Sign in

Security Engineer

Naperville, IL
May 16, 2020

Contact this candidate



****, ********** **., **********, ** 60564 C: 630-***-****


To obtain a suitable position as a Senior Security manager/director/senior architect utilizing my 28 years of expertise in team management, systems architecture, Systems engineering, software development and product management and managing Large software teams.



Lead Principal enterprise Cyber security architect Jan 2020 till date

Tata Consultancy Services

Lead a team of security architects and development team for improvement of architectural and security designs for client systems.

Worked on various aspects of Cloud security; Network Security, Firewalls; Segmentation; Protocols; System security; Internal/External web security; Mobile technologies and security. Principle security architect specialized in infrastructure security and data protection.

Strong knowledge of HIPAA, Securing data in motion, data at rest, TDE,FLE; Experience in Voltage; Application vulnerability review, XSS, DDoS, etc; Securing applications on cloud against attacks; Experience in identity management, key cloak, SSO, IDS/IPS etc.; Familiarity with Micro Services, APIM; Work with IT Security to identify application security requirements; Secure applications on cloud against attacks

Products and technology: CASB, Cloud, Active Directory, Symantec, RSA (Access Manager, SecureID, SEIM), PKI, F5, Authentication, Authorization, user provisioning and web access systems of all types, Azure, scripting, automation, isolation, private/secure cloud hosting, Container Security Kubernetes, Infrastructure security, Zero trust networking.

Reported security status weekly to directors and management bi-weekly.

Principal Cyber security architect May 2018 to Jan 2020

T-Mobile, Bellevue, WA 98006

Worked within the Cyber Strategy and Technology organization as a leader providing cybersecurity architecture technical knowledge, thought leadership and consulting services with the telecom and enterprise lines of business in cybersecurity for the development of cybersecurity architectures and solutions that address long-term strategic objectives and fulfill risk management strategies enterprise wide.. Professional experience in various security technologies from next gen firewall, endpoint protection, cloud security to data loss prevention, data encryption and privilege access management. Successful professional career focusing on strategic planning, architecture design and project management. An accomplished team leader capable of communicating with people at all level.

Lead the development and improvement of architectural and security designs for client systems.

Products and technology: CASB, Cloud, Active Directory, Symantec, RSA (Access Manager, SecureID, SEIM), PKI, F5, Authentication, Authorization, user provisioning and web access systems of all types, Azure, scripting, automation, isolation, private/secure cloud hosting, Container Security Kubernetes, Infrastructure security, Zero trust networking.

Responsible for technical leadership of the vulnerability, risk, threat Vector program securing Cloud, Mobile & Endpoints, 5G, Email, DNS, and Web. Collaborating with stakeholders throughout the organization to measure and implement Cyber Security Controls, develop robust architectures and secure our customers and the enterprise.

Create and maintain the program roadmap and technical strategies; report to senior leadership

Actively involved in evaluation process and implementation of CASB technology for Cloud Security, Ransomware recovery solutions, Secure Email Gateway, Endpoint security solutions and many other security solutions.

Collaborate on Cyber Security across the Technology organization to ensure alignment and foster working relationships

Participate in design reviews for the most critical projects that impact privacy and/or security, including enterprise and 5G product offerings

Proven capability to implement solutions at scale with infrastructures spanning public cloud, private cloud, on premise, and hybrid solutions.

Experience architecting, engineering, and managing complex, highly available, geo-redundant IAM, including PKI, Risk based authentication, two factor, strong & multi-factor authentication and federation and Security Services at large scale. .

Experienced with Risk Management, conducting security and risk assessments, threat and vulnerability assessments and remediation.

Lead role in 5G security in identifying the upcoming 5G standards Vulnerabilities, Risk and threats and architect solutions for those issues.

Lead role in Narrow band IoT architecture, Cloud security architect, Network slicing, NaaS, PaaS, SaaS, IaaS Machine to machine communication, enhanced mobile broadband and Mobile edge computing.

identify & Access Management Principal Architect with Consumer Data Protection as the highest priority. Protector of High-Risk Transactions, Credentials and Protected Data Classes within diverse frameworks from Application Monoliths to Micro services, APIs and third-party data aggregation events to a Client browser.

Application security experience in ethical hacking, well versed in security protocols, software security techniques, strong cryptography skills, malware, IDS/IPS and firewall experience, threat vector analysis and modeling skills.

Zero Trust mind set, Zero Knowledge proof of Identity Advocate. Obsessed with encryption and privacy enhancing technologies.

well-versed in security protocols and in software security techniques; have strong cryptography skills, experience with malware, intrusion detection and prevention and firewalls.

Performed security assessments for on-going projects: both Architecture and Implementation/design/Code Reviews. Contributed in building secure architecture for the new projects or determining Vulnerabilities, risk and threats on existing ones.

Worked as a security advisor helping to establish secure development activities during solution development. Communicated with end customers and teams, convey the message about importance of security, the ways of establishing it and the wrong ways of enforcing.

Knowledge of OWASP Security Development methodologies; Knowledge of main Security-related activities in development such as Vulnerabilities, Risk, Threats and Privacy Assessment, Security Code Review

Knowledge of most common implementations of the Threats (e.g. XSS, SQL Injection, XSRF, buffer overruns, brute force, DoS etc) and how they affect the customer system.

Understanding of main areas of protection (Confidentiality, Integrity, Availability, Privacy) and levels of defense at each level (networking, infrastructure, OS, Application).

Familiarity with existing security standards (e.g. PCI DSS, HIPAA, NIST). Familiarity with the tools for various security activities: Static Code Analysis, Pen Testing, Intrusion Detection/Prevention. Experience with VAPT and familiarity with common security vulnerabilities, ability to assess severity.

Solid understanding and practical approach to principles of infrastructure security in operational networks and applications.

Explore and integrate new cybersecurity technologies, processes, and capabilities.

Subject matter expert to executive leadership on a range of cybersecurity best practices, architectures, solutions and technologies.

Provide strategic and tactical cybersecurity guidance for technology (informational and operational) projects, including the evaluation and recommendation of technical controls.

Experience in developing cyber architecture and in meeting similar responsibilities and cyber outcomes

Strong working knowledge of Cyber Security threats, vulnerabilities, and risks

Knowledge and practice of formal architecture methodologies such as UML, MDA, or TOGAF.

Senior security engineer Feb 2015 to Mar 2018, Naperville, IL

Member of Technical Staff, Nokia

Perform Vendor technical management for security services products. Interface to other internal Business Units and external third parties for selection of security services and new architecture needs.

Perform Definition/need/analysis for new Security Services and its management on AWS cloud.

Preparation of Security services status and reports to upper management including metrics and KPls.

Define rules for Software Whitelisting Operations, perform Vulnerability Scanning and Assessments.

Experienced in setup of SIEM configuration Network Hierarchy, automatic update of configuration files for capturing security logs, configuring system notifications, data retention and defining whitelisting and blacklisting of security violation events.

Daily Security Log Management and follow up on security tickets from IBM QRadar SIEM. member of Cyber security response team. hands-on experience analyzing high volumes of Security SYSLOG/SIEM security logs, network data and other artifacts in support of incident investigations.

Cyber Security Architect for Security Logs using BIGDATA and AWS Amazon cloud for storage and SPLUNK analysis tool. Extensive experience as architecture, engineering, and operations of SOC/SIEM platform QRadar, Splunk).

Experience is setting up collector/compute environments for Hadoop BIGDATA apache framework and testing for the framework. Responsible and architect of SIEM Security logs on AWS cloud and using Splunk tools for analysis.

Perform Anti-malware and anti-spam on infected devices,

Network Firewall and VPN, Security Proxy Management, Tipping point NIDS/NlPS configuration and monitoring

Host intrusion prevention system installation and configuration and monitoring logs.

Knowledge of information security regulations: PCl, GLBA, and Safe Harbor.

Knowledge of various industry and government strategies and standards in privacy and security including lTlL, COBIT, ISO 27001, and NIST standards.

Knowledge of current and evolving Information security technologies that cover all levels of lT architecture including those that affect business processes, data analytics, identity and access management, network security, End -point security, Application Security, threat modeling, analysis, intelligence and network and systems infrastructure.

oral and written communication skills that enable to break down complex concepts into simpler ideas that nontechnical people can understand;

Nokia BIG DATA Analytics senior systems engineer (June 2011-Feb 2015) Jan 2010 to Feb 2015

Member of Technical Staff

Worked on BIGDATA CMDS (content management delivery system) application on a small team in various capacity/roles as Architecture, Sys. Engr, tester, deployment and field customer support project for 5 years.

Responsible architect and system engineer from a small team of 15 engineers with varied tasks to deliver the project from concept to successfully installation at Verizon customer sites.

Architected the collector/compute environment and capacity/performance of Hadoop environment blades to perform the known load analysis for customer analytics.

Interface with vendor suppliers HP, Splunk, Spirent and others to define the technical needs and deliveries. Evaluated technical alternatives for selection of vendor products.

Managed and played active hands on role in multiple aspects of project hardware selection, software OS selection, application and its interface, system engineering and architect to all the way to customer site installation and acceptance testing.

Senior systems engineer/architect/team Lead manager Aug 2001 to Jan 2010

Alcatel- Lucent Technologies, Naperville

Possess breadth and depth of knowledge in various OAM and call processing aspect of Switching and wireless technologies for product delivery and people management of team.

Expert on OAM FCAPS capabilities and call processing in SEA role - Fault Management (FM), Configuration Management (CM), Accounting and billing (A), Performance and Security aspects of OAM (LCP, 3GMSC, 4ESS, 1ESS, Autoplex). Worked on OSS interfaces using SNMP or CORBA, Subscriber provisioning on 3GMSC.

SEA role on RF tools for LTE, EVDO, CDMA, WCDMA. Responsible for requirements final test verification customer presentations/training and documentation for the eDAT enhanced data analysis RF tool and WTA Wireless call trace analyzer tools and capabilities for LTE, WCDMA. Responsible for CEMUG presentation and performed Verizon training for tools.

CLT/NLT System test and Lab Architect for 7750 for subnet, VLAN port mirroring setup on 7750 routers. architect for setting up the port mirroring and VLANs in lab for 7750 routers.

Define service end-points between disparate components using different OS and platforms. Setup port mirroring, sub netting and VLANS for application in LAB environment and wrote architecture documents for networking.

Experienced in providing knowledge transfer on usage of the solution and the best practices and to develop and conduct customized training sessions as necessary. Integrated the implemented solution into the customer’s business process, if applicable and finally become a trusted advisor to the customer in the solution space.

Assisted the Sales team in responding to RFIs/RFPs. Have proved around multi-million $ as ROI using the deployed solutions in field. Integrated software update and retrofit techniques. Implemented reduction in downtime for Retrofit applications for real time systems of Verizon sprint and KDDI Japan saving millions of dollars in customer revenue.

Manage team across globe. As a team leader resolved problems logically and systematically. Managed team work priorities, team work load balancing, adjusted work assignments to deliver the product on time and quality, Responsible for personnel feedback, performance rating and other daily administrative task.

Sr. Product Manager July 2000 to August 2001

Motorola - E12 Level Arlington Heights, I

Product manager developed customer/market perspective for High Availability platform (HAP) - new platform roadmap across multiple product line of Motorola like BTS, RNC etc.

Defined feature sets and deliverables of each phases of product needs as per market.

Entertained application customer proposals for new features, balanced customer/market needs and translated to technical requirements at the platform/application level.

Perform Life cycle management of HAP platform and its evolution path. Coordinate HW/SW/vendors/suppliers and end user testing result inputs for enhancements to HAP platform. Front-end interface responsibility with application customers for the WhiteSmoke Common Control Platform hardware and software. Functioned as a technical lead of a team (35 people, geographically disperse) for the Architecture, Design and Development of components of HAP platform. Handled product management & technical issues with development team on daily basis to provide direction to project and resolve any major obstacles.

Develop customer/market perspective for platform hardware/software roadmap. Support customer proposals for new features; define customer/market needs and requirements at the application level. Work with both ends - development teams and customer on feature prioritization/estimation and delivery buckets.

Review new development feature technical requirements Support review and approval process for new features commitment. Coordinate responses to questions from application customers and support application's end customer technical point-by-point responses. Work with Application Groups to design specific configurations to fit their needs. Develop, maintain and deliver technical product presentations, roadshows, etc. to PU’s for HAP.

Serve as HAP front-end process point of Contact for Motorola PU’s. Defining requirements from PU. HAP consultant to PU and advocate of PU issues. Gained operational knowledge of Motorola’s PU’s.

Communication of HAP project status, issues, release plans, etc. Issues like HAP Platform needs – technical, cost & support, product schedules, current implemented technology, architecture, and application interface to PU’s.

Help define PU their HAP Reference Configuration. Negotiated PU priorities for HAP features with HAP team. Estimated/Forecasted PU unit volumes using HAP system. Negotiate PU Market / Feature requirement definition, Architecture, Development, and Systems Engineering.

Technical Area of Focus were Applications, OA&M, HA Framework, Component Mgmt., OS, Drivers, Protocols, etc.

Expertise and skills in:

IT/enterprise/telecom Security, BIGDATA, Hadoop, CDMA, LTE Wireless architectures, Backhaul and RF tools and support. Demonstrated knowledge and hands on experience in various protocols and tools: TCP/IP, Subnetting,

VLANs, routing protocols, TCP optimization, Video optimization, QoS, Wireshark, Spirent, TCP optimization, Video optimization, IT security and Security principles.

Experience with a wide range of security technologies including SIEM, IDS/IPS, malware analysis, data loss prevention and vulnerability scanners

Network Routing experience using Layer 1 Wired & Wireless Access Technologies, Layer 2 Ethernet,

Layer 3 Transport Protocols, and Internet Protocol / Multi-Protocol Label Switching.

Knowledge of IT infrastructure to include: DNS, DHCP, VPNs and Internet Protocol / Multi-Protocol Label

Switching, DNS, DHCP, VPN, TCP/IP networking and IP routing protocols including BGP, OSPF.

Expert and consultant on operations capabilities involving System failures, Configuration Management,

Accounting and billing, Performance and Security aspects of network elements utilizing SNMPv3 and other interface protocols, KPIs for network performance measurement

Manage and perform IoT Network level testing of large-scale multiple IP/telecom networking projects.

Demonstrated track record of successful sales support and/or business development through RFI, RFPs.

Support pre-sales RFI/RFP activities as System engineer.

Education and Training

M.S: Computer Science Networking (3.92/4 GPA)

Computer Science Networking, Illinois Institute of Technology Chicago, Illinois

Bachelors Electronics & Communication Engineering

Electronics & Communication Engineering, Maharajah Sayajirao University of Baroda Baroda, India

Availability: Willing to relocate, References: LinkedIn Profile:

Quick learner (without formal training) self-motivated.

Demonstrated ability to handle and turn around critical/controversial situation in relationship building way with calm and composure with focus on resolving issue.

Technical Project Management, Security Audit and Remediation, Public Key Infrastructure, SIEM management (QRadar), F5, Change Management, Encryption Architecture.

Managing day to day tasks & performance evaluation/appraisals of large teams spread across the globe.

Innovative mindset, ability to change status quo

Strong relationship management & team building skills across cross-organizations

Strong positive leadership and consulting skills

Excellent team building skills and ability to work across cultures.

Leaderships skills, Management Consulting, Security Consulting, Security Architecture and compliance, Project Management, NIST 800-53 Security Program development.

Contact this candidate