Akilan Palani
Coimbatore
Summary
Results-driven network security and cybersecurity engineer with over 8+ years of experience in designing, implementing and managing robust security infrastructures. Proven expertise in deploying next-generation firewalls (NGFW), intrusion prevention systems (IPS), and virtual private networks (VPNs). Skilled in configuring and optimizing security policies, access controls, and threat detection systems.
Overview
10
10
years of professional experience
1
1
Certification
Work History
Senior Network Security Engineer
Robert Bosch Engineering and Business Solution
01.2018 - Current
- Installed Firepower firewalls at the datacenter with an Active-Standby configuration to ensure high availability
- Configured DMZ server interfaces to enhance security and network segmentation
- Developed and implemented Access Control Lists (ACLs) on Firepower firewalls for effective network routing and end-to-end connectivity
- Managed and enforced accept/reject rules for network traffic through FMC (Firepower Management Center)
- Monitored Firepower and FMC systems for performance and security incidents, utilizing tools for continuous oversight
- Conducted troubleshooting for network-related issues, ensuring minimal downtime and disruption in a Managed Services model
- Implemented and configured VPN solutions, including site-to-site, remote access, and SSL tunnels on Cisco routers and Firepower, enhancing secure connectivity
- Deployed web filtering and application filtering features on Firepower firewalls to protect against unauthorized access and threats
- Participated in major incident calls for network outages, ensuring timely follow-up and resolution
- Prepared Root Cause Analyses (RCA) reports for customers, incorporating vendor insights for significant incidents
- Led network changes in accordance with the change management process, ensuring proper documentation and compliance
- Actively participated in Change Advisory Board (CAB) meetings to validate proposed changes to the existing infrastructure
- Generated and analyzed reports on network availability and utilization, providing insights on performance metrics on a weekly, monthly, and on-demand basis
- Developed and maintained a Data Center Migration Runbook, detailing migration strategies, pre-cutover, cutover, and post-cutover activities
- Planned and documented new network designs, ensuring alignment with operational requirements and updating Low-Level Designs (LLDs) and High-Level Designs (HLDs) as necessary
- Implemented high availability solutions, including HSRP (Hot Standby Router Protocol) and EtherChannel configurations, to enhance network resilience
- Configured ISP redundancy for seamless connectivity across multiple service providers
- Configured and managed AAA (Authentication, Authorization, and Accounting) services across all network devices, including switches, routers, and firewalls
- Set up SYSLOG servers for centralized logging and monitoring of network devices
- Provided ongoing maintenance and support for Firepower firewalls, including updates, patches, and performance tuning
- Engaged in continuous learning and professional development to stay updated on the latest cybersecurity trends and technologies
- Client- SONY India Software Centre Pvt Ltd
- Project- SOC – Security Operation Services
Cybersecurity Security Engineer
Klaus IT Solutions
01.2017 - 12.2017
- Worked in 24/7 SOC environment and taken responsibility handling queries from team members, proactively providing knowledge transfer and support for carrying out BAU tasks
- Handling SIRT incidents effectively and drilling down analysis to share the root causes
- Suggested Multiple new use cases for offense creations in RSA Netwitness and defined SOP for the same
- Monitoring & Fine-tuning of rules to avoid false Offenses
- Monitoring for assets that communicate to CnC servers and other malware sites, correlating it with other notorious behavior by analyzing Proxy, Firewall & end point events thereby worked towards its remediation
- Monitor security violations and investigate with respective owners/teams to get the issues resolved
- Responding to in-house queries and guiding users with threat remediation strategies and best security practices
- Perform hunting exercises using threat intelligence, analysis of anomalous log data and results of historical events data to detect and response to threats
- Handling Spam, phishing and Imposter emails by header analysis
- Working closely with Abuse team for AUP violation incidents
- Advisory creation for emerging threats and ensuring that corporate environment is secured
- Following the IOCs and identifying the infection and mitigating the same from user's machines
- Working on IT compliance part for all corporate devices in our environment to make sure everything is up to date
- Checking Non-Compliance status of agents in McAfee ePO, generating server remediation and McAfee drive encryption reports
- Performed drive encryption remediation tasks
- Deploying UDS signature in McAfee NSM (IDS), performing User Access management and monitoring the sensor health status
- Analyzing web traffic logs using Splunk and providing proxy resolution through Cisco IronPort WSA
- Imperva Database Monitoring to check agents and gateways status
Information Security Engineer
SGS Soft IT Solutions
06.2014 - 12.2016
- Install and configure NGFWs in accordance with organizational security policies and best practices.
- Implement policies for network segmentation to enhance security through isolation of sensitive systems and data.
- Develop, implement, and manage access control policies, including rules for inbound and outbound traffic to protect sensitive information.
- Configure application awareness features to control and monitor the usage of applications over the network, ensuring compliance with organizational policies.
- Utilize IPS capabilities within the NGFW to detect and block potential threats in real time.
- Integrate threat intelligence feeds to enhance the firewall's ability to identify and mitigate emerging threats.
- Continuously monitor network traffic and logs for suspicious activities and potential security breaches using the NGFW's dashboard and reporting tools.
- Implement log management processes to ensure that logs are collected, analyzed, and retained for compliance and forensic investigations.
- Participate in incident response activities related to alerts generated by the NGFW, investigating and mitigating security incidents.
- Conduct root cause analysis for security incidents involving NGFWs, preparing detailed reports for stakeholders.
- Regularly review and optimize firewall rules to ensure efficient performance and minimal impact on legitimate traffic.
- Assess firewall capacity and performance, making recommendations for upgrades or adjustments based on network growth or changes in traffic patterns.
- Perform regular vulnerability assessments on the NGFW and the overall network infrastructure to identify potential weaknesses.
- Ensure timely updates and patches for the NGFW software and firmware to mitigate vulnerabilities.
- Develop and conduct training sessions for staff on security best practices related to the use of NGFWs and general cybersecurity awareness.
- Create and maintain documentation on NGFW policies, procedures, and configurations for reference and training purposes.
- Ensure that NGFW configurations comply with relevant regulations and standards (e.g., PCI DSS, GDPR, HIPAA).
- Assist in internal and external audits, providing necessary documentation and evidence of NGFW effectiveness and compliance.
- Collaborate with other IT and security teams to enhance overall security posture and response strategies.
- Provide regular updates to management regarding firewall performance, security incidents, and compliance status.
Education
Master of Science - Master of Computer Application
Anna University
Tirupur05.2014
Bachelor of Science - Computer Application
Bharathidasan University
Jayankondam05.2011
Skills
- FortiGate
- Forti Manager
- Forti Analyzer
- Checkpoint
- Cisco Firepower
- SSL VPN
- IPSEC VPN
- Nessus, Nmap
- SolarWinds
- Cisco ISE
- Splunk
- SASE
- ZTNA
- Tufin
Certification
- Cisco Cybersecurity Operations Fundamentals Training Completed
- Fortinet Network Security Expert- NSE4-5.4
- Completed Checkpoint Certified Security Administrator (CCSA) certification
- TCSE 2 - TOS Aurora: Tufin Advanced Security Policy Management and Automation
- Cisco Firewall Threat Defense and Intrusion Prevention
Disclaimer
I hereby declare that the details furnished above is true to the best of my knowledge.
Personal Information
- Father's Name: Palani T
- Date of Birth: 06/24/91
- Gender: Male
- Nationality: Indian
- Marital Status: Married
Timeline
Senior Network Security Engineer
Robert Bosch Engineering and Business Solution
01.2018 - Current
Cybersecurity Security Engineer
Klaus IT Solutions
01.2017 - 12.2017
Information Security Engineer
SGS Soft IT Solutions
06.2014 - 12.2016
Master of Science - Master of Computer Application
Anna University
Bachelor of Science - Computer Application
Bharathidasan University
Similar Profiles
GURUPRASATH KUMARGURUPRASATH KUMAR
Associate Project Manager at Robert Bosch Engineering and Business SolutionAssociate Project Manager at Robert Bosch Engineering and Business Solution
Archana GovindarajanArchana Govindarajan
Quality Assurance Consultant at Robert Bosch Engineering and Business Solution (P) LtdQuality Assurance Consultant at Robert Bosch Engineering and Business Solution (P) Ltd
Babita ShetakeBabita Shetake
Senior System Engineer at Robert Bosch Engineering & Business Solution Pvt LtdSenior System Engineer at Robert Bosch Engineering & Business Solution Pvt Ltd