocate. Track record for diagnosing complex problems and consistently delivering effective solutions.
Operating Systems: Windows XP/7, Windows 2003/2008 Server, Ubuntu, Damian.
Network: TCP/IP, DNS, WINS, LWAPP, LDAP, DHCP, IDS/IPS, RADIUS, ATM Network, Ethernet,
Frame Relay, ISDN, Switching/Routing, Multicasting, Access Lists, SIP/SDP, VLAN, VTP/STP, IPsec/GRE,
MPLS, HSRP, IPv6, SSL VPN, IPSec VPN, VRRP, AAA, VACL, MST, SDN, Virtualization of Networks, IDS, IPS.
Automation Tools: SDN, Dockers, Microsoft Azure and AWS.
Routing Protocols: RIP v1 & v2, IGRP, EIGRP, OSPF, IS-IS, GRE, BGP and IPv6 Addressing
Security: SSL VPN, IPsec VPN, Cisco PIX/ASA, Palo Alto, Checkpoint, Bluecoat Proxy.
Other Tools: Wireshark, Solar winds, Packet Tracer and GNS3
Penetration Testing: Kali Linux, BackTrack 4/5, SET Toolkit, War Dialing, VOIP testing, SQL Injection, Web Application Testing, Onapsis, Metasploit, Wireless tools, etc
Vulnerability Assessment: Nessus, Qualys, Foundstone, Nexpose, Metasploit, Core Impact, OpenVAS, Kismet, etc
Web Application Testing: App Scan, Hailstorm, Nikto, Grendel, Burpsuite, Acunetix, Qualys, etc
Database Testing: Scuba, SQLninja, AppDetectivePro, Havij, Mysqloit, SQLmap, Onapsis X1 etc
Forensic Software: FTK, F-Response, Encase, TASK. Network Miner, Slueth Kit, Bulk Extractor, and Volatility.
MSc - Cyber Systems December 2016 – May 2018
University of New Haven, US
Emphasis on cyber forensics and cyber security.
Contributed various artifacts of various applications on IOS platform to Artifact Genome Project.
Co-authored paper “Immersive Virtual Reality Attacks and the Human Joystick” that has been submitted for various publications. This paper has also been selected and featured in Canada discovery channel for 15-minute documentary section.
Selected to explore cyber security and forensics of Virtual Reality systems and their impact on cyber security education as a part of NSF grant under Dr. Ibrahim Baggili
Designed a network security course and labs as part of the project using Dockers and Python scripts.
MSc. - Computer Networks
Northumbria university, UK
Emphasis on Network designing and Wireless.
January 2010 - May 2011
BTech – Electronics and instrumentation Engineer
October 2005 - February 2009
SVU University, India
Emphasis on control systems.
My research has been selected as the best with in India as part of competition program conducted by IIT Madras.
Submitted various research papers on Bio-Medical Instrumentation.
Received outstanding graduate award from University of New Haven.
Received multiple employee of the month awards while working in Deloitte.
Recognized for troubleshooting and solving highest number of network issues.
CCIE written (R&S)
Currently pursuing CCIE Practicals.
In the process of pursuing AWS.
Yarramreddy, Ananya & Casey, Peter & Baggili, Ibrahim. (2018). Forensic Analysis of Immersive Virtual Reality Social Applications.
A research paper “Forensic Analysis of Immersive Virtual Reality Social Applications” has also been presented at SADFE 2018, IEEE S&P workshop.
Co-authored paper “Immersive Virtual Reality Attacks and the Human Joystick” that has been submitted for various publications.
Member of UNH Cyber Forensics Research & Education Group (http://www.unhcfreg.com ) and worked under Dr. Ibrahim Baggili for various research projects. Also attended various seminars and brainstorming sessions on upcoming forensic technologies.
Member of Upsilon Pi Epsilon, the International Honor Society for the Computing and Information Disciplines.
North Carolina Department of Information technology December 2018 - Present
Security Specialist (FULL TIME) Raleigh, NC
Audit the firewalls as part of Quarterly Review.
Implement the firewall rules and configuring Load balancer as part of the customer requirement.
Create and update our network standards and ensure that the network is deployed to these standards.
Create and implement changes on the network. Automate workflow and execution of deployments on a global scale.
Solve the complex problems as part of the customer inquiries such as routing issues or firewall related.
Implement the SAS VPN tunnels and Troubleshoot them with third party.
Configure F5 load balancers, Cisco routers, switches, and firewalls.
Create VLAN, SSL certificates on F5 LTM and apply then to the required VIP.
Create the firewall Contexts and apply to the current infrastructure.
Add the access policies such as Blacklists on IPS Infrastructure.
Audited, designed, integrated, configured and tested LAN and WAN equipment such as Cisco Catalyst family of switches, Cisco Routers, Cisco Firewalls, Intrusion Detection and Prevention.
Upgrade the current Cisco ASA firewall infrastructure.
Manage firewall/security systems by establishing and enforcing policies; defining and monitoring access.
Provision the network infrastructure to a new customer based on their requirements.
Add or Remove VLAN/IP address on Nexus switches as part of provisioning.
Work closely with colleagues to meet team goals and improve processes and practices
Infojini (client: State of North Carolina) August 2018 – Dec 2018
Security Specialist Raleigh, NC
Audit the firewalls as part of Quarterly Review. Document and clean up the rules with Customer’s Approval.
Analyze the existing firewall configurations and make the firewalls efficient.
Upgrade the firewall infrastructure.
Manage firewall/security systems by establishing and enforcing policies; defining and monitoring access.
Work closely with colleagues to meet team goals and improve processes and practices.
NSA Grant Sponsorship August 2017 – January 2018
Research Assistant West Haven, Connecticut
Identify potential research topics in virtual reality technology.
Capture the network packets for virtual reality social applications and analyze the files further forensically.
Assist with preparation of all educational and training workshops and evaluation strategies.
Explored two most widely adopted consumer VR systems: the HTC Vive and the Oculus Rift.
Examined the efficacy of reconstructing evidences from network traffic as well as the systems themselves.
Utilized my pen testing skills in identifying the vulnerabilities and the cons in the existing technology.
We were successful in finding significant amount of forensically relevant data such as user names, user profile pictures, events, and system details may be recovered.
Write and contribute to publications.
Assisted in identifying and designing Virtual Realty attacks and contributed to publications.
Beloved streets of America September 2016 – May 2017
Sr. Network Security Engineer New York, USA
Oversee security of the cloud infrastructure, serving as the main point of contact for investigating and resolving security-related issues. Develop threat and vulnerability management policies and manage SEM (security event management) system.
Virtually eliminated threats from malware, advanced persistent threats and security breaches.
Authored security architecture design documentation and standard operating procedures.
Introduced use of security metrics to mitigate vulnerability by analyzing historical threats, addressing risks/gaps/violations and implementing improved protocols.
Trained end users on security processes, procedures and risks via the company’s first security education program, which is being rolled out companywide.
Categorized support problems and responded with the appropriate level of urgency.
Performed mitigations required to protect critical resources.
Develop and carry out information security plans and policies
Develop strategies to respond to and recover from a security breach
Monitor and analyze signature-based IDS alerts and associated packet (PCAP) data
Analyze network flow data for anomalies and to correlate reporting with enterprise-wide network activity
Document key event details and analytic findings in an incident management system • Provide oversight and assessment of incident response and triage actions across a large enterprise
Identify & extract network indicators from incident reporting and published technical advisories/bulletins
Perform incident correlation & escalation.
Recommend new IDS signatures and detection strategies.
Produce final reports and review incident reports from other analysts.
Communicate and collaborate with analysts from other SOC organizations to investigate cyber events.
Assess cyber indicators/observables and collaborate in the development of IDS signatures and detection mechanisms.
Monitor and report on trends and activity on network sensor platforms.
Provide technical assessments of cyber threats and vulnerabilities
Fuse open-source threat & vulnerability information with data collected from sensors across the enterprise.
Develop, maintain and update standard operating procedures.
Lead incident response, including steps to minimize the impact and then conducting a technical and forensic investigation into how the breach happened and the extent of the damage.
Deloitte Touché Tohmatsu Limited June 2014 – May 2016
Sr. Network Engineer Hyderabad, India
Maximizes network performance by monitoring performance; troubleshooting network problems and outages; scheduling upgrades; collaborating with network architects on network optimization.
Monitoring system resource utilization, trending, and capacity planning
Upgrading data network equipment to latest stable firmware releases
Designing heat maps and monitoring the wireless controllers and access points.
Troubleshooting LAN, WAN, Wireless issues throughout the network.
Reporting network operational status by gathering, prioritizing information; managing projects.
Resolving issues tiers of support have escalated by troubleshooting cloud and local infrastructure.
Automating tasks and monitor their effectiveness.
Mentoring team members on technical issues.
Creating, oversee and test security measures (e.g. access authentication and disaster recovery).
Documenting network operating systems (JUNOS, Cisco IOS).
Provide engineering and operations support for network software loaded on client workstations for VPN and network optimization, data center services to include server load balancing and WAN optimization, and network access security to include 802.1x and client posture assessment.
Also been part of the Cloud security team for few months to assist the automation of the infrastructure.
DST World Wide Services
Nov 2013 - June 2014
Network Security Engineer
Managed network firewall engineers while applying best practices towards the successful design and development of engineering initiatives, while introducing new technologies into the operational environment
Deployed Cisco VPN AnyConnect to encrypt all remote access traffic which goes through Firewall to track users connections and activities, Radius with AD solution was deployed to assure only authorized users are granted remote VPN connections.
Provided network and system related technical support to customers, including VLAN assignments, port activations, QoS changes, and bandwidth throttling and firewall changes.
Upgraded end-of-life software licenses through vendor to meet corporate standards.
Interacts with cross functional teams from Network Architecture, Engineering, Critical infrastructure and Security to review product requirements, functional specifications and detailed designs
Generate weekly/monthly reports for management on the health of the network including key metrics and SLAs.
Monitored systems health, environmental alerts, bandwidth utilizations, and intrusion security logs. Gathered data from the network to produce and provide reports on various network metrics
Respond to security request tickets, including software vulnerability evaluation, website blockage, and firewall rule set questions
Reviewed requirements change requests and provided recommendations to Change Request Board based on Design and Risk Assessment
Identified and overseen the installation, replacement of hardware components and any configuration change s that affects security.
Created and submitted the project scope for approval of new projects to the government
Managed a decommission project to ensure removal, transportation and audit process in Service Now asset management system
Developing and creating security Standard of Operations SOP and programs for validation
Analyzed firewall rules to identify rules that can be removed and work with the appropriate teams to get those rules removed.
Created network vulnerability assessment report of about twenty 20 systems and applications to identify all vulnerability severity that pose threat to the system/application. Compiled results and presented to upper management to show high level pictorial and statistically view of system issues
Managed user VPN accounts on Information System Analytics Digital Dashboard and made sure system accounts reviewed every 180 days, removed or disabled default user accounts, Enforce password history, Set maximum password age, Set minimum password age, Set minimum password length, Set password must meet complexity requirements, Account lockout duration, Account lockout threshold, Identified user who will add workstation to domain, Identified user to change system time, Identified user who will log on locally, Identified user who will log on as a service, Additional restriction for anonymous connections, Automatically log off users when log on time expires.
Six Degrees Services September 2012 - August 2013
Network engineer Redditch, UK
Configuring HSRP and VRRP in routers and switches for gateway redundancy on client networks.
Design, re-engineer, implement, manage & develop monitoring tools, such as Solarwinds, Traverse, etc. that will be used to support business decisions for monitoring systems heart rate and capability. Solarwinds expertise is given priority.
Setup and utilize Solarwinds NPM, SDM, and Atlas, to discover and monitor a large IT network for potential problems. Problems could include network performance, power, malware intrusion, server faults, bandwidth capacity, storage capacity, server disk utilization, middleware, application performance, as well as memory and processor utilization.
Monitor the performance and capacity of network and computer systems using a variety of tools including Solarwinds, Traverse, Team Quest and other monitoring tools.
Work with the Network/Infrastructure/Monitoring teams to develop and advocate for standard procedures to respond to fault, power, capacity or utilization alerts.
Ensure the monitoring systems operate efficiently and are kept at the most current stable version/release using vendor-supplied updates and patches. Perform research and testing to verify impact of installing all updates. Coordinates vendor support and ensures positive relationships are maintained.
Develop robust reporting performance analysis from various performance reports for internal and external distribution.
Proactively identify system deficiencies and assist in root cause analysis of system issues to minimize impact and future occurrence. Escalate issues as warranted.
Review performance and capacity data and perform trend analyses to detect present and potential problems.
Assist in the design of establishing standard SLAs and system/application thresholds
Understands systems technical architecture, and able to identify the performance implications for different layers of system based on design discussions or architecture documents.
Perform analysis and maintenance of system data and analysis of opportunities for technical and operational improvements.
Execute initiatives to reduce failures, defects and improving overall performance.
Utilize industry resources to identify new and innovative techniques and best practices.
Contributes to technical presentations to educate teams on how to improve performance and capacity.
Provide capacity performance information to support technology refresh projects.
Ability to make timely recommendations to effectively solve problems, using independent judgment consistent with standards, practices, policies, procedures, regulations, and/or law.
Ability to work in a team/group setting and collaborate by providing transparency in performance results.
Ability to work in an organization that is experiencing extreme change.
Must be available for network emergencies or Major Incidents 7x 24. Some evening and/or weekend work as necessary based upon workload
Sohonet Services Ltd January 2010 – Sept 2012
Network engineer London, UK
Manage more than 600 firewalls for the customers and provide the ISP services.
Troubleshooting Frame Relay, Full T1 and WAN technologies.
Redistribution of routing protocols of client networks.
Configure traffic shaping for the optimum utilization
Configured extreme switches at Layer 2,3 and 4 level
Configuration of ASA and PIX Firewall
Configuring, Troubleshooting and maintenance of site to site VPNs
Monitoring and maintaining the customer networks
Upgrade multi-vendor network devices(routers, switches and firewall)
Train NOC staff on monitoring and troubleshooting techniques
Tech Mahindra June 2007 – January 2010
Software engineer Hyderabad, India
Managed and supported Slimline Application based on Unix and VC++
Designed and modified the application as per the client requirements
Supplied troubleshooting analysis and solutions for clients database and application issues
Monitored the daily duties and assisted the software engineer team in the absence of lead engineer
Assisted the users through the phone and also trained them in using the application.