Vishal Kumar
Noida
Summary
Accomplished Network Security Engineer with a proven track record, enhancing network security through expert deployment of Checkpoint and Palo Alto firewalls solutions. Skilled in leading cross-functional teams to achieve over a million dollars in savings via innovative IPSEC VPN solutions. Demonstrates exceptional problem-solving abilities and a commitment to maintaining cutting-edge technical skills.
Overview
17
17
years of professional experience
1
1
Certification
Work History
Assistant Manager, IT Service Operations
Evident Scientific Private Ltd.
2022.06 - 2024.06
- Built, deployed and Migrated Checkpoint firewalls.
- Migrated from Open Servers R80.40 to Checkpoint Appliances R81.10.
- Upgraded firewalls with JHF and version.
- Deployed HA cluster for the checkpoint firewall.
- Segmented various Zones for the Checkpoint Firewalls.
- Implemented Access roles under Firewall Policy to allow User based access instead of IP based.
- Provided and Deployed IPSEC site to site VPN solution for various projects for the company.
- Implement URL Filtering, HTTPS Inspection and Application control through Checkpoint.
- Analyze the Security & Business risk for any rule which gets added in the firewall, implementing new rules in the firewall by following documented process.
- Managing interfaces and bonding interfaces for redundancy.
- Implement ISP redundancy solution to have 0 downtime.
- Troubleshoot various issues related to traffic let it be IPSEC VPN, Remote Access, Identity Provider, SecureXL, NAT, URL filtering, IPS, packet Size, response time, Clustering.
- Provided network Intrusion Prevention System (IPS) management.
- Expreience with NAT Route and Switch on Cisco routers and switches.
- Configured and maintained IPSEC and SSL VPNs on Checkpoint Firewalls.
- Integrated MFA over the VPN authentication.
- Implemented Duo for admin accounts.
- Protected the enterprise from Email Bourne Cyber Threats by managing email filters for Inbound and Outbound SMTP traffic.
- Configure various policies at email security portal such as SPF Fail, Reject, reputation, Patten of text, Email Bomb, graymail etc.
- Managed M365 ATP and Azure ATP.
- Configured Security Baselines under Endpoint manager for M365 to protect the most for endpoint.
- Automated the centralized detection of security vulnerabilities with scripts for Vulnerability assessment tools like M365 EDR.
- Efficiently worked with Secure Score for M365 Defender ATP and Azure ATP and Implement ASR rules, endpoint security, Anti-Virus, Network Firewall.
- Design, created and Deployed Access roles for access to specific systems which helped the process of VLAN segmentation and routing all traffic through Firewall and IAM.
- Use Qualys for scan.
- Quarterly meet with stakeholders for Vulnerability assessment and risk management.
- Coordination of incident response activities, including written and verbal communication with other IT groups and IT management.
- Assessed threats, risks, and vulnerabilities from emerging security issues and identify mitigation requirements.
Associate Consultant
HCL Technologies
2020.09 - 2022.05
- Gained hands on experience on NAT (Network address translation) configurations and its analysis on troubleshooting issues related to access lists (ACL).
- Worked on firewall management on Palo 200 series with creating firewall rules, policies and remote access.
- Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Checkpoint R70 & R77 and Palo Alto.
- Upgrade of Check Point firewalls and management servers from GAIA R77.30 to Gaia R80.10.
- Has expertise in LAN/WAN technologies (fast Ethernet, Layer2 & 3 switched/routed LAN, and Frame Relay).
- Implemented and troubleshoot firewall rules in Check Point R77.30 Gaia and VSX as per the business requirements.
- Plan and support network and computing infrastructure.
- Creating small LAN network and install, configure network equipment such as router and switches.
- Maintained IPSEC and SSL VPNs on Palo Alto Firewalls.
- Configuring Checkpoint VPN site to site and end to end, authentication, and encryption.
- Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
Senior Manager, Broadcast IT
Zee Entertainment Enterprises Ltd.
2016.12 - 2020.09
- Good Understanding and working on Checkpoint Firewall R77.20, R77.30 & R80.10.
- Upgradation done from R77.30 to R80.10.
- Design, install, and monitor network setup.
- Primary responsibilities include managing and maintaining security appliance Checkpoint R80.10 and Network Infrastructure.
- Monitor the event logs, traffic logs of firewall in smart view tracker.
- Nat rule creation (SNAT/DNAT/Port Forwarding) in checkpoint R80.10.
- Knowledge/Working of concepts like 3 tier architecture, standalone/distributed deployment, Packet flow (SAM Database, Anti-Spoofing etc.), SIC Concept, Implied/Explicit Rules, Proxy Arp, Cluster XL / CCP / P-notes (HA – Active/Passive & Load Sharing – Unicast/Multicast), URL Filtering, Application Control, Multi-Layer Concept, HTTPS Inspection (SSL Cert.).
- As per requirement configure policies & troubleshooting through security devices.
- Configure IPsec – Site to Site and Remote Access VPN on checkpoint firewall.
- Backup and failover activity of security device i.e.
- Checkpoint on regular basis.
- Troubleshoot the security device and access related issues in firewall and provide solution within SLA.
- Create security devices configuration changes SOPs for future reference.
- Experience of TCPDUMP and Wireshark packet sniffing tools on checkpoint firewall.
- Consult with internal and external clients to gather requirements and propose solutions.
- Analyze, design and develop systems solutions that meet the customer's requirements.
- Analyze and monitor current local area network systems, wide area network systems and/or telecommunications network and provide information for enhancements and future growth.
- Experience working with Nexus 3k devices.
- Configuration of VPC connectivity between Nexus 3K and VLT connectivity between Dell.
- Design and implement campus switch network with Cisco Layer 3 switches (3750, 4500 and 6500) in multi VLANs environment and inter-VLAN routing, HSRP, VRRP, ISL trunk, ether channel.
- Document site configuration and network topology.
Senior Engineer, Broadcast IT
Dish TV India Ltd.
2010.05 - 2016.04
- Ensured all technical/IT areas and services are maintained to the highest engineering standards.
- Designed & Implemented HD migration of Zee TV India, Zee TV USA, Zee TV Canada, Zee Cinema & Zee Studio.
- Designed & Implemented Tapeless workflows (Transmission).
- Installed and maintained the LAN, WAN & managed various FTP server (vsftpd and proftpd), NTP, SQUID (with SARG), NFS, SAMBA, LVM, RAID, NAGIOS & Quota and permissions on FTP users.
- Installed, Configured and Upgraded firewall checkpoint 4800 from UTM01 and managed whole network through firewall for preventing any kind of mishappening within network.
- Coordination with different vendors for demo, repairing and up gradation purpose of broadcast equipment and generating & maintaining their respective machine history reports.
- Maintained all detail system drawing, documentation of Automation, Playout and Turnaround chain.
- Coordinated with various ISP (TATA, and Bharti) for new & existing connectivity's in Zee Premises.
- All broadcast equipment's monitoring has been made as IT MONITORING AREA for Preventive & Breakdown maintenance of broadcast equipment.
Network Engineer
Tata Communications Internet Services Ltd.
2007.02 - 2010.04
- Managing the Broadband which includes managing day-to-day operations, monitoring, testing, and resolving problems.
- Troubleshooting Broadband customer's problem & Providing Solutions for NAP Related Complaints.
- Provide Technical Support to field Eng. related to WI-MAX.
- Handling Fresh Installations, Shifting from Wireline to WI-MAX, Re-Installations in NOC.
- Create & maintain the daily reports as like REMEDY, TAT, REPEAT CALLS, and CCI/CMI on daily basis.
Education
Bachelor of Engineering - Electrical, Electronics And Communications Engineering
RVD University
Udaipur, India05.2012
Diploma - Electrical, Electronics And Communications Engineering
Saint Kabir Polytechnic
Fazilka, India05.2006
Skills
Firewall: Checkpoint, Palo Alto
Authentication: M365 MFA, DUO
Load balancer: F5 load balancer BigIP LTM
Network devices: Cisco/Dell Routers & Switches with VPC and VLT switching
Antivirus- Trend Micro, Crowdstrike and M365 Defender ATP
Endpoint Web Security: Checkpoint Harmony and M365 Defender
Incident Response & Protection: Defender EDR
Identity Management: M365, Azure IAM
Event Log Analyzer tools: Sentinel (SIEM)
Vulnerability scanning: QualysGuard
Ticketing Tools: Fresh Service & Service Now
Monitoring Tools: Solarwinds, OPManager, Whatsup Gold
Endpoint Email Security: M365 Exchange Admin, Checkpoint Harmony
IPS & IDS: Checkpoint
Routing: OSPF, BGP (eBGP & iBGP), EIGRP, RIP v2, Route Summarization, Redistribution, Static Routing and Dynamic Routing, Subnetting, IPv4 & IPv6
Switching: VLANs, 802.Dot1Q, VTP, STP, RSTP, PVST+, MST and VLAN Maps
Protocols: TCP/IP, UDP, LAN/WAN, DHCP, DNS, FTP, TFTP, ICMP, SNMP, ARP, SIP, HSRP
Technologies: GRE, ACL, DHCP, DNS, Route map, HSRP, Ether-Channel, Tunnel
Security: ACL, NAT, VPN, SSH, SSL, GRE Tunneling, ASA, VLANs, Firewall Rules & Policies
LAN/WAN Technology: Ethernet, Frame relay, DSL, ISDN, MPLS
Tools: GNS3, Wireshark, Packet Tracer, PUTTY, MS Visio and SolarWinds Orion, Spectrum
Operating System: Windows XP/7/8/10/11, Linux, Server 2012/16/19/22, Cisco IOS, Ubuntu, CentOS
Certification
· Check Point Certified Security Administrator CCSA R80 in Feb 2022
· Microsoft Certified: Azure Solutions Architect Expert in Jan 2022
· Vulnerability Management (Qualys) in Aug 2021
· Microsoft Certified: AZ-900, AZ-104, AZ-500, SC-900, MB-920, MS-900, DP-900, PL-900, AZ-700, AZ-204, AZ-140 in Aug 21 – Jan 22
· Zscaler Certified Cloud Administrator - Internet Access (ZCCA-IA) and Private Access (ZCCA-PA) in Feb/Mar 2021
· Fortinet's NSE1 and NSE2 Network Security Associate in Jun 2020
· Cisco Certified Network Associate in Jun 2020
· ITIL foundation certificate in IT service Management in Dec 2012
· Red Hat Certified Engineer in Apr 2010
· MCSE and MCITP (Microsoft) in Mar 2006
Timeline
Assistant Manager, IT Service Operations
Evident Scientific Private Ltd.
2022.06 - 2024.06
Associate Consultant
HCL Technologies
2020.09 - 2022.05
Senior Manager, Broadcast IT
Zee Entertainment Enterprises Ltd.
2016.12 - 2020.09
Senior Engineer, Broadcast IT
Dish TV India Ltd.
2010.05 - 2016.04
Network Engineer
Tata Communications Internet Services Ltd.
2007.02 - 2010.04
Bachelor of Engineering - Electrical, Electronics And Communications Engineering
RVD University
Diploma - Electrical, Electronics And Communications Engineering
Saint Kabir Polytechnic
· Check Point Certified Security Administrator CCSA R80 in Feb 2022
· Microsoft Certified: Azure Solutions Architect Expert in Jan 2022
· Vulnerability Management (Qualys) in Aug 2021
· Microsoft Certified: AZ-900, AZ-104, AZ-500, SC-900, MB-920, MS-900, DP-900, PL-900, AZ-700, AZ-204, AZ-140 in Aug 21 – Jan 22
· Zscaler Certified Cloud Administrator - Internet Access (ZCCA-IA) and Private Access (ZCCA-PA) in Feb/Mar 2021
· Fortinet's NSE1 and NSE2 Network Security Associate in Jun 2020
· Cisco Certified Network Associate in Jun 2020
· ITIL foundation certificate in IT service Management in Dec 2012
· Red Hat Certified Engineer in Apr 2010
· MCSE and MCITP (Microsoft) in Mar 2006
Similar Profiles
FARAH El HALABIFARAH El HALABI
Regional Channel Manager at Evident ScientificRegional Channel Manager at Evident Scientific
Ron KellnerRon Kellner
Engineer Principle Mechanical - Phased Arrays at Evident ScientificEngineer Principle Mechanical - Phased Arrays at Evident Scientific
Jacelyn KohJacelyn Koh
APAC, Administrative Business Partner at Evident Scientific Singapore Pte LtdAPAC, Administrative Business Partner at Evident Scientific Singapore Pte Ltd