Vignesh Palanivel
Banglore
Summary
Results-Focused professional senior Network Security Engineer with 3 years 10 months of experience with expertise in Palo Alto firewalls and Azure cloud solutions, Cisco routing, switching, Automations and supported network devices. Proven track record in designing secure network architectures and implementing robust security measures. Strong analytical skills complemented by effective collaboration with cross-functional teams to enhance cybersecurity posture and ensure compliance.
.
Overview
4
4
years of professional experience
Work History
Senior Network Security Engineer
Microland
Banglore
08.2024 - Current
- Prepared the plan of action to migrate the sites and executed successfully.
- Design the VLAN, routing protocols, and wireless controllers for site migration to specific departments.
- Created new VLANs for manufacturing OT device segmentations to meet the cybersecurity potential risks and compliance.
- Configuring and managing DHCP and static IP addressing for network devices and endpoints to ensure reliable and structured IP allocation.
- Deployed the Site-to-Site IPsec VPN tunnels between regional offices and the datacenter office.
- Deployed the Palo Alto PA-820 model, PA-1440 model, and PA-VM in Azure.
- Deployed the GlobalProtect with the prelogon method and SAML setup in Azure.
- Created the virtual network (VNet), and network security groups in Azure.
- Created a virtual network gateway and peered the VNet-to-VNet communication.
- Deployed the IPSec VPN between Azure to regional offices, and data center offices.
- Deployed the dual ISP settings in landscape for reliable network and business continuity.
- Created and managing the DNS records like A record, CNAME records and URL forwarding.
- Integrated the devices in SolarWinds for continuous monitoring and fixing the alerts.
- Associated the devices in Aiops Palo Alto for monthly BPA scanning and applying the best practice recommendations.
- Audited the network security landscape periodically and provided the recommendations to keep the environment threat free and continuous business.
Network Security Analyst (WILP)
Wipro
Banglore
07.2021 - 08.2024
- Planning, designing, and installation of Palo Alto firewalls.
- Prepared network security design documents for onboarding new sites.
- Implemented production onboarding of 100+ firewalls, including the PA-3000 and PA-5000 series.
- Configured GlobalProtect portal and Gateway per client specifications.
- Collaborated with the cyber-defense team to detect and prevent malicious activities within the environment.
- Design the policies and implementation for business requirements, and preventive actions.
- Designed and managed security profiles for URL filtering, vulnerability profiles, file blocking, data filtering, and antivirus profiles.
- Implemented IPSec and GRE tunnels to enhance connectivity between regional sites and the data center.
- Configured dynamic routing protocols such as OSPF, EIGRP, and BGP based on site requirements.
- Worked with Palo Alto premium-focused TAC support engineers to maintain the landscape securely and find the problems related to software and hardware.
- Upgraded the firewalls and Panorama periodically.
- Designing the User ID agent in the Windows server and user group mapping settings to deploy the rules based on user ID groups from Active Directory.
- Maintaining the SSL, firewall, and GPC certificates to avoid expiration and continue business.
- Applied the automation skill to clean up the objects using the PAN-OS-PHP.
- Regular audit with business owners for security policies maintenance by using the Tufin.
- Reviewing the security advisories released by Palo Alto based on the new threats and applying the fix for the environment.
- Implementation of authentication profiles like TACACS, RADIUS, LDAP, and multifactor authentication.
- Reviewing the incidents triggered in the network security queue and providing suggestions to engineers to fix the issues quickly and promptly.
- Wrote SOPs for maintaining the records and references.
- Presented weekly progress and improvement plans to enhance the network security in the landscape to client leadership.
Education
Bachelor of Science - Physics
St.Joseph's College of Autonomous
Tiruchirapalli04.2021
High School Diploma -
Vani Vikash Matric Hr Sec School
Salem04.2018
Skills
- Palo Alto firewall
- Global Protect
- Pan-OS-PHP automation
- Palo Alto Prisma solution
- Cisco switching
- Cisco routing
- Cisco wireless controller
- Azure cloud
- VLAN design
- Extreme Cloud (switch, AP)
- AIOps (Palo Alto)
- Python
- JavaScript
- HTML5
- CSS
- PostgreSQL
- Zscaler
- Dns management using csc global
- GRE tunnel
- IPSec tunnel
Affiliations
- Object cleanup:
Activity: introduced PHP automation to clean up the duplicate objects in Panorama to reduce the config size of the Panorama.
Action and result: 200 sites device group cleaned up with around 100,000 + unused and duplicate objects. It gives a result to keep the Palo Alto recommended config size without impacting production and resolved outages.
- Standardization of User ID:
Activity: User ID and Group mapping re-design.
Problem: Exceeded the users due to unused mapping, causing the production impact.
Action and Result: Deploed the User-ID agents based on regions, and group mapping, which resulted in production outage-free and maintenance issues.
- Certificate Management:
Activity: standardizing the root and intermediate global certificates into global templates.
Problem: certificate management and certificate expiration
Result: Fixed the certificate management by deploying in the global templates, which resolved the certificate renewal cycle and maintenance by keeping in central template.
- Global Protect Standardization:
Activity: Consolidation of GPC portals.
Problem: Multiple Global Protect Portals for each sites caused the maintenance issue.
Result: Standardized the GPC portals region based instead of each site and used required gateway for sites.
- Device Group & Templates standardization:
Activity: Device Group & Templates standardization.
Problem: Device group and templates not cleaned up which are decommissioned sites. Not standard in the global configurations.
Result: With the deep analysis of each site device group and templates, standardized in global level which made the maintenance simple.
Languages
Tamil
First Language
English
Proficient (C2)
C2
Telugu
Beginner (A1)
A1
Timeline
Senior Network Security Engineer
Microland
08.2024 - Current
Network Security Analyst (WILP)
Wipro
07.2021 - 08.2024
Bachelor of Science - Physics
St.Joseph's College of Autonomous
High School Diploma -
Vani Vikash Matric Hr Sec School
Similar Profiles
ANIRUDDH KHAREANIRUDDH KHARE
Senior Software Engineer at MicrolandSenior Software Engineer at Microland
Rajkannan MRajkannan M
Engineer at MicrolandEngineer at Microland
Vaibhav PrakashVaibhav Prakash
Power Bi Expert and Lead at MICROLANDPower Bi Expert and Lead at MICROLAND
Divya Y SDivya Y S
Senior Software Development Engineer in Test (SDET at In Time Tec Vision Soft Pvt LtdSenior Software Development Engineer in Test (SDET at In Time Tec Vision Soft Pvt Ltd
Sabah SaleemSabah Saleem
Leader, Customer Delivery (Professional Services) at CiscoLeader, Customer Delivery (Professional Services) at Cisco