Summary
Overview
Work History
Education
Skills
Websites
Certification
Hobbies and Interests
Languages
Work Availability
Languages
Timeline
Generic

Ayush Tyagi

Noida

Summary

Certified Information Security Manager (CISM) with extensive experience in network security, firewall management, and Security Operations Center (SOC) operations. Proficient in managing and securing enterprise environments using Palo Alto, Azure, Check Point, and Zscaler. Skilled in designing and optimizing firewall policies, implementing intrusion detection/prevention systems (IDS/IPS), and leveraging SIEM solutions for threat detection. Strong expertise in risk management, compliance (ISO 27001, NIST, CIS), and incident response. Adept at leading security teams, mitigating cyber threats in real time, and enhancing security postures through proactive defense strategies. Passionate about strengthening cybersecurity resilience and aligning security operations with business objectives.

Overview

10
10
years of professional experience
5
5
Certification

Work History

Manager- DT-CTFR

KPMG India
Noida
12.2021 - Current
  • Enterprise Firewall Management: Led the design, deployment, and optimization of Palo Alto Next-Gen Firewalls (NGFW) across on-prem, cloud, and hybrid environments, ensuring secure network access and compliance.
  • Palo Alto Panorama Administration: Centralized firewall management through Panorama, streamlining policy enforcement, log analysis, and device monitoring across multiple sites.
  • Threat Prevention & Advanced Security Features: Implemented App-ID, User-ID, Content-ID, SSL decryption, DNS Security, and WildFire to detect and block zero-day threats, malware, and unauthorized applications.
  • Zero Trust Network Security: Architected and enforced zero-trust policies using Palo Alto Prisma Access, GlobalProtect VPN, and segmentation firewalls, reducing the attack surface for remote and internal users.
  • Firewall Migration & Rule Optimization: Led firewall migration projects from legacy systems to Palo Alto NGFW, ensuring minimal downtime and improved performance. Optimized security rules, reducing redundancy by 40%.
  • Security Logging & SIEM Integration: Integrated Palo Alto logs with SIEM platforms (Microsoft Sentinel) to enhance threat hunting and anomaly detection.
  • Incident Response & Threat Hunting: Conducted forensic analysis on security incidents using Microsoft Sentinel and Qualys, proactively identifying and mitigating threats before escalation.
  • Network Segmentation & Microsegmentation: Designed granular segmentation policies using VLANs, VXLANs, and Palo Alto firewall security zones, minimizing lateral movement risks.
  • Compliance & Governance: Ensured firewall configurations adhered to ISO 27001, NIST, SOC 2, and PCI-DSS standards, conducting regular audits and risk assessments.
  • Security Automation & Playbooks: Automated firewall rule audits and security alerts using Cortex XSOAR, improving response times and reducing manual workload by 50%.
  • Team Leadership & Training: Led a team of network security engineers, providing technical training on Palo Alto firewall policies, threat prevention, and security best practices.

Security Analyst

Tata Communications System
Noida
01.2021 - 12.2021
  • Configured, managed, and optimized Palo Alto (PAN-OS, Panorama), Check Point (R80.x), FortiGate (FortiOS), and Zscaler Cloud Security.
  • Created and fine-tuned security policies, NAT rules, IPS/IDS configurations, and VPN setups (IPsec, SSL VPN, GlobalProtect, FortiClient, Zscaler Private Access).
  • Implemented zero-trust network access (ZTNA) using Zscaler ZIA/ZPA, Palo Alto Prisma Access, and FortiGate SD-WAN.
  • Monitored and analyzed firewall logs, threat intelligence feeds, and SIEM alerts (Splunk, Microsoft Sentinel, Solar Winds).
  • Configured SSL decryption, URL filtering, App-ID, User-ID, WildFire (Palo Alto), and Threat Emulation (Check Point) to detect and block malicious activity.
  • Conducted triage, containment, eradication, and recovery of security incidents, correlating logs across Palo Alto, Check Point, FortiGate, and Zscaler environments.
  • Led root cause analysis (RCA) for firewall rule misconfigurations, security breaches, and zero-day exploits.
  • Integrated firewalls with SIEM tools (Splunk, QRadar, FortiSIEM) for real-time correlation of security events.
  • Conducted risk assessments, vulnerability scanning (Tenable, Qualys) for firewall and cloud environments.
  • Deployed and configured Palo Alto VM-Series, Check Point CloudGuard, and FortiGate-VM for AWS, Azure, and GCP environments.
  • Enforced CASB, DLP, and sandboxing policies across cloud and on-premise security solutions.
  • Developed firewall rule automation playbooks, reducing misconfigurations and improving response times.
  • Implemented log correlation and alert automation for improved incident detection and response efficiency.

Analyst Security System

British Telecom
Gurgaon
09.2019 - 10.2020
  • Diagnosed and resolved issues related to Palo Alto Firewalls, Check Point Firewalls, FortiGate, and Zscaler security solutions.
  • Conducted root cause analysis (RCA) for network disruptions, misconfigurations, and security incidents.
  • Utilized debugging tools (TCPDump, Wireshark, Palo Alto CLI) to investigate connectivity and performance issues.
  • Collaborated with IT support teams to perform in-depth troubleshooting on VPN connections, IPSec tunnels, and SSL VPN setups.
  • Monitored network traffic and security events using SIEM tools (Splunk, Microsoft sentinel, Solar Winds).
  • Analyzed firewall logs, intrusion detection/prevention logs, and network traffic flows to identify and mitigate threats in real-time.
  • Proactively detected and responded to potential security breaches, malware infections, and anomalous activities through continuous log aggregation and analysis.
  • Provided timely escalation of incidents to senior engineers and stakeholders, following SOPs for incident response.
  • Assisted in firewall rule creation, configuration, and optimization for Palo Alto, FortiGate, Check Point, and Zscaler platforms.
  • Diagnosed issues related to firewall rule misconfigurations, policy violations, and NAT/PAT discrepancies affecting application performance.
  • Utilized firewall management platforms (Panorama, FortiManager, Check Point SmartConsole) for rule verification and policy tuning.
  • Ensured consistent application of security policies to safeguard enterprise networks and systems.
  • Assisted in identifying and remediating vulnerabilities in network devices, firewalls, and security appliances through patch management and regular scans (Qualys, Tenable).
  • Used network monitoring tools (SolarWinds, Nagios, PRTG) to ensure optimal performance of firewalls, VPNs, and security appliances.
  • Implemented proactive measures to monitor bandwidth, latency, and security appliance health to avoid performance bottlenecks.
  • Troubleshot issues related to network congestion, latency, and application-level performance due to security appliances.

Network Security Engineer

NEC Technologies
Noida
06.2018 - 09.2019
  • Monitored security alerts, logs, and traffic from firewalls (Palo Alto, FortiGate, Check Point, Zscaler) and other security appliances.
  • Identified, categorized, and escalated potential security threats or performance issues in firewall logs, including unauthorized access attempts, and network anomalies.
  • Assisted in basic troubleshooting of firewall and VPN issues, including IPSec VPN, SSL VPN, and access control issues.
  • Monitored security logs in real-time using SIEM tools such as Splunk, FortiAnalyzer, or QRadar.
  • Documented and escalated security events based on severity levels and organizational protocols.
  • Generated daily, weekly, and monthly reports to track and review security incidents, vulnerabilities, and trends.
  • Assisted in implementing firewall policy updates, access control lists (ACLs), and VPN configurations for internal teams, under the supervision of senior network security engineers.
  • Performed basic security audits to ensure compliance with established security policies and configurations.
  • Supported rule validation for firewalls, including NAT/PAT rules, access rules, and security zones.
  • Responded to low-complexity security incidents under the guidance of senior engineers, following predefined incident response protocols.
  • Assisted in triaging security tickets, gathering information for escalation to higher-level engineers or management.
  • Coordinated with internal teams to help resolve network connectivity, security policy, and VPN issues.
  • Utilized network monitoring tools (e.g., SolarWinds, PRTG) to track network performance and health.
  • Assisted with basic troubleshooting of performance-related issues (e.g., bandwidth usage, latency) affecting firewalls and security systems.

Security Engineer

Parametrique Electronic Solutions Pvt Ltd
Noida
08.2015 - 05.2018
  • Monitored firewall logs, traffic flows, and security events from Palo Alto Firewalls, Check Point Firewalls, and Cisco routers/switches.
  • Utilized SolarWinds Network Performance Monitor for tracking device health, traffic anomalies, and performance issues in the network.
  • Assisted in monitoring and reviewing logs generated by Cisco devices to detect issues related to network connectivity and security vulnerabilities.
  • Helped detect security incidents by analyzing logs and alerts from Palo Alto Firewalls and Check Point Security Management systems.
  • Escalated suspicious activity (e.g., unauthorized access attempts, port scanning, or malware detection) to senior security teams for further investigation and resolution.
  • Assisted in basic troubleshooting and incident response for issues related to firewall configurations, VPN connections, and network performance.
  • Assisted in the configuration and management of firewall policies for Palo Alto Networks and Check Point devices under supervision.
  • Supported rule validation, NAT/PAT configuration, and ensuring access control lists (ACLs) followed organizational security policies.
  • Helped in basic Palo Alto and Check Point rule audits to ensure compliance with internal and external security standards.

Education

Bachelor of Technology - Electronics and Communication

Amity University
Noida
07.2015

Skills

  • Certified Information Security Manager(CISM)
  • Palo Alto Firewall
  • Firewall Audit
  • Panorama
  • Checkpoint
  • Fortigate
  • Cisco
  • Zscaler
  • Routing and Switching
  • Microsoft Sentinel
  • Governance, Risk and compliance

Certification

  • CISM, ISACA
  • PCNSE, Palo Alto Networks
  • PCCSE, Palo Alto Networks
  • SC-900, Microsoft
  • AZ-900, Microsoft
  • CCNA, Cisco

Hobbies and Interests

  • Dancing
  • Games
  • Play Station
  • Anime
  • Manga

Languages

  • English, Native speaker
  • Hindi, Native speaker

Work Availability

monday
tuesday
wednesday
thursday
friday
saturday
sunday
morning
afternoon
evening
swipe to browse

Languages

Hindi
First Language
English
Proficient (C2)
C2

Timeline

Manager- DT-CTFR

KPMG India
12.2021 - Current

Security Analyst

Tata Communications System
01.2021 - 12.2021

Analyst Security System

British Telecom
09.2019 - 10.2020

Network Security Engineer

NEC Technologies
06.2018 - 09.2019

Security Engineer

Parametrique Electronic Solutions Pvt Ltd
08.2015 - 05.2018

Bachelor of Technology - Electronics and Communication

Amity University

Similar Profiles

  • Jyotsna Kalia

    Jyotsna KaliaJyotsna Kalia

    Consultant (Full-time) at KPMG IndiaConsultant (Full-time) at KPMG India

    View Profile
  • Chandana A P

    Chandana A PChandana A P

    AEM Developer at KPMG IndiaAEM Developer at KPMG India

    View Profile
  • Yogesh Yadav

    Yogesh YadavYogesh Yadav

    Technical Architect at KPMG IndiaTechnical Architect at KPMG India

    View Profile
Ayush Tyagi