Sadam UYSEN

Senior Cyber Security Specialist with 11+ years of Experience in Architecting and Defending complex Enterprise Environments using Palo Alto (including Prisma Cloud & Panorama), AWS, Azure, Oracle, Splunk, Citrix Net Scaler, Cisco and Threat Detection.

• Deep expertise in Palo Alto NGFW, Panorama, delivering centralized management of globally distributed firewalls. Proficient in configuring device groups, templates, shared policies, log forwarding, custom reports, and integration with SIEM/SOAP platforms for unified visibility and control.
• Designed, deployed, and managed enterprise-grade Palo Alto Networks Next-Generation Firewall across data center, branch, and perimeter environments.
• Configured and optimized App-ID, User-ID, Content-ID, URL Filtering, Threat Prevention, Anti-Spyware, High Availability (Active/Passive & Active/Active), GlobalProtect VPN and DNS Security profiles.
• Advanced knowledge of Prisma Cloud, with hands-on experience in securing cloud-native workloads, containers, serverless functions, and IaC templates. Integrated CI/CD security checks, cloud misconfiguration scanning, and compliance policy enforcement for AWS and Azure environments.
• Designed and implemented Zero Trust architectures using Prisma Cloud and Panorama to secure hybrid and multi-cloud environments.
• Configured and optimized WAN Link Load Balancing using F5 BIG-IP and Citrix NetScaler with techniques like weight balancing, priority routing, failover, and policy-based routing.
• Troubleshot, configured, and managed Palo Alto, Cisco ASA/Firepower, and Juniper SRX firewalls across enterprise networks with high-availability failover and threat prevention features.
• Implemented and maintained Splunk for real-time security analytics, log ingestion, correlation, and dashboarding, aiding in advanced threat detection and hunting.
• Led cloud security efforts across AWS and Azure, leveraging tools like GuardDuty, CloudTrail, WAF, NSGs, Defender, and Sentinel to monitor, audit, and defend critical workloads.
• Designed and enforced IAM policies, role-based access controls, and Multi-Factor Authentication (MFA) across hybrid environments.
• Deployed and managed EDR solutions, vulnerability management tools, and automated patching systems to proactively mitigate threats and maintain compliance.
• Delivered robust incident response, forensic analysis, and root cause investigations for cloud and on-prem environments.
• Spearheaded disaster recovery and business continuity strategies with secure backup and cross-region failover for mission-critical applications.
• Oversaw complete LAN/WAN architecture, including VPN (IPsec, SSL, DMVPN), network segmentation, NAC, wireless access, and core routing/switching.
• Developed infrastructure automation and hardening practices using DevSecOps principles, integrating IaC (Terraform).
• Conducted cybersecurity awareness training to reduce insider risk and ensure stakeholder alignment on organizational policies.
• Authored policies, SOPs, and security baselines aligned with NIST, CIS, ISO 27001, and SOC 2 compliance standards.
• Designed and deployed cloud security architectures in AWS and Azure, applying best practices in VPC design, IAM, NSGs, Azure Defender, GuardDuty, and WAF implementation.
• Monitored infrastructure and application behavior using Splunk, ScienceLogic EM7, Nagios, Wireshark, and Cacti to proactively detect and respond to anomalies.
• Collaborated with HR, compliance, and IT operations to drive cybersecurity awareness, internal audits, and risk assessments.
• Authored and maintained security documentation, including SOPs, incident runbooks, and audit-ready reports aligned to regulatory frameworks.
• Configured and managed BGP, Prefix list, Route Map, Access list, route tuning on gateway router
• Creating, updating and troubleshooting firewall policies in PFSENSE 2.0.0.1, pix 515, Cisco ASA, Juniper, palo alto.
• Responsible for network architecture, capacity planning, monitoring, and management.
• Design, implement and maintaining site-to-site IPsec VPN, DMVPN, GREVPN to remote office.
• Provide remote support to on-site engineers and end users/customers during installation.
• Efficient at use of Microsoft VISIO/Office as technical documentation and presentation tool
• Configuring and troubleshooting of STP, VTP AND VLAN and Dynamic routing protocols like RIP, EIGRP, OSPF, and BGP.