Security Information
Resume:
Vijay Kamble "Cyber and Cloud Security Architect"
Experienced Leader with over 16+ years in multiple domains and team management of cyber Security and planning at the local, regional, and enterprise levels. Broad technical knowledge and proven application of analytical processes, with hands-on experience beyond the technical arena, including emergency operations, physical security, and strategic planning. Design security models, specify security functions and identify components with which to implement and integrate security features into new and existing enterprise technology infrastructure and business applications. Document user and business requirements for system confidentiality, integrity, and availability. Use these requirements to develop high-level security specifications using security models, implementation targets, and protection profiles.
An experience in the area of Cyber/Cloud/Perimeter/endpoint/data/Network & Security Engineering with hands-on experience in managing, administering, engineering large Corporate Cyber Security Infrastructure, SOC & IT Enterprise Security Management. Define the security features required to support security model specifications. Develop security performance specification and security validation plan, to include metrics for verification of correct implementation and validation of security effectiveness.
Develop security performance specification and security validation plan, to include metrics for verification of correct implementation and validation of security effectiveness. Identify tasks required to integrate system security features into existing infrastructure and applications without detriment to system performance. Review security performance metrics and make architecture or engineering adjustments as required to maintain security policy compliance. Conduct thorough post-mortems of all security incidents and engage non-security technology teams where appropriate.
Define the security features required to support security model specifications. Evaluate enterprise and application security design alternatives, including but not limited to control enforcement capability, ease of use, and cost. Proactively anticipate security threats and identify areas of weakness in enterprise technology infrastructure and business applications., Conduct reviews of security architecture and platform/service designs, and audit source code. Drive open innovation in product security best practices through industry collaboration. Provide product security related coaching and mentoring to elevate the security expertise of development teams. Develop in-depth security architecture, design, and coding standards across infrastructure, application, and data security, to drive a standardized set of security requirements, and align with internal policies and meet external compliance/regulatory requirements. Perform threat modeling
EDUCATION/TRAINING/CERTIFICATION
Masters of Business Administration from Sikkim Manipal University Information Technology, Mar 2009
Diploma in Industrial Electronics Engineering from M.H. Saboo Siddik College of Engineering, 2002
Certifications:
Completed CCNA Certification
Completed CCSA (Check Point NGX VPN-1/Firewall-1) Certification
Completed ITIL Certification V2/V3
Completed VMware VCP 3, VSphere 4, VSphere 5 (VCP-510) certification
Completed VCA-CLOUD, VCA-WM, VCA-DCA certification
Completed PRINCE-2 FOUNDATION and PRACTITIONER certification
Completed CCSA\CCSE (GAIA) Certification
Completed Splunk 6.x Fundamentals Certification
Completed Zscaler Certified TAC Associate (ZCTA)
Completed Zscaler Certified Cloud Administrator - Internet Access (ZCCA-IA)
Completed Zscaler Certified Cloud Administrator - Private Access (ZCCA-PA)
Completed Certified Information Systems Auditor (CISA)
Completed Certified Information Security Manager (CISM)
Completed Project Management Professional (PMP)
TECHNICAL ENVIRONMENT
Checkpoint: 15000, 13000, 12600, 12200, 4600, 5600, 2200, 1100 series, SMART-I 3050, 3051
Juniper Devices: SRX3600 cluster, SRX650, SRX240 series
Palo Alto: PAN 4050, PAN 5050, PAN 5060, PAN 7050 Panorama PA-200,PA-500
Operating System: Window 2k, 3k, 2008, 2012 Server, Linux, UNIX (Linux, Red Hat, HP-UX)
Monitoring: Smarts, HPNA, Alogsec NetScout, HPOV, SmartsIC, Solar Winds, TCPDUMP, SkyBox, Splunk, Arcsight, SourceFire, Gigamon
SLL VPN: ASA5555, ASA5050, SA6500, CM6500, PSA7000 series.
F5: I series, BIGIP 2000, 4000, 5000, 2000 SERIES., Conversant in LAN, WAN, Wi-Fi, DNS, WINS, DHCP, TCP/IP, ISCSI, Fiber, Firewalls/IPS/IDS
Hardware/Cloud: Checkpoint, Juniper, Palo Alto, Dell, HP, CISCO, IBM, SUN, SonicWALL, Barracuda Appliances, SOPHOS appliances, HP, DELL, IBM, AWS, Azure,Vmwear
Scripting: Python, Perl, Bash, Power shell
MAJOR ASSIGNMENTS
Citi - New Castle, DE Oct. 2018 – till date
Role ;- Cyber and Cloud Security Architect
Responsabilités:
Establish a strong knowledge of enterprise cloud environments and cloud service provider platforms including Microsoft Azure, AWS, and Google Cloud Platform and their embedded security, as well as multi-cloud security management technologies
Identify and evaluate complex business and technology risks and remediation methods to mitigate risks
Plan and execute client engagements focusing on assessment, review, design and/or implementation of Cloud infrastructure/platform/software security
Identify improvement opportunities in the areas of process efficiency and security including role-based security
Working knowledge of infrastructure technology including network security, endpoint security, data security, and cyber defense Configuration, deploying, and integration Infrastructure into technology platforms supported across globally.
Proven expertise in building a defense in depth infrastructure security architecture that includes security controls across multiple technology stacks.
Experience with Infrastructure design, provide strategy solutions with roadmap.
Participated in developing and implementing various technology selection approaches including RFIs and RFPs security policies and configuration, to maintain of existing systems.
Provides day-to-day modern Integration support for required projects within the R&D Lab so we can build solution to documented RFP and RFI presentation for management and support group.
Prior experience in monitoring security systems and reviewing logs for vulnerabilities with SIEM solutions
Designed and Implemented SMIE "Skybox,Splunk"product provides complete visibility, analytics and automation to quickly map, prioritize and remediate vulnerabilities across the organization. And intelligently optimize security policies, actions and change process across all corporate networks and cloud environments.
Implemented multiple firewall Firewalls/VPNs (Checkpoint, juniper, Palo Alto, Fortinet, Fortigate Cisco, etc.) policies rule management with configuration.
Complex routing and switching solutions Firewalls/VPNs (Checkpoint, Palo Alto,juniper, Fortinet, Fortigate Cisco, etc.)
implementation Zsclaer cloud infrastructure for 30+ site including GRE tunnel as well for private access configuration with Zapp.
Configuring and Implemented Zsclarer cloud firewall, with Inline DLP with access control rules.
Integration Zsclaer identry management ZAB with local AD setup to pull all identify and support rule as per regional location.
implementation of skybox security policy management and Vulnerability Management with support for 60+ site
implementation, maintenance, and support of identity and access management services, platforms, and systems, including access provisioning, governance, multifactor authentication, privileged access, HRIS integrations, and data protection systems.
Foster a spirit of teamwork and unity among department members and provide oversight and direction to associates in accordance with the organization's policies and procedures.
Identifies risks of non-compliance and recommend appropriate changes/actions through continuous monitoring and analysis of identity systems and alerts.
Implantation of firemon firewall optimization and cleanup with Audit readiness.
Assists with audits supporting clients, regulatory bodies, and internal standards. Actively engages in the greater information security and privacy community (e.g. peer groups, seminars, conferences, etc.) to help identify new technologies, regulations/standards, techniques and partners.
Florida Département of Corrections Aug 2017 – Oct. 2018
Role :- Security Architect
Responsabilités:
Expert understanding of SaaS, PaaS, IaaS cloud delivery models, differences between them, and coverage along the Shared Responsibility Model
Good understanding of networking technologies and protocols, including thorough understanding of the OSI model and comprehensive knowledge of common protocols and services for levels 2 through 7
Good understanding of system and network security principles
Good understanding of cyber security threats, trends, and technologies
Good understanding of terminology relating to risk, IT and security controls, compliance, AAA
Working knowledge Azure security stack, including Security Center, Azure Monitor, DDoS protection, Key Vault, AIP, Intune and WAF
Architecting and designing technical solutions for Microsoft-centric solutions based on industry standards using (Azure) IaaS, PaaS and SaaS capabilities.
Implemented authentication (SAML/OAuth/OIDC), MFA, JIT, and/or RBAC / Ping etc.
Knowledge of cloud security controls including tenant isolation, encryption at rest, encryption in transit, key management, vulnerability assessments, application firewalls, SIEM, etc.
Providing expertise and strategic guidance on critical operations that span multiple systems and groups
Monitoring, evaluating, and remediating any health concerns of global firewalls and network devices
Proactively identify gaps, risks, and issues and navigates organizational structure to resolve them.
Identify automation opportunities as well as areas that can be improved to optimize the operation, such as documentation and monitoring infrastured with risk management.
Develop and maintain technical specifications, standards, procedures, and systems documentation
Research and recommend appropriate technical solutions to meet functional requirements.
Work with Data Center staff, OIT, and users to perform installations, upgrades, and configuration changes match with global standard.
Implementation knowledge of Tufin orchestration suite with change Management and Network Security Policy Management.
Experience communicating and working within cross departmental teams and support group.
Designed and Implemented, managed rapid7 Insight and Nexpose suits for vulnerability management of server and desktop, Network security devices.
Migrated Cisco ASA devices to checkpoint R80.10,20 with policy conversion using Smarts converter tool.
Configuring URL filtering and SSL inspection policy and implanted across all sites with SIME logs management
implementation Zsclaer cloud infrastructure for 40+ site including GRE tunnel as well for internet and private access configuration with Zapp.
Configuring and Implemented Zsclarer cloud firewall,DNS with SSL inspection & URL filtering with access control rules.
Integration Zsclaer logs with SMIE tool set within the organization.
implementation of skybox security policy management and Vulnerability Management with support for 20+ site
Implementation of cloud security policy has been tested and Implementation has been done 10+ sites
Implantation of firemon firewall security policy change Management and Network visibility monitoring as well.
Designed and Implemented CHECKPOINT R80.10/20, Palo Alto, Juniper Zsclarer Internet Access bundled across 30 sites.
Monitoring, evaluating, and remediating any health concerns of global network security products.
Enhances department and organization reputation by accepting ownership for accomplishing new and different requests; exploring opportunities to add value to job accomplishments.
Wipro Limited Jul 2005 – Aug 2017
Citigroup- New Castle, DE Sep 2014 – Aug 2017
Role ;- Security Architect
Responsibilities:
Determines security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues; preparing cost estimates.
Enhances security team accomplishments and competence by planning delivery of solutions; answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members.
Plans security systems by evaluating network and security technologies; developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices.
Implements security systems by specifying intrusion detection methodologies and equipment; directing equipment and software installation and calibration; preparing preventive and reactive measures; creating, transmitting, and maintaining keys; providing technical support; completing documentation.
Maintains security by monitoring and ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs.
Upgrades security systems by monitoring the security environment; identifying security gaps; evaluating and implementing enhancements. Conducting regular system tests and ensuring continuous monitoring of network security.
Citigroup- Mumbai, India Jul 2005 – Sep 2014
Project: Integration support
Role :- Technical Leader and Project Leader
Responsibilities:
Manage of 6 resource team which provided global support for citi global datacenter security infrastructure.
Implemented multiple firewall solutions, network security, and information security practices with SIME tools.
Integral part of planning, designing, implementing and troubleshooting complex firewalls,Security devices advanced technologies.
Experience performing infrastructure technical security assessments.
Review security and vulnerability advisories, assess risk, relevance, priority and communicate findings
Identify infrastructure-level vulnerabilities and patches across enterprise-wide assets along with validating successful remediation
Document, prioritize and formally report asset and vulnerability state, along with remediation recommendations
Leverage vulnerability database sources to understand each weakness, its probability and remediation options, including vendor-supplied fixes and workarounds
Expert in driving vulnerability management reporting and providing guidance to IT teams in patching and solutions to mitigate security threats
Design Implemented and configuration of Juniper Net Screen Firewall ISG 1000/2000, SSG series and NSM Administration.
Ocwen Financial Corporation- Mumbai, India Mar 2005 – Jul 2005
Global Field Services Engineer (System & Network)
Responsibilities:
Responsible for the System and Network Management for more than 4000 local and remote system and network devices including design, implementation and 24x7 support
Initial build for network devices such as switch and backbone configuration.
Managing router and switch config and monitoring with local Evault application
Worked on checkpoint R65 firewall for migration Linux and Nokia Box.
Monitoring 28 sites and total 3080 devices including with router and switch with servers.
Installation & Administration of Microsoft Services like DNS, DHCP, WINS, TCP/IP & IIS
Selected from team to train on Checkpoint firewall R65 gateway.
Involved in project to rebuild and migration on the entire checkpoint gateway
Team Serve IT services Pvt. Ltd. - Mumbai, India Mar 2004 – Dec 2004
System Administrator
Responsibilities:
Installation, Support & Administration of Windows NT Servers Exchange 2k3 & 2k/2k3 Active Directory
Implemented virus protection analyst using Symantec Anti-Virus 7.x to 9.x Corporate Edition for 20+ servers with 300+ clients. Install, push to NT, 2000 & XP clients, and administer Symantec System Center.
Administration of Microsoft Windows NT/2000/2003 Server/Advance Server from scratch including un-boxing, rack mounting, loading of Operating System, deploying with MS
Involved in the implementation on setup of Domain/DSF etc.
Mascom Electronic. Mumbai, India Oct 2002 – Mar 2004
System Administrator
Responsibilities:
Handling 800 HP/Compaq desktops/Laptops & 20 servers.
500 Users are connected to the Domain from various office locations
Creating user Id’s in Active Directory & Creating Mail ids on Exchange server 2000
Performing daily backup activities through VERITAS backup software Working for desktop HP Compaq, Dell
Contact this candidate