Security Engineer
Resume:
KSHITIJ TIWARI
Address- ** Krueger Court, Society Hill, Newark-07103, NJ
Contact- +1-973-***-****, +1-862-***-****
Email- ************.****@*****.***
DOB- 10th January 1990
NETWORK SECURITY SPECIALIST
Certified security professional with 9 years of experience and expertise in designing, implementing, and troubleshooting network infrastructure and security. Proven record of mitigating security vulnerabilities in order to improve infrastructural security as well as efficiency while aligning business processes with network design and infrastructure. Worked on multi-vendor security platforms/solutions (Cisco- Palo Alto – Fortinet – Checkpoint), gaining broad range of experience and applying the same while performing duties in diverse environments. Superior capacity to solve complex problems, work independently on large-scale projects, and thrive under pressure in fast-pace environments while directing multiple projects from concept to implementation. Worked towards strengthening organisational infrastructure against cyber-attacks and threats. Have been a part of OEM TAC and ability to work and bring multiple issues simultaneously to closure.
PROFESSIONAL CERTIFICATIONS
PCNSE Certified (PAN00192534)
Fortinet- NSE4 (ID-FORT057516)
CCNA/CCNP (Cisco ID: CSCO12062333)
AWS Cloud Practitioner- Training Course Completion
CNSS Certified Network Security Specialist
MCITP (Enterprise Administrator) Certified
EDUCATION
B. Tech in Electronics and Communication Engineering from B.S.A.I.T.M., Maharishi Dayanand University, Rohtak, India
2007-2011
68.7%
Postgraduate Diploma in Information Technology Management (PGDITM) from Symbiosis Center for Distance Learning, Symbiosis University, Pune, India
2014-2016
71%
PROFESSIONAL EXPERIENCE
Tech Mahindra Ltd (29th May 2019 - Present)
Technical Infrastructure Management (TIM) Lead
Business Process Services (more than 90 clients/ 800+) projects.
Governance and handling technical queries for a team of 10 members supporting multiple projects in a 24x7 environment. Pioneered this team from the starting phase in TechM which now supports across 24X7 environment globally.
Conduct risk assessments and collaborate with clients to provide recommendations regarding critical infrastructure and network security operations enhancements.
Support business continuity processes like Disaster Recovery (DR) and Continuity of Operations (COOP) along with activities like Annual rule review, regular changes/tickets.
Draft technical manuals, process manuals, installation documents, and incident response plans, system compliance reports in order to enhance system security documentation.
Engagement in resolving SIM (Severe incident management) and highly impacting incidents over bridge calls and joint troubleshooting with other domains while ensuring resolution within Target SLA’s.
Conduct risk assessments on security devices and collaborate with clients to provide recommendations regarding critical infrastructure and network security operations enhancements.
Identifying security vulnerabilities/weaknesses and closing them by taking appropriate patching/security action.
Supporting different VPN solutions like Fort client, Global protect and any connect
Monitor, detect, identify, triage, track and resolve information security incidents received through various sensor sources and reporting channels.
Influence and improve upon existing processes through innovation and operational change.
Understanding the business requirement and suggesting the best security devices available in market to support. Involvement from planning to implementation phase.
Aricent Technology Holding Ltd (27th October 2016 -26th May 2019)
Network Security Engineer at
Cisco TAC project
Worked on ASA/FTD/Firepower/Sourcefire, Failover, NAT, PAT, Application inspection, high availability, Traffic zones, policy-based routing scenarios.
Restoring Network down scenarios and Provide workaround with RCA (root cause analysis).
Dealings in Cisco ASA/Cisco FTD, Fire amp, connectors, Zone-Based Firewall, Next-Generation Firewall (NGFW) features such as SSL inspection, user identity, geolocation, Malware Analysis, vulnerability assessment. Migration from ASA to FTD and FTD to ASA. Traffic redirection to service modules.
Real-time troubleshooting of complex & sensitive network related issues ranging from packet drop to complete network connectivity loss, with enterprise customers like Financial Organizations, Service Providers, Universities, US Government federal organizations.
Reviewed technical designs brought by customers to ensure the fulfilment of project aims and user's needs. Suggest customer new hardware in case the device is oversubscribed.
Devices: ASA5500, ASA5500-X, IPS, FTD-21XX, FTD-41XX, FTD-93XX, FXOS-chassis, ASA5500-X with firepower services, ISR routers
Cisco Small Business Devices: Wireless access points, SPA phones, Routers with VPN and wireless capability and Switches with PoE and stacking capability.
Basic Linux and Virtualization knowledge as Firepower Threat Defense Center/ Next-generation Firewall are dependent on those technologies
Accomplished and documented security-related activities to maintain network security and data reliability.
Member to a team of professionals responsible for the implementation, design, test, analysis, administration, configuration and troubleshooting of LAN/WAN infrastructure for customers
Providing plan and support to customers in Network Migration, upgrade, downgrade activities.
Collaborating with cross-technology teams to work on complex customer issues.
Bechtel India Private Limited (6th October 2014-21st October 2016)
Network Operation Centre (NOC) analyst
INFRASTRUCTURAL IN-HOUSE support.
Servers/Switch/Router/AD/Exchange monitoring/reporting from Orion/SCOM.L1 Router/Switch troubleshooting and root cause analysis.
Working on PALO alto firewalls, doing basic activities, policy, NAT, backup, VPN.
Escalation and call logging with various ISP’s across the globe like Sprint, Cogent, Zayo, AT&T etc. Coordinating with Core Network teams in case of Network issues and informing customers.
AD Site and services management including creation/modification/replication of new sites. Adding/Removing IP subnets to Ad sites and services.
Data centre tasks- Server promotion/decommission, Load Balancing on Hitachi/Windows/Net-app storage devices, setting up new shares with DFS linking.
Troubleshooting on virtual and physical servers remotely via Xen centres, VMware and ILO respectively.
Scheduling and rebooting servers after Microsoft patch deployment. Schedule/Monitor Backup and restore using Shadow copies, Avamar Net backup.
Ensure Network Operations notification and escalation procedures are accurately followed
Account Migration using Dell Migration tool across domains. Account migration across domain including exchange mailbox (Exchange 2k10).
Problem identification, troubleshooting, resolution or escalation within SLA. Ensures proper
documentation, notification, escalation, tracking, and follow up of all incidents.
Coordinating with Project IT leads to share the project Requirement and taking action to fulfil them.
HCL Technologies, Noida (1st July 2013-30th September 2014)
Analyst
FedEx Operations
Working on incidents received over monitoring tools HP OVO, Ticketing tools HPSM.
Monitoring of servers and network devices via alerts and health checkups.
Troubleshooting of network devices and maintain maximum efficiency of devices
Installing, configuring and maintaining Win2K3, Win2K8 Servers along with User account management, File and Printer administration.
Remote Monitoring of hosted infrastructure (which includes- Virtual Servers, Windows 2003/2008 Servers, Linux Servers and applications) for Performance, Server and Application uptime, Utilization monitoring and along with responding on the alerts generated.
Ensure that system uptime and incidents responses meet service level agreements with business units and customers.
Work closely with the service desk, customers and other teams to resolve incidents as needed and build a streamlined process for the future incident resolution.
Effectively notifies business units and clients of incidents impacting services and any outages.
CCS Computers Pvt. Ltd. (20th Oct 2011-10th October 2013)
Network Engineer
Indian Navy (Ministry of Defence) Operational Support.
Technical Coordination with Communication Network Centre Indian Navy New Delhi on Network related matters.
Configuration, provisioning and management of all Cisco Equipment. Setup includes Cisco 6509, Cisco 4507, Cisco 3750 L3 Switch and Cisco 2950 L2 Switch.
Providing IT Security and ensuring reliable connectivity using Cisco devices.
Configuration of network devices involving concepts of static Routing and inter-Vlan Routing. VLAN, VLAN Trunking Spanning Tree, BPDU, CDP, ACL, Static Routing, Ether channel, portfast, Ethernet, Fast Ethernet
TECHNICAL EXPERTISE
Security/Firewalls Technologies: AAA, IPS/IDS, NGFW, TACACS+, RADIUS, IPSec, SSL remote, Data Management Zone, threat detection, Public Key Infrastructure (PKI), DOS attacks, Port Security, MAC Address Filtering, IPS/IDS, NPS, Application filtering, sandboxing, Web Filtering, inline/transparent mode, FTD’s, FMC, Panorama, Fortianalyser, Fortimanager, Checkpoint SMS.
Hardware/Platforms: Checkpoint 5000, 12400, 4200
ASA 5500 series, FPR 2100,4100, FMC 2500, FTD
Palo Alto 220,820,850, 3260 M-100, VM-500
Fortinet -200D 300D, 600D, E series, Fortimanager VM64, Fortianalyser
Cisco Routers (2900, 1900, 800 Series),
Catalyst Switch (5500, 4900, 4500, 3750, 3100) and L2 switches
Connectivity: EIGRP, VPLS, VTP, HSRP, NAT, PAT, RIP, RIPv2, OSPF, OSPF Virtual links, ARP, TCP, UDP, WAN, LAN, TCP/IP, Spanning Tree, Stub Routing, multicast routing, SVI, CEF, VRF, VTP, SNMP, SNMPv3, ARP, Multi-Area OSPF, STP, BPDU, GLBP.
Enterprise Technologies: DNS, Windows 98/2000/XP/VISTA/7/10, Exchange 2003/2008, Active Directory, Networked Printers, MAC, RDP, FSMO roles Security, IP Routing, HTTP, VPN.
Monitoring Tools/Apps: Wireshark, VMware, Solarwinds, Riverbed, HP OVO, F5 Big-IP load balancing (LTM), Orion, SNMPv2c, SNMPv3, DNS, DHCP, FTP, Telnet, HTTP(S), SMTP, tunnelling protocols, PPP, SFTP.
Contact this candidate