Summary
Overview
Work History
Education
Skills
Additional Information
Certification
Languages
Timeline
Generic

Shashank V S

Technical Architect
Bengaluru

Summary

A Network Security professional with 10.5 years of experience, specializing in network protocols, firewalls, and vulnerability management. Seeking to transition into a DevSecOps role, combining deep security knowledge with a passion for automation and continuous integration/deployment (CI/CD) pipelines. Proficient in embedding security practices within the DevOps process to ensure secure, scalable, and resilient systems.

Overview

10
10
years of professional experience
4
4
years of post-secondary education
3
3
Certifications

Work History

Network Security Engineer

Commonwealth Bank of Australia, CBA
06.2023 - Current
  • Worked with Teams network security firewall design for migrating critical applications from on-premise data centers to cloud environments (AWS, Vmware), ensuring secure and seamless transitions with minimal downtime
  • Architected firewall policies and security controls to support application migration, including reconfiguring rules for new IP ranges, cloud services, and traffic flows, reducing security risks during transition phase
  • Design secure VPN tunnels and firewall policies for hybrid environments, ensuring secure communication between legacy systems and migrated applications during phased migration processes
  • Collaborated with application and infrastructure teams to map firewall requirements and ensure smooth migration without disrupting existing network security policies
  • Designed and tested firewall policies for applications in multi-tier architectures, ensuring that migrated applications could securely interact with internal and external services post-migration
  • Optimized firewall performance and policies to support scalability of newly migrated applications, improving throughput by 99.99% and reducing latency
  • Monitored firewall traffic and logs during and after migration to detect and respond to any security anomalies, ensuring seamless transition without compromising network’s security infrastructure.
  • Performed firewall audits and validations post-migration, verifying that firewall rules aligned with new application architecture, improving security posture and ensuring compliance with CBA corporate standards.
  • Experience in Amazon Cloud Services (AWS) creating features like Guard duty, IAM, VPC, Route 53, Cloud watch, Cloud Trail, S3, , ALB, NLB, Lambda, Security groups using Terraform

Technical Architect

Mindtree ltd
07.2021 - Current
  • Collaborated with clients to determine project specifications and scope
  • Reviewed clients' overall app and infrastructure estate, business priorities, and success criteria to design transformation plans.
  • Migrated from Cisco ASA to Palo Alto firewalls (one of the canadian Sites ).
  • Worked with users to identify firewall ports required and allow them through change control process.
  • Established IPsec VPN tunnels between branch offices and headquarter using Cisco ASA Firewall.
  • Configure, Manage and Monitor Palo Alto firewall models (Specifically PA-5050 and the PA-5260).
  • Performed migrations from Cisco ASA firewalls to Palo Alto using the PAN Migration Tool MT3.3
  • Implement advanced Palo Alto Firewall features like URL filtering, User-ID, App-ID, and Content-ID on both inbound and outbound traffic.
  • Deployed Palo Alto firewalls using Confidential NSX through L2 and L3 interfaces on models such as VM-300, VM-500, and VM-1000-HV.
  • Enable file forwarding to Wildfire cloud through Content-ID implementation to identify new threats
  • Manage multiple Palo Alto firewalls centrally through the Palo Alto Panorama M-500 centralized Management appliance
  • Implement the Global Protect VPN, IPSec VPNs, and SSL VPNs through IKE and PKI on Palo Alto firewalls for site-to-site VPN Connectivity.
  • Deployed Active/Standby modes of High Availability (HA) with Session and Configuration synchronization on multiple Palo Alto firewall pairs. Knowledge of the application of Active/Active HA mode
  • Enforce policy checks on north-south and east-west data center traffic through Panorama M-500. Provided escalated technical support in troubleshooting firewall and network issues.
  • Configured, Troubleshoot and Maintained Firewalls policies on Cisco NGFW 5500 series and Palo alto including Security, NAT policy definitions; application filtering; Regional based rules; URL filtering, Data filtering, file blocking, User-based policies.
  • Enabled the User-ID feature while creating policies based on users and groups rather than individual IP addresses.
  • Configured Active/Passive HA links between Cisco Firewalls.
  • Configured Firewall-security context modes, interfaces, objects, and access list, NAT, AAA for network access and advanced network protection on Cisco Firewalls

Senior Network Engineer

Cerner Corporation
11.2019 - 07.2021
  • Analyzed existing network and application architectures, presenting findings on possible enhancements and improvements to senior decision-makers
  • Improved network operation by incorporating new technologies into existing designs
  • Completed efficient and effective troubleshooting of complex multi-vendor network service provider issues
  • Configuration and Troubleshooting Site-to-Site VPN
  • In expertise in Troubleshooting routing protocols (BGP, OSPF )
  • Experience with Firewall Administration, Rule
  • Analysis, Rule Modification, and Implemented traffic filters using Standard, Extended, and Named access- lists in Palo and Cisco ASA
  • Experience in configuring and troubleshooting IPSEC site-to-site VPN solutions
  • Working experience with Datacenter Switches such as Nexus 2K, 5K, and 7K
  • Configuration and troubleshooting in F5 LTM
  • Hands-on experience with F5 BIG-IP LTM VIP configuration with health check
  • Default with creating VIP pools, and nodes and created custom iRules for the virtual servers like cookie persistency and redirection of URL on F5
  • Hands-on experience hosting SSL Certificate on the f5 Platform
  • Hands-on experience managing the Loadblancer in high availability infrastructure
  • Hands-on experience in Network firewall security like Palo Alto, Cisco ASA
  • Implement advanced Palo Alto Firewall features like URL filtering, User-ID, App-ID, and Content-ID on both inbound and outbound traffic.
  • Deployed Palo Alto firewalls using Confidential NSX through L2 and L3 interfaces on models such as VM-300, VM-500, and VM-1000-HV.
  • Enable file forwarding to Wildfire cloud through Content-ID implementation to identify new threats
  • Manage project tasks to migrate from Cisco ASA routing
  • Configuration and Troubleshooting Site-to-Site VPN

Network System Engineer

IQVIA
11.2016 - 11.2019
  • Firewall and Pala Alto Firewall Automated administration using Perl & Python scripting
  • Migration to new Pala alto firewalls from Cisco ASA
  • Experience in communicating with customers, and solving complex problems in a timely productive manner
  • Configuration and troubleshooting F5 LTM and providing level 2 support for the clients, Worked closely with customers, internal staff, and other stakeholders to determine the planning, implementation, and integration of system-oriented projects
  • In expertise in routing protocols (BGP, OSPF, EIGRP,
  • RIPv1&2), Switching architecture and protocols (VLANs, Truncking and Spanning Tree)
  • Hands-on experience in configuring Cisco routers/Switches to perform functions at the Access, Distribution, and Core layers
  • Experience in Tier- 2 support, NMS, and Service now ticketing system, network troubleshooting, handling
  • Documented standard operation policies for Cisco
  • IOS, IOS-XR, NX-OS, and ASA firewalls
  • Hands-on experience in Network firewall security like Palo alto Alto, ASA client network connectivity in
  • Remote Access - Virtual Private Network (VPN)
  • Provided Managed firewall clients with regular status reports of their trouble tickets and opened, resolved, or updated support tickets for managed firewall clients
  • Executed changes on various firewall proxies and scripts over the entire network infrastructure using
  • Service Now ticketing tool
  • Backup and restore of Check Point and Cisco ASA Firewall policies
  • Monitoring traffic and connections in ASA and Forcepoint Firewall
  • VISIO/Office as technical documentation and
  • Efficient at the use of Microsoft VISIO/Office as technical documentation and presentation tools
  • Migration to new Pala alto firewalls from Force point
  • Provided 24x7x365 availability and on-call support as required by the projects
  • Hands-on experience regarding F5 BIG-IP LTM VIP configuration with health check
  • Configuration and troubleshooting F5 LTM and providing level 2 support for the clients

Network Engineer

Thomson Reuters
09.2015 - 10.2016
  • Demonstrated strong analytical, troubleshooting, and problem-solving skills
  • Worked as a Network engineer by implementing and maintaining network devices around the globe for Thomson Reuters made up of Cisco Nexus
  • Switches, routers, Big-IP F5 load balancers
  • Working on load balancers such as F5 and ACE Also taking care of DNS changes on F5 and Infoblox across the globe for Thomson Reuters
  • Performed policy push and worked on checkpoint firewalls Investigating, diagnosing, and resolve all network problems
  • Responsible for chasing vendor case for an RFO with
  • ISP's like Verizon, AT &T, Telefonica, Level 3, XO,
  • CenturyLink and others in case of outage/interface flapping issue
  • Upgrading and repairing faults on networks & peripheral equipment and excellent supplier management
  • Skills and chased with Cisco for an RMA
  • Worked on major networking incidents and resolved within specified service level agreement (SLA)
  • Worked in coordination with implementation team in recording alarm status during OAT testing
  • Analyze change records to determine any trends or potential problems
  • Created changes on Access control List and either permitted or denied as per the request on the databaseUsing Perl script
  • Experience in communicating with customers, solving complex problems in a timely productive manner
  • Configuration and troubleshooting F5 LTM and providing level 2 support for the clients

L1 Network Support Engineer

Dimension Data Pvt Ltd
08.2014 - 09.2015
  • Working as L1 Network Support Engineer for Quest
  • Global Network/Security project
  • Monitoring traffic and configuring Network/Security
  • Devices like Cisco, Juniper, Checkpoint, and
  • FortiGate
  • Configuration & troubleshooting of protocols like RIP,
  • OSPF, Static, and NAT
  • Configuring and troubleshooting policy/nat/routing issues on the firewall
  • Troubleshooting SSL VPN for remote connectivity
  • Coordinating with Vendor TAC for the escalated issue and performing troubleshooting with TAC
  • Engineers
  • Migrated live network devices on the production network
  • Maintaining network
  • Uptime of 99% and Service Uptime of 99.5%
  • Documenting changes done for change/incident management
  • Taking care of day to day network related issues for the user
  • Implementation and maintenance of LAN Network
  • Configuration of Cisco Switches
  • Coordinating with the BT team for the routing and
  • MPLS-related issues
  • Marinating the device backups on a weekly basis
  • Update and maintain databases of Branch network details/diagrams, devices details, link details, etc

Education

Bachelor of Engineering - Electronics And Communications Engineering

Channabasaveshwara Institute of Technology
Tumkūr, KA
08.2009 - 06.2013

Skills

Hands on experience in Palo Alto & Cisco ASA

Firewall management

Routing protocol expertise BGP and OSPF

Configuration and Troubleshooting Site-to-Site VPN

Firewall:PA-5050 and the PA-5260

Networking Infrastructure Design

DevSecOps Tools in Docker, Kubernetes,Terraform, AWS, Git, CI/CD

Security Best Practices in Threat Modeling, Secure SDLC, Compliance (ISO27001, SOC2), OWASP,SNYK

Cloud Security in AWS Guard duty,AWS inspector,AWS security HUB,AWS IAM, VPC Security, Security Groups

Performed SAST, DAST, SCA testing on applications and performed False positive analysis

Integrated security tools like Snyk, SonarQube, Ci/CD build pipeline

Additional Information

  • Interests Badminton .

Certification

Aws developer-associate

Languages

Kannada
English
Tamil
Telugu
Hindi

Timeline

Network Security Engineer

Commonwealth Bank of Australia, CBA
06.2023 - Current

Aws developer-associate

03-2022

Technical Architect

Mindtree ltd
07.2021 - Current

Senior Network Engineer

Cerner Corporation
11.2019 - 07.2021

Cisco Certified Network Professional (CCNP) -Routing

05-2018

Network System Engineer

IQVIA
11.2016 - 11.2019

Network Engineer

Thomson Reuters
09.2015 - 10.2016

Cisco certified network associate(CCNA))

05-2015

L1 Network Support Engineer

Dimension Data Pvt Ltd
08.2014 - 09.2015

Bachelor of Engineering - Electronics And Communications Engineering

Channabasaveshwara Institute of Technology
08.2009 - 06.2013

Similar Profiles

  • Steven Mirzai

    Steven MirzaiSteven Mirzai

    Senior Mobile Lender at Commonwealth Bank of Australia, CBASenior Mobile Lender at Commonwealth Bank of Australia, CBA

    View Profile
  • Calvin Zhang

    Calvin ZhangCalvin Zhang

    Home Lending Specialist at Commonwealth Bank Of Australia, CBAHome Lending Specialist at Commonwealth Bank Of Australia, CBA

    View Profile
  • Amy Connolly

    Amy ConnollyAmy Connolly

    Talent Aquisition Specialst at Commonwealth Bank of Australia, CBATalent Aquisition Specialst at Commonwealth Bank of Australia, CBA

    View Profile
Shashank V STechnical Architect