Niranjan M - Network Cyber Security Engineer |
[email protected] |
Location: Vancouver, Washington, USA |
Relocation: open |
Visa: H1 |
Niran
M: 540-547-6599 Email: [email protected] Summary: Seasoned Cybersecurity professional with over 10 years of experience in designing, implementing, and operating enterprise data networks and Cybersecurity solutions. Proven ability to lead and manage a team of security analysts, develop, and implement security policies, and manage security incidents. Expertise in a wide range of security technologies, including firewalls, intrusion detection systems, security information NDR, EDR and SIEM. Cyber Skills: Network security: firewalls, vulnerability management, intrusion detection systems, security information and network security architecture and design Cyber threat analysis and incident response Network Detection and Response (NDR) Tenable Development Endpoint Detection and Response (EDR) Security Information and Event Management (SIEM) Digital computer forensics Information security risk assessment and management Security policy development and implementation Security awareness training and education Leadership and team management Communication and collaboration Scripting & Automation Skills: Python Networking Skills: Routers: Cisco 17XX, 18XX, 26XX, 28XX, 37XX, 38XX, 39XX &72XX series. Switches: Cisco 3550, 3750, 45XX, 65XX series. HP 5800, 5510, 10XXX, 12XXX series. Load Balancer: Cisco CSS, F5 Networks Routing: OSPF, EIGRP, BGP, RIP-2, PBR, Route Filtering, Redistribution, Summarization, Static Routing. Switching: VLAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi Layer Switching, Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging LAN: Ethernet, Fast Ethernet, Gigabit Ethernet, FDDI, CDDI, Token Ring, ATM LAN Emulation WAN: Leased lines 64k - 155Mb (PPP / HDLC), Channelized links (E1/T1/E3/T3), Fiber Optic Circuits, Frame Relay, ISDN, and Load Balancing. Various Features & Services: IOS and Features, HSRP, GLBP, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, DNS, TFTP and FTP Management. AAA Architecture: TACACS+, RADIUS, Cisco ACS. Security / Firewalls: Cisco ASA Firewalls 5580-20, PaloAlto, FortiGate, IPS/IDS, DMZ Setup, CBAC, Cisco NAC, ACL, IOS Firewall features, IOS Setup & Security Features Juniper: EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240 Nexus: Nexus 7K/5K/2K Series of switches Academics: Masters in Telecommunications Engineering Technology, Rochester Institute of Technology, Rochester NY. WAN/LAN Planning & Design Advanced Programming Emerging Network Technology Intro Routing & Switching Independent Study on Network Security Graduate Project on Wireless Network Security Bachelors in Electronics and Communication Engineering, Andhra University, AP India. Advanced Network Theory Computer Architecture Information Theory & Coding Data Structures Professional Certifications: Juniper JNCIA Certified Palo Alto (PCNSE) Networks Certified Network Security Engineer Cisco Certified Specialist - Enterprise Core (CCNP Enterprise - ENCOR) Cisco Certified Network Professional Enterprise (CCNP Enterprise) CompTIA Security+ ce Certification Professional Experience: Hewlett-Packard (HP Inc.), Apr 2023 to till date 115 SE 164TH AVE #210, Vancouver, WA 98683 Hewlett-Packard (HP Inc.), Feb 2022 to Mar 2023 1070 NE Circle Blvd., Corvallis, OR 97330 Local Cyber Security Manager Job Profile: Site Cybersecurity Manager which is the liaison between centralised HP Cybersecurity and local/site management and is responsible for the cybersecurity of local networks. Responsibilities: Cybersecurity Leadership Site leader for Cybersecurity to oversee all the cyber activity across the site and collaborate with different cyber teams. Consulted with teams across the organisation to uphold security posture and maintain a safe and secure environment for employees. Educating and training different labs and teams across the site regarding cybersecurity awareness training and HP Cybersecurity Policies and Standards. Analysed, documented, and communicated detailed reports, including recommended remediation. Cybersecurity Architecture and Design Designed Cyber compliance networks and secure data flows for different businesses in the organisation and for collaboration with external companies/clients. Designed firewall rules for different businesses based on the need and application usage. Audited firewall configurations and rules. Managed local firewalls Fortinet and PaloAlto Firewalls as well as shorewall Linux Firewalls. Participated in architecture reviews to ensure that solutions comply with cybersecurity standards and use approved technologies. Collaborated with business units to understand network security requirements. Collaborated with system and application owners to streamline patching and implement automation solutions. Proven experience in architecting, designing, and implementing Snare Central (version 8.2) for enterprise-grade log management and security information and event management (SIEM) solutions. Expertise in configuring and managing log sources within Snare Central, ensuring comprehensive log collection, normalization, and analysis for various security tools. Customized log flow to other tools using Snare Central to reduce costs. Cybersecurity Operations Extensively used ExtraHop NDR to detect, investigate, and respond to advanced threats. Used ExtraHop NDR to monitor network traffic, identify anomalies, and create and manage custom security rules. Experienced in using ExtraHop NDR to integrate with other security tools for a comprehensive security solution. Well versed in all major infra VM tools and other tools such as Qualys, Rapid7 Nexpose, Tripwire IP360, Tripwire Expertise in using Tenable Nessus and Tenable.io to scan networks for vulnerabilities, identify, prioritize, and remediate vulnerabilities, and generate and analyze vulnerability reports. Ability to use Tenable tools to create and manage custom vulnerability scans and integrate with other security tools. Managed Tenable Security Center for comprehensive vulnerability management to improve security posture, reduce compliance cost, enhance operational efficiency and better decision making. Managed local IT support teams to patch the vulnerabilities and bring the Risk factor below 6%. Automated Vulnerability reporting and response and provided weekly summary automation to upper level management. Full vulnerability management using Tenable from scans, scan reporting, differential scan reporting, Vulnerability scan reports for different businesses/VLANS. Reduced container image vulnerabilities by 70% using Sysdig Secure image scanning, preventing potential breaches. Streamlined container deployments by 20% leveraging Sysdig's automated policy enforcement and vulnerability scanning capabilities Achieved and maintained PCI-DSS compliance for our cloud infrastructure through continuous monitoring and reporting with Sysdig Secure. Developed and implemented strategies for Snare Central integration and upgrade activities, ensuring smooth system evolution and alignment with security best practices. In-depth knowledge of logging standards and frameworks (e.g., syslog, CEF) and their integration with Snare Central for enhanced log management. Demonstrated ability to leverage Snare Central's advanced filtering, parsing, and correlation capabilities to detect and investigate potential security threats. Coordination with Different Labs/Businesses/IT support/Cyber/Network/Firewall Teams for efficient vulnerability management & remediation. Scripting & Automation of Vulnerability reporting and management. Provided leadership and expertise establishing strategic direction for Program Execution support services. Built and led IT PMO managing a significant portfolio of projects. Led extensive IT service management initiatives providing strategic and tactical leadership as well as operational governance in supporting business objectives. Develop, coordinate, and led governance processes, policies, and practices that help set strategic vision aligned with business and ICTS direction to inspire and drive Program Execution services. Designed governance process for enterprise software evaluation, licensing, procurement, and implementation. Direct or manages small as well as large process improvement projects across multiple functions within Technology, involving significant scope and complexity. Accountable for, validation and maintenance of formal monthly tracking of actual performance against targeted budget requirements. Perform a governing role for, ensuring that the proposal, execution, control, SOA, deployment, training and hand off, warranty support, and closure to meet schedules. Managed Tripwire IP360 and Tenable Security Center vulnerability scans. Managed database assets and vulnerability management scans utilizing Tripwire Compliance Configuration Manager (CCM), IP360 and Nessus. Imported and managed multiple corporate applications into GitHub code management repo. Coordinate/assist developers with establishing and applying appropriate branching, labeling/naming conventions using GIT source control. Responsible for designing, maintaining, and securing Subversion/Git repositories, access controls, and user views. Analyze and resolve conflicts related to merging of source code for GIT. Running authenticated vulnerability and baseline scans using tools such as Tripwire IP360, CCM & Rapid7 Nexpose, tool configuration, reporting & analysis of issues found such as failed scans. Hands-on experience on Information Security, involved in planning, configuration, investigating, troubleshooting and managing Arcsight, Retina CS, IDM Tivoli and Tripwire. File Integrity checks and alert handling using Tripwire. Developed dashboard and report for management using Splunk, Tripwire Enterprise, IP360, Firemon. Monitored client network with McAfee Threat Analyzer for security breaches and investigated violations when they occur using Tripwire IP 360 software for vulnerability scanning. Verified data integrity and accuracy. Worked on log management using Tripwire Console and Tripwire Enterprise file integrity solutions. Performed network troubleshooting and root cause analysis by restoring the archived logs. Worked auditing product evaluation, implemented, configured & administrated IBM Guardium for auditing database security for SOX & data encryption, obfuscation. Worked on Service-Now integration with Guardium for DBMS changes. Engineered and oversaw software and processes pertaining to Database Controls, using Guardium, DB2 LUW, Unix shell scripting and other tools. Using Splunk Data conducted real-time threat detection and analysis through advanced log parsing, correlation, and Splunk Search Processing Language (SPL) skills. Designed and implemented custom dashboards and reports to visually track security trends, prioritise threats, and inform incident response from the Splunk datafeed. Manage multiple Palo Alto firewalls centrally through the Palo Alto Panorama M-500 centralized Management appliance. Implement the Global Protect VPN, IPSec VPNs and SSL VPNs through IKE and PKI on Palo Alto firewalls for site-to-site VPN Connectivity. Participated in network security incident response. Conducted network design reviews and developed recommendations for improving security posture. Performed packet and network system analysis using HPE IMC, Wireshark, LibreNME, Nagios, Nmap, NetStat, ARP, Zeek, etc. Expert in Endpoint Detection and Response (EDR) and Security Information and Event Management (SIEM) solutions, with a focus on CrowdStrike Falcon and Splunk. Successfully implemented and managed CrowdStrike Falcon for large-scale enterprise environments. Conducted thorough investigations of security incidents using CrowdStrike Falcon's advanced threat hunting capabilities. Integrated Splunk with other security tools (firewalls, IDS, endpoint protection) for a unified security orchestration and response (SOAR) strategy. Automated routine tasks and workflows within Splunk using scripting languages (Python, Bash) for enhanced efficiency and scalability. Leveraged Splunk's reporting capabilities to demonstrate and maintain regulatory compliance to stakeholders and auditors.Proactively monitored security posture to ensure adherence to best practices and address potential compliance gaps using Splunk. Provided technical support and training to end-users on CrowdStrike Falcon. Developed and maintained SIEM integrations with CrowdStrike Falcon to provide a centralized view of security data. Integrating Crowdstrike EDR API with ExtraHOP NDR for more comprehensive Cybersolution. Cyber Solutions to various HP Businesses Designed and Coordinated Cybersecure Data Flow Management for HP 3D Nike Partnership. Provided Customized Tenable scans for PWP Business for PWP to provide stable software builds to clients on client's request. Provided and managed WiFi Solution to different HP businesses in HP Corvallis and HP Vancouver. (Victoria Printer development, Quality, Human Factors lab, Printer testing teams) Designed Firewall rules and configured network for IPsec Tunneling for HP T1100 Webpress with external partner company in Germany Hewlett-Packard (HP Inc.), Aug 2016 to Jan 2022 1070 NE Circle Blvd., Corvallis, OR 97330 Sr. Network/Cybersecurity Engineer Job Profile: Member of the Cybersecurity team which designs, configures, and secures networks for all the labs and users across various sites globally. Responsible for design, deployment, configuration, and support Network as well as monitor for Cybersecurity threats using various tools and fix the vulnerabilities by prioritizing them. Responsibilities: Network Design, Deployment, and Maintenance Responsible for design, deployment, configuration, and support Network Transformation Project which focuses on moving all the users to a new and secure R&D Network that covers all 8 buildings and 2000+ users across various organizations. Responsible for installing, configuring, and supporting various HP switches 5800, 5510, 10K and 12K. Configuring VLAN, Spanning tree, VSTP, SNMP on HP switches Performed switching technology administration including VLANs, inter-VLAN routing, Trunking, STP, RSTP, port aggregation & link negotiation. Performed application server builds in EC2 environment and monitoring them using cloud watch. Diagnose, troubleshoot, and resolve app issues using Dynatrace and Sysdig Set up and completed cloud monitoring infrastructure through New Relic and RSyslog, Sysdig. For project governance; Designed, implemented, evaluated and audited project management processes and completed templates for the PMO. Compiled real-time metrics relating to IT project success, resource capacity analysis, project attributes, and individual productivity which adhered to defined processes. Architected and implemented Snare Central solutions for Network Activity Monitoring (NAM) of different firewalls, 100s of routers & switches across various buildings, and other network devices, enabling comprehensive security visibility. Developed custom dashboards and reports within Snare Central to provide security teams with actionable insights for threat detection, investigation, and incident response. Streamlined security operations by automating log analysis workflows using Snare Central scripting and integration capabilities. Conducted security awareness training sessions for security teams on effectively utilizing Snare Central for threat detection and mitigation. Played a key role in optimizing Snare Central performance and scalability to meet the evolving needs of the security environment. Established Governance and developed a set of project controls to manage requirements, Gating and facilitate securing executive consensus on the business objectives, budgets and implementation solutions. Performed periodic Risk Assessment to identified potential risks/opportunities and documented mitigation strategies and tracked them to conclusion. Provided project governance, schedules, scope/change management, design requirements, stakeholder communications, technical resources, integration testing, issues risks, and successful production releases. Expert in Audit tool IBM GUARDIUM 7.0/8.0 & 9.5 & jSonar Installation & Configuration. Developed queries, reports, custom tables, custom domains, and other Guardium objects. Developed Unix shell scripts. Monitored database activity for privileged users using a SQL Server platform with input from Guardium reports and other sources. Firewall Rules and maintenance on Fortigate and PaltoAlto Firewall rules using Fortinet manager and Panaroma. Moving from Fortigate firewalls to nextGen PaloAlto Firewall pair and HA configuration without any interruptions. Published Jira gadgets and dashboards on confluence page. Managed JIRA Add-ons and Worked on Setup JIRA for Helpdesk/Tickets. Working in Integrations and migration of Servicenow with JIRA (bi-directional integration). Created users on Active Directory, synched the users on Jira and assigned groups and spaces. Create one or more Splunk configurations in Jira administration interface to access Splunk Enterprise. Involved in gathering the requirement when migrating from the JIRA to ServiceNow. customized both JIRA and Confluence to integrate into the pre-existing systems with an eye towards making the programs extensions of their systems, and not hindrances to their systems. Created JIRA projects, templates, workflows, screens, fields and other administrative activities. Provided ongoing support and configuration for JIRA project, workflows, Screens, fields, permissions, and other Admin tasks. Created custom templates for use within Confluence. Experience in integrating Salesforce Applications with legacy systems using SOAP/REST based web-services. Created Salesforce custom objects, custom settings and fields as per business requirement. Modified Salesforce User Account visibility by providing sharing rules, permission through profiles, and permission sets as per business requirement. Configuration of Access List across various devices for routing traffic through the network. Software upgrades on various HP switches. Responsibilities also include technical documentation of all upgrades done. Supported Infoblox appliances grid environment for DNS, DHCP and IP Address Management tools (IPv4), for the State Farm enterprise network. Successfully achieved main goal of project: Played an Integral role in migrating company s security firewall environment from FortiOS 5.4 firewall platform to Fortigate 1500D and FG 100D Performance Monitoring & Tuning - iostat, vmstat & netstat, nfsstat, etc. Troubleshoot all Infoblox DHCP and IPAM issues that may occur. Leveraged Tenable's REST API to programmatically retrieve vulnerability data for real-time mapping and analysis. Integrated API calls with web mapping libraries (Leaflet, OpenLayers, Mapbox) to create interactive web maps showcasing vulnerability distribution and trends. Developed custom tools or scripts for automated mapping tasks, enhancing efficiency and scalability. Generated comprehensive vulnerability reports using Tenable with geographic attributes for further analysis in external GIS software. Expertly exported data from Tenable in various formats (CSV, XML, JSON) to support seamless integration and compatibility. Using Tenable Data export, Performed spatial analysis to identify geographic correlations, clusters, and outliers, revealing insights for targeted remediation strategies. Network Security Manages ExtraHop (NDR Tool) cloud security across various global sites to Detect Advanced Threats, Monitor Sensitive Workloads & Data, Incident Response, Inventory & Configuration, Forensic Investigation, Vulnerability Assessment, Dependency Mapping, Compliance & Audit. Managed various network monitoring tools like Nagios, LibreNMS to monitor all the network switches and servers globally. Configure, Manage and Monitor Palo Alto firewall models (Specifically the PA-5050 and the PA-5260). Performed migrations from Check Point firewalls to Palo Alto using the PAN Migration Tool MT3.3. Implement advanced Palo Alto Firewall features like URL filtering, User-ID, App-ID, Content-ID on both inbound and outbound traffic. Strong experience in working with SIEM tools such as Splunk, QRadar and monitoring tools including Wireshark, SevOne, SolarWinds with strong troubleshooting skills Successfully unravelled complex security incidents using Splunk to gather evidence, track investigations, and contain breaches. Developed and deployed custom Splunk queries and alerts to detect even the subtlest anomalies and potential intrusions before they escalate. Demonstrated deep understanding of incident response best practices and utilised Splunk for effective threat mitigation and remediation. Analyze risks and prioritize vulnerabilities and mitigate them using tools like Tenable. Responsible for network risk mitigation for the entire site. Coordinate with various security teams to fix network and security vulnerabilities. Coordinate with various Business Organizations and guides them with fixing network vulnerabilities. Configuration of Access List across various devices for routing traffic through the network. Responsibilities also include technical documentation of all upgrades done. Network Troubleshooting and Support Analyze complex circuit and routing problems; monitor and adjust the performance of the network to ensure network availability to all users and perform necessary maintenance and testing to support network availability. Configure, monitor, and maintain applications; troubleshoot problems reported by users and by automated network monitoring systems. Responsible for service request tickets generated in all phases such as troubleshooting, maintenance, upgrades, patches, and fixes with all around technical support. Diagnose, troubleshoot, and resolve hardware, software, or other network and system problems, and assist in replacing defective components when necessary; ensure network, system and data availability and integrity through preventative maintenance and upgrade. Communicating with team members on a worldwide base (AP/EMEA/US) Leadership and Teamwork Mentor and consult team members and assign tasks to other resources. Coordinate with various security teams to fix network and security vulnerabilities. Coordinate with various Business Organizations and guide them with fixing network vulnerabilities. Attending meetings and technical discussions related to various projects. AT&T June 2013 to June 2016 Saint Louis, MO Sr. Network/Data Engineer Job Profile: Member of the Network Engineering team to provide network support, configuration, design and implementation across various data centers to provide nationwide connectivity. Responsibilities: Design, deployment and maintenance of enterprise networks and datacenters. Responsible for supporting MX960 Migrations which focuses on upgrading devices from 3G to S4 Networks. Backbone Juniper MX integration with the existing network/ data center routers Cisco N7K and 6500. Configuring Juniper MX960s, M320s. Migrated network architecture from Cisco to Juniper MX and EX series devices. Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000. Experience with upgrading NX-OS on Nexus devices and Password Recovery. Software upgrades on various Cisco, Juniper, Nexus and Ericson devices. Experience in working with Nexus 7010, 5020, 2148, 2248 devices. Provided Load Balancing towards access layer from core layer using F5 Network Load Balancers. Installed high availability Big IP F5 LTM and GTM load balancers to provide uninterrupted service to customers. Supporting EIGRP and BGP based network by resolving level 2 &3 problems of internal teams & external customers of all locations. Design, build, and implementation of IPv6 network systems. IPv6 pilot and architecture review, ISP up stream analysis for IPv6 implementation. Responsible for the IPv6 Dual stack implementation, IPv6 conversion projects. Assessing the existing hardware and software for IPv6 readiness and compliance. Responsible for Static, OSPF, BGP and static routing between Customer Edge and Upstream networks, site wide complex routing configuration changes, troubleshooting unanticipated errors, multiple ticket generation systems. Worked in application delivery controllers, such as the F5 BIG-IP product family to handle a wider variety of functions, including rate shaping and SSL offloading, as well as serving as a Web application firewall. Provisioning and level 2 and 3 link certifications, SS7 link maintenance. Configuration of Cisco 6500 (sup 720), 4500 (SUP 6) & 3750 Catalyst Switches for network access. Configuring RIP, OSPF and Static routing on Juniper M and MX series Routers Checking and configuring Cisco 7600 and 7200 routers at data center for remote sites issues. Configuring OAM Router ports, various VLANs and Terminal server. References: Available upon Request Keywords: business intelligence sfour rlang information technology container edition ffive hewlett packard Idaho Missouri Nebraska New York Pennsylvania Washington |