Summary
Overview
Work History
Education
Skills
Interests
STRENGTHS
Timeline
BusinessAnalyst
Danish Khan

Danish Khan

Network Security Team Lead
Mumbai

Summary

Cisco Certified Network Engineer with a decade of expertise in network security architecture, design, and administration across diverse enterprise and multi-vendor environments. Proficient in firewall management (Palo Alto - PCNSE, Fortinet - NSE4, Cisco ASA), BlueCat DDI, VPN connectivity, vulnerability management, and IT risk management. Strong command of network protocols (BGP, EIGRP, MPLS, HSRP), encryption methods, and identity-based access controls demonstrates a proven ability to secure and optimize critical infrastructures. Certified in CCNP, ISO 27001:2013, ITIL v4, and Agile methodology; recognized for leading complex migrations and enhancing cybersecurity posture while fostering cross-functional collaboration to ensure scalability and business continuity.

Overview

10
10
years of professional experience

Work History

Technical Specialist ( Team Lead)

Zensar Technologies Ltd
05.2023 - Current


Client: Cepheid

  • Architected and implemented enterprise-grade network infrastructures, designing scalable and resilient solutions that supported business growth and digital transformation initiatives.
  • Integrated advanced security controls into network design, embedding firewalls, IDS/IPS, segmentation, and zero-trust principles to ensure compliance and protect sensitive data.
  • Led migration projects from legacy infrastructure to modern platforms, delivering improved system reliability, reduced latency, and enhanced cloud-readiness.
  • Designed and optimized secure wireless architectures using Cisco 9130X/9120X APs and 9800 WLC, achieving seamless coverage and fortified protection against unauthorized access.
  • Implemented automation and proactive monitoring frameworks, streamlining operations, accelerating incident response, and reducing downtime.
  • Collaborated with executives, vendors, and cross-functional teams to evaluate technologies, negotiate cost-effective solutions, and align architectures with security and business goals.
  • Documented standards, authored best practices, and mentored junior engineers, building organizational resilience through knowledge transfer and secure design principles.
  • Championed innovation and security-first strategies, assessing risks, adopting emerging technologies, and delivering future-ready, compliant network solutions.
  • Managed multiple high-priority projects simultaneously, consistently meeting deadlines while maintaining attention to detail.
  • Provided exceptional customer support, resolving complex technical issues with effective communication skills.

Market Data Engineer L3

Credit Suisse Bank
08.2021 - 04.2023
  • Architected and enforced advanced security policies on Palo Alto firewalls, ensuring secure, compliant, and optimized communication across multiple financial exchanges.
  • Led L3 incident response and escalation support, resolving high-severity network and security issues with minimal downtime and business impact.
  • Analyzed traffic flows and threats using Wireshark, Panorama, and Palo Alto Threat Logs, proactively identifying vulnerabilities and mitigating potential cyber risks.
  • Designed and optimized network segmentation and zero-trust security models, strengthening perimeter defense and internal traffic isolation.
  • Collaborated with compliance and risk teams to align firewall configurations and network security strategies with regulatory standards (PCI-DSS, ISO 27001, etc.).
  • Developed BCP and DR (Disaster Recovery) strategies, including controlled power shutdown procedures and failover testing, ensuring maximum resilience and uptime.
  • Coordinated with external vendors and service providers to expedite resolution of critical connectivity and performance issues across global exchanges.
  • Implemented continuous performance monitoring and automated alerting, improving visibility into latency, packet loss, and potential attack vectors.
  • Authored L3-level troubleshooting guides and playbooks, streamlining escalation processes and enabling faster resolution by L1/L2 teams.

Senior Technical Support Engineer L2

Intertec Systems LLC
02.2020 - 07.2021
  • Architected and managed multi-vendor security platforms including Palo Alto (User-ID policies), FortiGate (multi-VDOM, PBR, User-ID), Cisco ASA, Forcepoint Proxy, and F5 LTM, delivering secure, scalable, and resilient network infrastructures.
  • Designed and implemented identity-aware access controls, configuring User-ID–based firewall policies and enforcing segmentation for enhanced security and regulatory compliance.
  • Deployed and optimized Forcepoint Proxy to secure web traffic, enforce usage policies, and mitigate advanced threats across distributed user bases.
  • Planned and executed upgrades, failover testing, and BCP/DR activities, ensuring compliance, resiliency, and operational readiness.
  • Led and supported multiple concurrent projects, balancing priorities across security, infrastructure upgrades, and compliance initiatives while ensuring timely delivery.
  • Collaborated with stakeholders, vendors, and cross-functional teams, aligning security architecture with business objectives while driving cost-effective solutions.
  • Engineered secure connectivity through dynamic IPsec tunnels, SSL VPN deployments, PBR configurations, and optimized firewall rule sets, enhancing speed, security, and compliance.
  • Implemented application-aware traffic shaping and proactive monitoring (SolarWinds), improving performance, reducing latency, and enhancing end-user experience.
  • Resolved complex L3-level issues in VPN, routing, and reverse-routing environments, minimizing downtime and ensuring continuity of mission-critical services.
  • Authored architecture diagrams, playbooks, and best practices, supporting consistent deployments and mentoring L1/L2 teams in escalation workflows.

Systems Engineer L3/L2

Tata Consultancy Services
06.2018 - 02.2020
  • Led Data Center migration from Cisco Catalyst 3850 to Nexus 9500, delivering a more scalable, resilient, and high-performance core infrastructure.
  • Designed and implemented network architecture for VDI systems, ensuring secure, reliable, and high-speed connectivity to support enterprise virtualization.
  • Directed critical firewall migrations, including Cisco ASA → Palo Alto, Juniper → FortiGate, and ASA upgrade from IOS 8.2 → 8.4, enhancing security posture and compliance.
  • Configured and optimized multi-vendor firewalls (ASA, Palo Alto, FortiGate) with advanced features such as User-ID policies, PBR, multi-VDOM, and traffic shaping, strengthening performance and security.
  • Implemented security policies and performed vulnerability assessments, addressing compliance gaps and proactively mitigating risks across core infrastructure.
  • Configured core, distribution, and access layer switches and deployed routers (ISR4321, Nexus 9K, ASA 5515X/5520, Cisco 1900), ensuring reliable enterprise-grade connectivity.
  • Resolved NAT, routing, and server accessibility issues, improving application availability and user experience.
  • Proactively monitored and optimized infrastructure using SolarWinds and TGIM, minimizing downtime and ensuring operational stability.

Associate L1

HCL Comnet and Wipro Technologies
04.2017 - 06.2018

Client: Kotak Mahindra Bank.


  • Configured routers for new branches, and coordinated link migration activities.
  • Troubleshoot various network links, including VSAT, P2P, ISDN, and MPLS; monitor network devices using SolarWinds.
  • Configured QoS, route maps, and access lists; managed routing and reverse routing issues; and tunnel configurations.


L1 Engineer

Net Connect Pvt Ltd
01.2016 - 04.2017
  • Project: NOC Operations (Location: Mumbai) - Troubleshot VPN issues, ensuring secure and reliable network connectivity
  • Conducted troubleshooting on Checkpoint Firewalls/UTM and Sonic Wall Firewall, proactively identifying and resolving complex problems
  • Configured switches and access points, enhancing network performance and accessibility; worked on Proxy Servers and Load Balancers and conducted IOS image upgrades and password recovery on switches, ensuring optimal performance and reliability
  • Upgraded firmware in Sonic Wall firewalls and checked and provided RFO/RCA, enhancing transparency and accountability.
  • Client: Godrej Group

Education

Bachelor of Engineering - Electronics & Telecommunications

Mumbai University
12-2015

Skills

Firewalls & SecurityPalo Alto Cisco ASA FortiGate (Fortinet) Juniper SRX IDS/IPS VPN & Encryption IT Risk Assessment Network Proxy Firewall Migrations,Network Segmentation(Cisco ISE, Illumio,Claroty), Vulnerability Management (Nexpose,Nessus)

Interests

Playing Cricket/Outdoor games, Singing, Family / Friends outings, Mobile gaming/Simulators, Trekking and Camping, Cooking

STRENGTHS

  • Network Security, Routing and Switching
  • With hands on experience on said technologies.
  • Vulnerabilities Management and Governance

Timeline

Technical Specialist ( Team Lead)

Zensar Technologies Ltd
05.2023 - Current

Market Data Engineer L3

Credit Suisse Bank
08.2021 - 04.2023

Senior Technical Support Engineer L2

Intertec Systems LLC
02.2020 - 07.2021

Systems Engineer L3/L2

Tata Consultancy Services
06.2018 - 02.2020

Associate L1

HCL Comnet and Wipro Technologies
04.2017 - 06.2018

L1 Engineer

Net Connect Pvt Ltd
01.2016 - 04.2017

Bachelor of Engineering - Electronics & Telecommunications

Mumbai University
Danish KhanNetwork Security Team Lead