Security Manager
Resume:
Mohammed Mukkaram
adf7wq@r.postjobfree.com
SUMMARY
Security professional holding extensive experience in Network Security and Cyber Security.
Rich experience across systems/network architecture, installation, security administration in local and remote environments’.
Implementing and administrating Zscaler Private Access and Zscaler Internet Security for all TR users.
Configuring and managing Global Internet security policies, DLP, Firewall policies via Zscaler Cloud portal.
Configuration, administration, Migrating & troubleshooting of, Palo Alto, Juniper SRX, Juniper Netscreen, CISCO ASA and other security devices.
Collaborative Assistant Project Manager, working closely with Project Managers and other technical team members to provide support on Cyber security [1Ad domain migration] & Firewall cleanup projects.
Experienced in Cyber security tools like SPLUNK, Bit9, Cyber Arc, Arc sight & Sisense.
PCNSE Certified.
ITIL V3 certified.
Exceptional ability to deliver clear and accessible public presentations
Good problem-solving and leadership skills.
Strong skills in identifying operational issues and recommending solution strategies
A creative support professional with a record of increased responsibility.
PROFESSIONAL EXPERIENCE
TechMahindra, Pune Hinjewadi [Nov2019- Present)
Associate Security Architect- supporting Credit Suisse & Thomson Reuters
Migrated all 3rd party vendors IPSEC/GRE tunnels from AT&T managed legacy network to newly setup OCN Network and BT deployed MPLS circuits.
Installed and configured PANORAMA for all the HUB & SIGMA site firewalls & moved all the firewalls under different DEVICE groups for ease of management and control.
Configured Log collectors and syslog for Critical and sensitive events from Panorama to CA Spectrum and SIEM tools.
Implemented ZSCALER CLOUD security covering Private access and Internet security solutions for TR users.
Configuring Zscaler Application segments, Server groups and security policies to enable remote access of Home grown applications from public network.
Configuring and managing Zscaler Internet security policies and IP sec tunnels to apply and control all users Internet traffic.
Deployed all Sigma site PALO ALTO 5020 firewalls, Created Vsys, Virtual routers and security policies.
Implemented Application Override policies, PBF and QOS policies for traffic shaping and enhancing network performance in custom network and to solve connectivity issues.
Real time troubleshooting in production networks to identify and solve issues related to network security.
Genpact, Hyderabad, India (March 2016- NOV 2019)
Senior security Engineer- supporting COX communications (ISP)
Configuring Zone Based Firewall, Security & NAT policies, Site to Site VPN tunnels on Juniper SRX, Net screen, checkpoint, Palo Alto firewalls.
Supporting all 300+ Juniper FW’s and other security devices owned by COX including 16 egress (perimeter firewalls) Palo’s.
Weekly syncs [Reviewing & synching candidate and running config] on all devices through management servers.
Taking Threat Application packet captures Monitoring app logs and SNMP traps and URL filtering on Palo Firewalls using PANORAMA.
Working with application teams to understand and help them layout security rules/parameters for all new app roll outs.
Packet captures and session flow monitoring to troubleshoot live issues evolving in the environment.
Creating and administrating SSL VPN profiles on Global protect and Juniper SSL VPN concentrators.
Configuring Active/Passive or primary/secondary nodes for high Availability.
Ensuring all the requests coming in queue are in line with company’s security policies before implementation.
Creating static routes and Virtual routes on virtual systems.
Configuring and maintaining Site to Site or L2L VPN with all Cox vendors on different security devices {Palo / ASA}.
Creating VIP’s, Service Groups and Virtual servers on A10/Net scalar Load balancers.
TLS /SSL, weight and persistence configuration on SLB’s and GSLB’s
Creating and binding certificates for VIP’s
Genpact, Hyderabad, India (Jan 2015 – Feb 2016)
GE Global Resarch- Network security analyst
Network support
Monitoring & Resolving HP NNMI device down/ utilization alerts.
Adding L2/L3 VLANS, Allowing VLANS on trunk ports.
Configuring and Managing all GRC owned L2 devices.
Adding /modifying static routes.
Upgrading IOs versions during maintenance windows.
Checking logs on panorama and smart view tracker.
Creating and updating category based ACl’s.
Creating firewall rules on Checkpoint and Palo Alto Firewalls
Troubleshooting issues related to port security and network latency.
First point of contact for any network issues.
Genpact, Hyderabad, India (Mar 2014 – Dec 2014)
GE O&G Cyber security - Assistant Project Manager
1AD domain migration/ Firewall rule cleanup project-
Reviewing and understanding the need for existing firewall rules/ Tunnels between vendors and GE O&G.
Working towards eliminating whole DMZ domain.
Using Skybox firewall manager to find the repetitive rules between zones.
Working with app owners / infrastructure owners to renew the policies using SC work flow builder.
Working with technical teams to remove all legacy/unused rules sitting on firewalls.
Issue Assessment, Remediation and Reporting
Review and interpret plans and specifications.
Design tools, reports, charts and graphs for senior management to provide ongoing, at-a-glance summaries of project status.
Querying issues and concerns in real-time using Service Now.
Responsible for Assess and rank severity of issues and queue management.
Setting up meetings with issue owner and expedite plans as needed.
Working with project team to discuss fixes as needed.
Managing Metrics and Dash-boarding, track and report progress of efforts
Working with Corporate OneAD team to address concerns.
Working with Citrix, GAMS, Network, and Application Owner to expeditiously resolve concerns& Help local teams eliminating migration roadblocks.
Provide periodic status update.
OneAD PC and account domain cleanup
Understanding root causes of migration defects
Proposing re-mediations for migration defects, reach out to users to pilot solutions
Rolling-out migration for remaining machine exceptions (currently about 3000 PCs)
Cleaning-up remaining accounts (currently about 8000)
OneAD Server Migration
Understanding server migration processes, working with corporate and O&G teams to refine the migrating procedures.
Identifying target servers for migrations, execute pilot migrations
Working closely with O&G and corporate teams to plan and execute server migrations.
Help and follow-up potential server issue resolution.
Genpact, Hyderabad, India (Apr 2012- Feb 2014)
GEHC-Cyber Security specialist - Administrating Splunk, ArchSight Parity Bit9.
Carbon Black- Bit9 Parity admin:
L2/L3 admin support for Bit 9.
Deploying bit9 on all the secure zone servers.
Creating, installing security policies and pushing updates on all clients.
Process the alerts received via E-mail notification, Work and troubleshoot Bit9 agent install issues.
White listing or black listing the files and other content as required.
Remediate clients that are not receiving updates or reporting to Bit9 console and identify root cause.
Review applications that are blocked by Bit9 and Monitor Client health status.
Drive Weekly client call presenting Metrics:
{Blocked file report, new files detected report and disconnected machines details.}
Review any changes to potential risk files Co-ordinate with Bit9 vendor as required
Splunk & HP ArcSight administration:
Working with Dashboards and data monitors
Viewing queries and ESM reports
Searching events and managing content
Configuring SPLUNK forwarders
Searching logs, standard queries for extracting reports from web console.
Investigating, monitoring & Co relating events
Genpact, Hyderabad, India (May 2010 –Feb 2012)
Windows AD/DNS-DHCP and Account Administration-L2 role
DNS- DHCP Support
Installing and managing DNS and DHCP services on ~150 MS servers running BIND.
Securing DNS DHCP servers by installing Bit9 Parity.
Monitoring of DNS/DCHP services and Administration of Linux Monitoring Server using tools
provided by GEHC.
DNS/DHCP administration. Ex: Add/change/remove DNS records, add/change/remove
scopes, server configuration. Accept and resolve Incidents and Work flows.
Work with Command Center for all critical issues related to DNS/DHCP.
Day-to- Day Troubleshooting related to DNS/DHCP. Creation and updating of DNS/DHCP
SOPs and scorecard Provide process improvement recommendations.
Active Directory
Supporting Production, Development, Staging, LAB and Engineering domains of GEHC.
Daily monitoring of all domains, account administration etc.
Creating and managing Group polices and OU’s under different child domains.
Administration of AD Groups. Migrate PCs across domains when needed during integrations.
Managing Logon scripts Group Policies and user accounts in all domains.
Work with End user for resolving incidents for respective technology. Generate reports as when required/requested.
Work with Command Center for all critical issues related to AD Infrastructure.
Identity Management:
Resolve cases related to applications {GLPROD, BIOPROD, HYPERION, PRODERP etc.} Escalate any unresolved cases to the on-site or L3 team in a timely manner as per the laid down process.
Update and maintain documentation related to Provisioning support.
Support on Stage SSO Process.
Work with Corporate IDM team for replication policy and other issues.
Proactive Monitoring on infrastructure and application functions. Example: Active sync errors, OHR issues, CDI Admin cleanup, etc.
Support on GEHC compliance and Audit related requirements.
Work with Command Center for all critical issues related to IDM.
Genpact, Hyderabad, India (April 2009 –April 2010)
Technical Associate: Incident Manager -
SME for high priority issues and escalations.
VPN troubleshooting, installation and access request process.
Worked on Citrix server and applications for access issues and resets.
Worked in the Web team for handling web cases, open-pending and re-opened cases.
Managing team individually in Peak/Off Peak hours and maintaining SLA (Service Level Agreement) as per client’s requirement.
Creating and maintaining the internal website for training data and various other links used by team as Knowledgebase.
Managing Incidents and routing it to correct work groups, follow ups and incident closure.
Maintaining the E-board Entry portal used for recording the Ticket History worked by helpdesk agents using MS Access as the database.
Publishing daily team reports, metrics and Team performance analysis.
Preparing/analyzing reports about the incidents created and determine root causes/corrective plans.
Handling a team of 18 people, training them on technical and instrumentation product related information. Voice Coach for the Lead Management calling process. Remote and live barging of calls, assessing call quality, giving feedback to agents and publishing weekly scores.
Preparing/analyzing reports and process flow, determining root causes/corrective plans and conducting weekly reviews.
Genpact, Hyderabad, India (April 2008 –April 2009)
Process Associate: IT support Analyst-
Responsibilities included resolving trouble tickets/cases raised by end users from remote locations and handling/troubleshooting their issues.
Handled IT Core and Application issues including MS Office suite, Remote network issues, VPN, Citrix and domain servers.
Business Applications include: Mainframe simulators, Business Objects, Team center, Kronos and other critical applications.
eation of tickets in HPSD CRM, understanding the importance of issue and apply the required type of Priority and Severity before dispatching it to the right team.
Escalate calls to Onsite Support Teams on case-to-case basis by documenting cases in the CRM and assigning it to the Support Team.
Educational Qualifications:
BCA (Bachelor OF Computer Applications) (First Division)
MIMCS Osmania University Hyderabad, India.
Higher Secondary Certificate
M.N.R Junior College; Hyderabad, India
TECHNICAL PROFICIENCIES
Network & Cyber security domains.
TCP/IP protocols
Routing & Switching.
CCNA security- CIA, Zone based firewalls. Proxy & VPN’s.
JNCIA - Juniper SRX & Juniper Net screen firewalls
Palo Alto- Panorama –security policies, Multi Vsys, Virtual routers, PBF, URL filtering, Threat prevention, DDOS protection & VPNS
Checkpoint Gaia & Splat
Cisco ASA
A10 and CITRIX Net scalar Load balancers – configuring and upgrading
Active Directory & DNS/DHCP Administration
Windows technologies - Failover clustering, IPAM, WSUS, SCCM,SCOM,SCVMM and hyper V
Cyber security tools- SPLUNK, SISENSE, Cyber ARC, ARCSIGHT and bit9.
Trainings and Certifications:
PCNSE Certified.
ZPA Certified.
ITIL V3 Certified.
Lean Certified.
MCSA Certified.
Personal Details:
Name: Mohammed Mukkaram
Nationality: Indian
Email:adf7wq@r.postjobfree.com
Contact this candidate