Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Ambrish Patel

Jersey City

Summary

  • Over 7 years of hands-on experience in network engineering, including installation, configuration, and maintenance of enterprise-level LAN/WAN infrastructure and security solutions.
  • Proficient in IP addressing, subnetting, VLSM, TCP/IP, NAT, DHCP, DNS, and enterprise routing protocols such as RIP v1/v2, EIGRP, and OSPF.
  • Strong expertise in network security, including configuration of Cisco ASA firewalls, IPSec/SSL VPNs, ACLs, AAA (TACACS+, RADIUS), and cryptographic security policies.
  • Experienced in Zscaler Proxy administration for access control and web filtering, as well as DLP tools like Digital Guardian and Symantec for data protection.
  • Skilled in deploying and supporting VPN technologies, high availability solutions, and secure network architectures for tier II ISPs and enterprise environments.
  • Proficient in VLANs, STP (Spanning Tree Protocol), Layer 3 routing, and general LAN/WAN configuration.
  • Experienced with network monitoring and diagnostic tools, including Wireshark, SNMP, and other management utilities.
  • Solid experience with Linux (CentOS, Ubuntu) and Windows Server environments (2008/2012/2016).
  • Managed SAML SSO (Clearlogin) platforms and performed user access administration and integration.
  • Administered and deployed Kaspersky antivirus across enterprise endpoints, including policy enforcement and reporting.
  • Recognized for strong documentation skills, including creation of technical procedures, SOPs, and architecture diagrams for internal teams and audits.
  • Known for excellent problem-solving, debugging, and customer support skills, with a proven ability to work independently or in collaborative team environments.

Overview

9
9
years of professional experience
1
1
Certification

Work History

Email Security & Network Defense Engineer

Salesforce Inc
02.2022 - Current
  • Contributed to Zscaler ZIA implementation project as part of a cross-functional security team, including:
    Led the initial Proof of Concept (PoC) to validate security posture, performance, and compatibility
    Configured access control, SSL inspection, and DLP policies tailored to organizational requirements
    Tested and validated policy effectiveness, collaborating with end-users and IT stakeholders
    Participated in weekly implementation meetings, documenting risks, milestones, and configurations
  • Administering Proofpoint Email Security for inbound mail flow, ensuring:
    Effective spam, phishing, and malware filtering
    Policy tuning     to reduce false positives/negatives
    Monitoring message trace and SMTP logs for troubleshooting deliverability issues
  • Driving the DMARC Uplift Program for ~4,000 Salesforce-owned domains, focused on improving domain-based email authentication and enforcement:
    Performed DMARC policy reviews and worked with DNS teams to publish and modify records (p=none → p=reject)
    Coordinated domain alignment strategy across internal senders, third-party vendors, and marketing platforms
    Conducted comprehensive Proofs of Concept for Proofpoint Email Fraud Defense (EFD) and Valimail, evaluating visibility, reporting accuracy, and automation capabilities
    Presented PoC findings and adoption roadmap to senior security leadership
  • Engaged in day-to-day operational duties, including:
    Responding to on-call incidents related to email delivery and authentication failures
    Providing support during vendor onboarding and reviewing third-party SPF/DKIM/DMARC configurations
    Collaborating with the Salesforce DNS, Messaging, and Security Architecture teams on remediation plans and phased rollouts
  • Documenting technical configurations, processes, and findings for knowledge transfer, audits, and compliance reporting.
  • Integrated Proofpoint TAP SaaS with Gmail using Gmail Auth Scope, enabling API-based threat detection without MX changes and enhancing protection against phishing and BEC.
  • Leveraged TAP’s Very Attacked People (VAP) dashboard to gain user-specific risk insights and prioritize protection for high-risk targets in Gmail.
  • Integrated Proofpoint TAP with CrowdStrike Falcon, enabling automated IOC sharing and blocking of email-borne threats at the endpoint layer.
  • Improved cross-platform threat visibility and accelerated response through real-time correlation between email and endpoint telemetry.

Human Resource Administration, Network Security Engineer

Mintex Tech Inc
05.2018 - 02.2022
  • Implemented 802.1X authentication on over 60,000 ports, supporting secure network access for more than 30,000 users.
  • Developed a Bash-based troubleshooting script to diagnose 802.1X authentication issues on endpoints, improving root cause analysis and reducing resolution time.
  • Configured multiple IPsec tunnels between remote locations and headquarters using Juniper SRX 5800.
  • Led firewall migration from Juniper to Palo Alto, including rule and policy conversion using the Expedition migration tool.
  • Managed remote Palo Alto Firewalls centrally via PAN-OS Panorama.
  • Utilized Splunk Enterprise to troubleshoot security incidents and analyze log data across various network and application systems.
  • Executed load balancer migration project, transitioning from Alteon to Kemp Load Balancer.
  • Prepared technical statement of purpose for load balancer infrastructure migration, outlining scope, risks, and benefits.
  • Designed, configured, and migrated 90+ applications to a new platform with zero downtime.
  • Performed monthly and ad-hoc vulnerability scans using Tenable Nessus, and analyzed scan results for remediation.
  • Supported compliance initiatives in accordance with HRA-DSS IT security accreditation processes for applications and systems.
  • Migrated Pulse Connect Secure from MAG 360 to PSA 7000c, including lab validation, RDP/app access testing, failover, and cluster configuration.
  • Configured new applications on PSA 7000c including sign-in URLs, Realms, Roles, Resource profiles, and policy definitions.
  • Troubleshot application access issues using policy trace, DS records, TCP dumps, IV logs, and coordination with Pulse Secure support.
  • Designed and implemented Azure-based multi-factor authentication (MFA) for RDP and 60+ applications, covering 12,000+ users.
  • Configured SAML-based SSO for 30+ applications in collaboration with Azure AD.
  • Documented the design, deployment, and operations of various security tools, including root cause analyses of incidents.

Information Security Engineer

Fareportal Inc
06.2016 - 04.2018
  • Administered Google Admin Console for 4,500+ user accounts, managing email routing, group creation/deletion, mailbox delegation, Google Drive sharing, and more.
  • Managed Identity and Access Management (IAM) across enterprise systems, including Active Directory and SSO platforms.
  • Implemented and administered Zscaler cloud-based web filtering solution, including policy configuration, troubleshooting, and ongoing maintenance.
  • Created and enforced Zscaler access rules for internet and cloud applications based on department-specific requirements.
  • Integrated Zscaler with Active Directory (AD) to enable group-based IAM and control user access by department.
  • Coordinated Zscaler proxy deployment across multiple locations with support from the network and Zscaler teams.
  • Installed and maintained Kaspersky Antivirus on 3,500+ endpoints, including planning and executing a successful product PoC.
  • Deployed SAML-based SSO Cloud Platform for over 3,500 users, improving authentication security and user experience.
  • Managed access control and performed audits for over 3,500 user and service accounts in Active Directory, including Group Policy reviews.
  • Resolved 20+ tickets daily using Connect IT ticketing platform, ensuring timely issue resolution and documentation.
  • Performed vulnerability scans and assessments using Tenable Nessus, and supported remediation through analysis reports.
  • Assisted Security Compliance Manager and CISO in interpreting vulnerability data and supporting compliance efforts.
  • Supported accreditation efforts through Fareportal's IT security compliance processes for systems and applications.
  • Administered Cisco ASA firewalls across global networks, including VPN tunnel configuration and log analysis.
  • Configured site-to-site IPsec VPN tunnels using Cisco ASA 5500 series, managing varied Phase 1 and Phase 2 parameters per client.
  • Led PoC for firewall migration from Cisco ASA to Palo Alto Next-Gen Firewalls (NGFW).
  • Configured and maintained Palo Alto Firewalls (PA3020, PA5020) using Panorama, including rule adjustments and log analysis.
  • Analyzed firewall logs to optimize security policies and respond to threats.
  • Administered Layer 2/Layer 3 switching technologies, including VLANs, STP, trunking, port security, inter-VLAN routing, and LAN security.

Education

Master of Science - Electrical and Computer Engineering

New York Institute of Technology
Manhattan, NY
12.2016

Bachelor of Science - Instrumentation And Control Engineering

Sardar Vallabhbhai Patel Institute of Technology
Vasad, Aanand, Gujarat
05.2013

Skills

  • Firewall management tools
  • Organization and planning
  • Network Security Management
  • Network architecture understanding
  • Root Cause Analysis
  • Firewall functionality
  • Subnetting expertise
  • Software load balancer expertise
  • Network performance monitoring
  • Python and Bash proficiency
  • Layer-2/3 protocols
  • DNS implementation
  • EIGRP routing
  • SNMP monitoring
  • 8021x experience
  • OSPF routing
  • Port security knowledge
  • Disaster recovery operations
  • DDoS prevention
  • Networking protocol expertise

Certification

  • CISSP
  • AWS Solution Architect Associate
  • PCNSE
  • CCNA Security
  • CCNA
  • JNCIA

Timeline

Email Security & Network Defense Engineer

Salesforce Inc
02.2022 - Current

Human Resource Administration, Network Security Engineer

Mintex Tech Inc
05.2018 - 02.2022

Information Security Engineer

Fareportal Inc
06.2016 - 04.2018

Master of Science - Electrical and Computer Engineering

New York Institute of Technology

Bachelor of Science - Instrumentation And Control Engineering

Sardar Vallabhbhai Patel Institute of Technology

Similar Profiles

CREATE PROFILE