Security Engineer Palo Alto
Resume:
Bhargavi Sanjamolla
Email: **************@*****.***
Ph: +1-989-***-****
Professional Summary:
Accomplished and detail-oriented Network and Security Engineer with over 7 years of experience in designing, implementing, and managing robust, secure network infrastructures for enterprise environments.
Proven expertise in deploying and maintaining Fortinet solutions (FortiGate, FortiAnalyzer, FortiManager) and Palo Alto firewalls, ensuring effective threat prevention and network security.
Adept at working with Zscaler cloud security solutions and Aruba wireless technologies, ensuring secure connectivity and high-performance networks.
Expertise in Palo Alto Firewall with securing enterprise networks and worked on NGFW, Panorama, VPNs, and threat prevention with strong knowledge of IDS/IPS, routing, and security policies.
Proficient in routing and switching protocols, enabling the design of optimized, scalable networks while ensuring high availability, performance, and security.
Experienced Infoblox DDI specialist with expertise in DNS, DHCP, IPAM, and zone migrations. Expertise in configuring authoritative/recursive DNS, automating IPAM tasks, and optimizing network infrastructure for high availability and performance.
Skilled in Infoblox DNS and DHCP solutions for network automation and IP address management.
Experts in specializing in incident response, threat analysis, and security automation.
Proficient in mentoring teams, developing playbooks, optimizing SIEM detections, and collaborating with cross-functional teams to strengthen security measures and proactively mitigate threats.
Experienced in implementing vulnerability management frameworks using industry-leading tools such as Checkmarks, Nexus IQ, and SAST to secure applications during the SDLC and mitigate potential vulnerabilities before deployment.
Strong expertise in cloud security (AWS, Azure), focusing on securing cloud environments, enhancing data protection, and managing access controls across hybrid infrastructures.
Hands-on experience with SIEM platforms, including threat detection, incident response, and continuous log monitoring to maintain security posture.
Proficient in using SolarWinds for network monitoring, ensuring optimal performance and proactive threat identification.
Highly skilled in load balancing, SSL offloading, and the configuration of VPNs (IPsec/SSL) to enhance the performance and security of network infrastructures.
Adept at conducting risk assessments and security assessments to ensure compliance with industry standards and regulations, such as PCI DSS, HIPAA, and GDPR.
A strong focus on maintaining continuous security coverage, disaster recovery, and high availability in fast-paced environments.
Proven experience in managing and responding to complex security incidents, ensuring minimal disruption to business operations, and maintaining strict SLAs. Adept at collaborating with cross-functional teams, providing consultative guidance to enhance security protocols and reducing risks across the enterprise environment.
In-depth experience with network troubleshooting, incident response, and root cause analysis for security breaches, ensuring swift resolution and future risk mitigation.
Known for delivering tailored, secure networking solutions that align with business objectives and customer needs while maintaining a strong customer service orientation.
Committed to driving continuous improvement and innovation in network security, application security, and cloud security to protect organizational data and systems from evolving threats.
A forward-thinking professional with a strong commitment to staying ahead of emerging technologies and security trends, ensuring comprehensive and up-to-date security measures across all network domains.
SKILLS:
Firewalls: Palo Alto and Cisco Firepower
Load Balancers: F5 Big IP, Citrix Net scaler
Switches: Cisco Nexus, Catalyst, Arista
Routing: RIPV2, OSPF, BGP, EIGRP, IS-IS, PBR, ROUTE filtering, Redistribution and Static Routing
Cloud & Network Security: AWS, Azure, Zscaler. Palo alto Prisma,
Vulnerability management: Tenable io, Tenable Sc, Nessus, Qualys, Rapid7 Nexpose
Certifications:
Cisco Certified Network Associate (CCNA)
Cisco Certified Network Professional (CCNP)
Palo Alto Certified Network Security Administrator (PCNSA)
F5 101
AWS Solution Architect Associate
Professional Experience
EVER SOURCE ENERGY, MA July 2024 – Present
Senior Network Security Engineer
Implemented cloud security controls for AWS, GCP, and Azure, ensuring compliance with industry standards and best practices.
Implemented cloud security controls for AWS, GCP, and Azure, ensuring compliance with industry standards and best practices.
Configured and optimized Wiz security platform for cloud environments, ensuring continuous monitoring and vulnerability management.
Administered and managed Fortinet firewall appliances (FortiGate, FortiAnalyzer, FortiManager) to prevent unauthorized access and mitigate security threats.
Designed, implemented, and deployed network security solutions tailored to IT and OT environments, ensuring robust security controls.
Conducted real-time network monitoring, quickly identifying and resolving security events, minimizing downtime and maintaining network integrity.
Designed, deployed, and managed complex Palo Alto Networks firewall solutions across enterprise environments, ensuring optimal network segmentation, access control, and threat prevention.
Configured and maintained Layer 3 and Layer 7 security policies on Palo Alto Next-Generation Firewalls (NGFWs), achieving consistent reduction in unauthorized access attempts and lateral movement.
Managed and optimized Panorama for centralized policy and device management across multiple firewalls, ensuring streamlined operations and uniform policy enforcement.
Led the migration of legacy firewall infrastructure (Cisco ASA, Check Point) to Palo Alto Networks, including rule set analysis, policy translation, and zero-downtime cutover planning.
Developed and implemented robust IPSec and SSL VPN solutions using Palo Alto GlobalProtect, enabling secure remote access for over 1,000 users during a hybrid work transition.
Performed daily health checks, log analysis, and custom alerting through the Palo Alto logging subsystem, Cortex Data Lake, and third-party SIEM platforms (Splunk, QRadar).
Executed complex NAT, security rule base, and application override configurations to support new business services and third-party integrations.
Integrated Palo Alto NGFW with authentication mechanisms including LDAP, RADIUS, and SAML for enhanced access control and user identity-based security policies.
Conducted regular vulnerability assessments and implemented best-practice remediation strategies based on Palo Alto’s Threat Intelligence and CVE databases.
Acted as the primary escalation point for all network security-related incidents, rapidly analyzing threats using Threat Logs, Wild Fire reports, and packet captures to mitigate attacks.
Collaborated with cross-functional infrastructure and application teams to align firewall policy design with enterprise architecture and compliance requirements (PCI-DSS, HIPAA).
Led internal firewall audits, rule base cleanup initiatives, and policy optimization efforts, reducing unnecessary access rules and improving system performance.
Designed and enforced segmentation policies using Palo Alto’s Zone-Based Architecture to isolate sensitive environments (e.g., DMZ, PCI, development).
Utilized App-ID, User-ID, and Content-ID technologies to improve traffic visibility and enforce granular access policies based on applications and user identity.
Delivered training and documentation to IT staff on Palo Alto best practices, Panorama usage, and firewall rule lifecycle management.
Configured, managed, and optimized Palo Alto Networks firewalls (PA-7000, PA-5250, PA-3430) for high-performance network security across corporate infrastructures.
Developed and implemented network security policies, VPN tunnels, NAT rules, and security zones using Palo Alto and FortiGate firewalls.
Administered F5 BIG-IP load balancers (LTM/GTM) for high availability, SSL offloading, and efficient application delivery.
Integrated Zscaler solutions to ensure secure internet access and optimal network performance for remote users and branch offices.
Led end-to-end investigation and response for complex cybersecurity incidents across cloud and on-premise environments, minimizing risk and reducing mean time to respond.
Mentored and coached L1 and L2 SOC analysts, creating structured training materials and facilitating hands-on workshops to improve analyst response effectiveness.
Designed, deployed, and maintained scalable Infoblox DDI (DNS, DHCP, IPAM) appliances across multi-site enterprise networks, enhancing IP address management efficiency and reducing manual provisioning errors by 60%.
Led initiatives for optimizing DHCP scope utilization and re-architecting DHCP failover configurations to ensure high availability and redundancy.
Configured and managed complex DNS architectures, including authoritative and recursive DNS servers, integrating security features such as DNSSEC and RPZ (Response Policy Zones).
Administered DHCP configurations with advanced options, dynamic DNS updates, lease assignment policies, and DHCP failover pairs for seamless client address assignment.
Managed IP address space through IPAM modules, implementing subnet discovery, usage monitoring, and efficient capacity planning.
Spearheaded the complete migration of DNS zones from legacy Infoblox grid to a newly architected Infoblox infrastructure, ensuring zero service disruption, maintaining TTL integrity, and validating zone file accuracy using scripting and Infoblox API.
Developed detailed migration runbooks, automated zone transfers using scripts and Infoblox’s WAPI/RESTful APIs, and performed post-migration validations and regression testing.
Automated IP address and DNS record provisioning using Python and Infoblox WAPI, reducing manual workload and improving onboarding time for new devices.
Created custom monitoring scripts for real-time DNS/DHCP service status, contributing to faster incident detection and resolution.
Performed in-depth root cause analyses of security breaches and incidents, delivering actionable recommendations that strengthened preventive controls and enhanced overall cyber resilience.
Ensured all security events and alerts were promptly triaged, validated, and escalated in accordance with SLAs and incident severity.
Provided expert guidance on response strategies, tailoring containment and recovery actions based on incident type, scope, and organizational impact.
Developed and maintained incident response playbooks, integrating threat intelligence, automation workflows, and regulatory compliance requirements (e.g., GDPR, HIPAA).
Collaborated with cross-functional stakeholders, including IT, DevOps, Legal, and Risk teams, to drive enterprise-wide security posture improvement initiatives.
Monitored threat intelligence feeds and collaborated with internal Threat Intelligence teams to anticipate evolving threats, ensuring proactive defense mechanisms were in place.
Integrated threat intelligence indicators and TTPs into SOC operations to enhance threat detection and contextual awareness.
Worked with development teams to integrate security tools into the CI/CD pipeline, ensuring automated security scans during the development lifecycle.
Installed and maintained FortiGate and Palo Alto firewalls for network protection, adhering to regulatory requirements and corporate policies.
Integrated Forti SIEM with FortiGate firewalls for real-time event correlation, threat detection, and automated response to security incidents.
Deployed and configured for F5 Big-IP load balancing, redundancy, and high availability of critical systems.
Conducted vulnerability assessments and penetration testing across cloud infrastructures, applications, and network devices to identify and mitigate risks.
Collaborated with cross-functional teams to ensure continuous monitoring of network performance, security, and compliance across systems and applications.
Designed and implemented SD-WAN solutions to optimize network traffic and improve performance across distributed environments.
Monitored and managed network logs using SIEM tools (Splunk, ArcSight, Q-Radar) for centralized event correlation and proactive threat detection.
Worked on network segmentation strategies and implemented firewalls to reduce attack surfaces, enhance internal security, and optimize traffic flow.
Led security audits and assessments, ensuring compliance with industry standards (NIST, FISMA, HIPAA) and regulatory frameworks.
Optimized SSL/TLS inspection policies and managed security policies to balance security and privacy requirements for sensitive data traffic.
Change Health, TX Jun 2023 – May 2024
Network Security Engineer
Configured and tuned cloud security platforms, including AWS and Azure, ensuring secure access control, data storage, and adherence to best practices.
Managed and automated secure deployment of applications, ensuring compliance with security standards and minimizing vulnerabilities.
Integrated and managed Palo Alto Networks firewalls (PA-7020, PA-3410, PA-5450), ensuring proper firewall policies and frameworks for secure network operations.
Monitored, analyzed, and triaged alerts from SIEM platforms, ensuring timely identification and mitigation of security events.
Worked with security engineers to develop and tune SIEM rules, optimizing security monitoring and response workflows.
Implemented robust network security policies, intrusion detection/prevention systems (IDS/IPS), and network segmentation strategies to safeguard enterprise environments.
Conducted vulnerability assessments using industry-leading vulnerability management tools (e.g., Nessus, Qualys, Tenable.io), identifying and mitigating critical risks to infrastructure.
Designed and deployed scalable, fault-tolerant network infrastructures using Cisco, Juniper, and advanced routing/switching technologies.
Implemented IPsec and SSL VPN solutions using FortiGate and FortiClient, enabling secure remote access for employees and ensuring encrypted communications.
Configured and managed Aruba wireless solutions, optimizing wireless network security and performance for end-users across enterprise environments.
Led the deployment and configuration of F5 BIG-IP LTM and GTM systems, ensuring highly available and secure application delivery for critical business services.
Developed and customized I Rules on F5 systems to optimize traffic management and improve application performance.
Integrated F5 APM with Active Directory for secure, policy-based access control, enhancing security for internal users.
Monitored and tuned F5 load balancer performance to guarantee uptime, scalability, and responsiveness across critical systems.
Designed and implemented disaster recovery strategies using F5 GTM and LTM, ensuring multi-region failover and load balancing for business continuity.
Led the investigation and response to multiple cybersecurity incidents, ensuring swift containment, remediation, and recovery in both cloud and on-premise environments.
Provided mentorship and guidance to L1 and L2 SOC analysts, developing skill-building sessions that increased team efficiency in detecting and responding to incidents.
Conducted root cause analysis of security events, identifying systemic vulnerabilities and suggesting strategic improvements to prevent future incidents.
Managed the triage, validation, and escalation of security alerts, ensuring timely responses according to defined incident severity and organizational priorities.
Offered strategic direction on incident response and containment strategies, helping teams prioritize actions based on threat severity and impact.
Developed and refined incident response playbooks and workflows, integrating lessons learned from past incidents and aligning with regulatory requirements.
Worked with cloud teams to implement FortiGate virtual firewalls within AWS and hybrid environments, enforcing consistent security policies across on-premises and cloud infrastructures.
Configured FortiGate’s SSL VPN solutions for remote employees accessing cloud platforms, ensuring compliance with industry standards such as PCI-DSS and GDPR.
Performed risk analysis and vulnerability assessments to proactively identify and address security weaknesses across infrastructure, including cloud and on-premises systems.
Implemented and managed VLAN-based network segmentation, securing communication between departments while ensuring compliance with regulatory frameworks like PCI DSS and HIPAA.
Optimized network routing protocols (OSPF, BGP) and load balancing configurations for improved quality of service (QoS) and reduced latency, especially for voice and video services.
Delivered security reports to management and stakeholders, translating technical vulnerabilities into actionable business insights for risk mitigation and continuous improvement.
Supported disaster recovery configurations by integrating F5 GTM for seamless cross-region failover and system resilience.
Provided on-call troubleshooting and support for IPsec VPN configurations and remote access, ensuring proper operation of Palo Alto firewalls and VPN tunnels.
Collaborated with security teams to implement role-based access control (RBAC) within Azure AD and AWS IAM, adhering to the principle of least privilege for all users.
Troubleshot SD-WAN IPsec overlay connectivity, ensuring seamless connectivity between SD-WAN appliances and controllers over various transport networks (Internet, MPLS, WBS).
Implemented and managed cloud infrastructure on AWS (EC2, VPC, IAM, RDS) to ensure high security, performance optimization, and cost-effective solutions for client projects.
Mahindra & Mahindra, India. May 2018 – Dec 2022
Security Engineer
Conducted proactive security monitoring and incident response, escalating critical alerts to local support teams for timely resolution.
Specialized in triaging security incidents, performing detailed log analysis, threat hunting, and phishing email analysis to detect potential security breaches.
Managed security operations in a 24/7 rotational shift environment, providing continuous security monitoring for multiple clients and projects.
Developed and implemented cybersecurity policies and procedures, aligning with best practices in access control, incident management, and disaster recovery to ensure compliance with regulatory standards (ISO/IEC 27001, NIST).
Led penetration testing and vulnerability assessments, simulating real-world attack scenarios to identify and address system weaknesses and security gaps.
Collaborated with cross-functional teams (IT, legal, operations) to design and deploy secure network architectures, ensuring the confidentiality, availability, and integrity of business-critical systems.
Worked closely with internal teams to ensure consistent enforcement of security policies, meeting both internal and external regulatory compliance requirements.
Evaluated and optimized security systems to improve their operational effectiveness, enhancing the resilience and reliability of systems in dynamic environments.
Led security incident response efforts, investigating and resolving security issues discovered by internal and third-party monitoring tools, while identifying and addressing root causes to prevent future occurrences.
Managed multiple security incidents effectively, ensuring timely resolution without breaching SLAs, and providing ongoing support for incident remediation.
Mitigated phishing campaigns from various threat actors by identifying and blocking indicators of compromise (IOCs) as part of proactive defense measures.
Applied fundamental knowledge of vulnerability management to identify and address false positive alerts, fine-tuning detection mechanisms to improve the efficiency of security systems.
Regularly reviewed and analyzed SIEM dashboards, system/application logs, and custom monitoring tools to maintain a proactive security posture and detect potential threats.
Contact this candidate