Summary
Overview
Work History
Education
Skills
Websites
Certification
Timeline
Generic

Raja Sekhar

Cleveland,OH

Summary

Trusted Network Security Engineer with 7years protecting companies against bad actors who disrupt business operations. Serves as primary safeguard against external threats. Educates colleagues on best practices and network safety protocols. Protects networked assets through both preventive and reactionary measures.

Overview

8
8
years of professional experience
1
1
Certification

Work History

Senior Network Security Engineer

BP - Beyond Petroleum
01.2023 - Current
  • Design, test, and deploy IT security systems, solutions, and ecommerce environments, ensuring robustness and resilience against cyber threats
  • Gathered requirements and collaborated with stakeholders to design and implement Forescout across the enterprise
  • Led the deployment and configuration of Forescout in a large-scale environment, ensuring compliance with security protocols
  • Provided post-implementation support and training for IT staff to ensure seamless integration and operation
  • Managed and configured Cisco routers, switches, and firewalls to support secure and efficient network operations
  • Troubleshot and resolved complex network issues, ensuring minimal downtime and optimal performance
  • Implemented security controls and protocols to safeguard network infrastructure from potential threats
  • Conducted regular security assessments and audits to identify vulnerabilities and improve overall security posture
  • Conducted comprehensive security assessments and code reviews, identifying and mitigating vulnerabilities
  • Developed and implemented threat models to identify and prioritize security threats
  • Performed penetration testing and vulnerability scanning to ensure application resilience
  • Responded to security incidents, conducting root cause analysis and implementing preventive measures
  • Designed and implemented secure application architectures, embedding security in design and architecture
  • Developed and enforced security policies and procedures, ensuring compliance with industry standards
  • Integrated security tools and practices into CI/CD pipelines, automating security testing and vulnerability management
  • Collaborated closely with developers and operations teams to promote a security-first culture
  • Provided training and awareness programs to educate employees about security best practices
  • Maintained detailed documentation of security assessments, incidents, and mitigation measures
  • Conducted regular security reviews to ensure compliance with security standards and best practices
  • Implemented monitoring tools to detect and respond to security threats in real-time
  • Analyzed security logs and reports to identify and mitigate potential security incidents
  • Worked with development teams to provide security guidance and conduct secure code reviews
  • Developed and delivered training programs on security best practices for developers and IT staff
  • Assisted in the development and enforcement of security policies and procedures
  • Experience in Qualys policy compliance in detecting internal and external threats and vulnerability
  • Implemented Positive Enforcement Model with the help of Palo Alto Networks
  • Worked with Palo Alto Panorama management tool to manage all Palo Alto firewall and network from central location
  • Responsible for Security infrastructure engineering as well as a Microsoft Windows, UNIX, Checkpoint Firewalls, Juniper firewalls, PIX firewalls, Bluecoat Proxies, Juniper Intrusion Prevention devices, and wireless switch Security Management.
  • Configuring Checkpoint and ASA for NAT (Static PAT/Manual NAT) to enable remote access for sites by doing Port redirection and configuring various VPNs like IPsec Site to Site, SSL VPN.
  • Create policies, alerts and configure using SIEM tools (Splunk, SolarWinds)
  • Installation of Palo Alto (Web Application and URL filtering, Threat Prevention, Data Filtering) Experience in Configuration, Management, Deployment, Optimization and Troubleshooting Checkpoint VSX
  • Performed upgradation of checkpoint firewall from old platforms to new platforms R77.10 to R77.30.
  • Worked on Cisco ASA IPSec site to site VPN and Cisco Any Connect.
  • Perform daily/weekly/quarterly health checks on Security Information and Event Management (SIEM) systems including ArcSight, Nitro, LogRhythm, QRadar, and Splunk
  • Established IPSec VPN tunnels between branch offices and headquarter using Juniper SRX Firewall Responsible for all Juniper SRX firewalls consisting of SRX 3560, 1400, 550
  • Coordinated with third-party security information and event management (SIEM) providers to maintain protections and predict threats.
  • Developed and maintained company-wide endpoint security solutions.
  • Configuration of Juniper SRX series firewalls for outbound traffic via blue coat proxy server
  • Responsible for performing Cisco ASA and Palo Alto firewall rule audit using different firewall optimization tools like Tufin, Firemon, and Algosec and make decisions on risk to the enterprise network
  • Performed multiple firewall changes on the PIX, ASA, and Palo Alto firewall based on the requirements and monitored firewall changes using Firemon Tool
  • Created and managed use cases, analyze correlated traffic, created and monitor channels, create and send reports, collected detailed evidence to support cases with SIEM HP Arcsight Application Worked with SIEM tools such as IBM QRadar to get real-time analysis of security alerts generated by network hardware and applications
  • Firewall as well as virtualization of firewall, both VSX and VSYS .
  • Worked on security tools and software's like Cisco WSA, Qualys, Splunk, Symantec Endpoint Protection, Bit9, HP Network Node Management .
  • Routing and Switch protocols: BGP, OSFP, VLAN, VTP, STP, RIP, RSTP.
  • Firewall deployment, rules migrations, firewall administration and converting existing rule based onto new Checkpoint and Palo Alto Next-Generation Firewall platforms
  • Responsible for planning, documenting and implementation of complex Firewall and VPN solutions
  • Represent the changes at the weekly change review and application migration meetings.
  • Created standardized incident response program to outline immediate and consistent remediation of security breaches.
  • Installed and maintained commercial firewall solution, working with security vendors to consistently apply best practices and software updates.
  • Designed standardized incident logging system to track historical incursions while helping prevent future breaches.

Network Security Engineer

One America
05.2022 - 12.2022
  • Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point Firewall VPN-1 FW-1 NGX R65, R70 & R75 Provider-1/Site Manager-1 R65, R70.30 & R75.40 Smart Domain Manager (SDM) command line & GUI
  • Supports and implementation and ongoing operations of network access control devices to include firewalls, web proxies, and SSL VPN devices
  • Experience with IT security devices such as Check Point Firewalls, Blue Coat Secure Web Gateway, Source Fire IDS/IPS, Symantec DLP, Nessus, Juniper SSL-VPN, and Fore Scout (NAC) Experience with Using GTM, APM & LTM F5 component to provide 24“7 access to applications
  • Installation of Palo Alto (Web Application and URL filtering, Threat Prevention, Data Filtering).
  • Successfully installed Palo Alto Next-Generation PA-3060, PA-5060 firewalls to protect Data Center with use of IPS feature
  • Experience with Cisco ASA firewall Cisco security Manager (CSM) and migration from Cisco to Palo Alto.
  • Worked on network packet analyzer tools as, Wireshark, Microsoft Network Monitor, Snort.
  • Exposure to wildfire advance malware detection using IPS feature of Palo Alto.
  • Maintained and Configured Checkpoint VSX with firewall virtualization and checkpoint clusters.
  • Configuring rules and Maintaining Palo Alto Firewalls with IPS & Analysis of firewall logs.
  • Worked on automating process for migration of security policy using Palo Alto Migration tool 3.0 and Symantec.
  • Advance knowledge on Network segmentation and checkpoint Next-generation firewall GAIA R77.30 host migration as well as QoS of LAN network
  • Selected appropriate intrusion detection system solutions for implementation at facilities.
  • Applied Center for Internet Security (CIS) benchmarks to verify performance of ongoing security measures.
  • Developed and maintained company-wide endpoint security solutions.
  • Managed company Bring Your Own Device program, onboarding employee devices and verifying absence of inherent security threats.
  • Installed and maintained commercial firewall solution, working with security vendors to consistently apply best practices and software updates.
  • Coordinated with third-party security information and event management (SIEM) providers to maintain protections and predict threats.
  • Worked with teams to develop company-wide information assurance, security standards and procedures.
  • Implemented necessary controls and procedures to protect information system assets from intentional or inadvertent modification, disclosure or destruction.

Network Security Engineer

Select Engineering Systems
12.2020 - 12.2021
  • Planned, installed, monitored and was the single point of contact for all intrusion detection for client systems
  • Monitored and maintained client firewall, intrusion detection systems and VPN systems including (Checkpoint FW-1/VPN-1/Cisco PIX/Secure VPN /Secure IDS)
  • Supported a large-scale deployment of Forescout, ensuring the solution met all security and operational requirements
  • Coordinated with third-party security information and event management (SIEM) providers to maintain protections and predict threats.
  • Worked with teams to develop company-wide information assurance, security standards and procedures.
  • Installed and maintained commercial firewall solution, working with security vendors to consistently apply best practices and software updates.
  • Collaborated with cross-functional teams to integrate Forescout with existing security tools and protocols
  • Maintained and optimized Cisco network infrastructure, including LAN/WAN, wireless networks, and VPNs
  • Performed network monitoring and analysis using tools like Wireshark and Splunk to identify and mitigate issues
  • Developed and implemented troubleshooting procedures for network incidents, leading to a significant reduction in resolution times
  • Provided technical support and guidance to junior network engineers and support staff
  • Designed, implemented, and managed Cisco Firepower Firewalls in large-scale enterprise environments
  • Configured and managed Cisco Firepower Threat Defense (FTD) and Firepower Management Center (FMC) platforms
  • Configured and managed Check Point Firewalls, including VPN-1 FW-1 NGX R65, R70, and R75
  • Implemented security policies, conducted risk analysis, and modified firewall rules using Smart Domain Manager (SDM) and GUI
  • Configured, upgraded, and monitored Cisco ASA AnyConnect VPN
  • Managed Site-to-Site and Remote Access VPN configurations and troubleshooting
  • Designed and implemented data center migration strategies, focusing on MPLS VPN network expansion
  • Upgraded upgradation of security platforms from R65 to R77.30
  • Conducted threat hunting using Splunk, Qradar, Tanium, and RSA Security Analytics
  • Utilized SIEM tools like Splunk, SolarWinds, and LogRhythm for comprehensive security monitoring
  • Designed, installed, and troubleshooted Palo Alto firewalls, including PA-3060 and PA-5060
  • Configured IPS features for advanced threat prevention and data center protection
  • Managed IT security devices such as Blue Coat Secure Web Gateway, Source Fire IDS/IPS, Symantec DLP, Nessus, Juniper SSL-VPN, and Fore Scout (NAC)
  • Utilized network packet analyzer tools like Wireshark, Microsoft Network Monitor, and Snort for network analysis
  • Deep understanding of network protocols (TCP/IP, UDP, ICMP) and security architectures, including DMZs, VPNs, and segmentation
  • Configured firewall rules, access control policies, and intrusion prevention systems (IPS)
  • Led network security projects, ensuring timely delivery and adherence to security standards
  • Mentored and motivated team members, promoting a collaborative and efficient work environment
  • Automated network tasks and configurations using scripting languages like Python and Bash
  • Optimized firewall migration processes using Palo Alto Migration Tool 3.0 and Symantec Endpoint Protection
  • Ensured compliance with security frameworks and regulations such as PCI-DSS, HIPAA, and GDPR.

JR Network Security Engineer

Skybridge Global solutions Pvt Ltd.
05.2016 - 12.2020
  • Successfully led a comprehensive Azure Cloud security compliance and remediation initiative, ensuring proactive detection and resolution of security drifts while maintaining regulatory compliance
  • Worked with teams to develop company-wide information assurance, security standards and procedures.
  • Coordinated with third-party security information and event management (SIEM) providers to maintain protections and predict threats.
  • Implemented efficient security controls across the security assurance lifecycle, resulting in enhanced threat detection and response capabilities within the Azure environment
  • Developed and deployed compliant infrastructure and supporting services within Azure, demonstrating expertise in the Shared Responsibility Model and industry-specific regulatory requirements
  • Automated security processes using scripting languages such as PowerShell, Python, and Bash, leading to increased operational efficiency and reduced manual intervention
  • Collaborated closely with stakeholders to prioritize and remediate security drifts in a timely manner, resulting in a strengthened security posture and alignment with organizational objectives
  • Facilitated knowledge transfer and consistency in compliance efforts by documenting deployment processes and configurations for Azure infrastructure
  • Enhanced visibility into security events and activities by implementing logging and data pipeline architectures within the Azure Cloud environment
  • Actively pursued Azure certifications to expand expertise and stay updated on the latest cloud security best practices and technologies
  • Effectively communicated complex technical concepts to non-technical stakeholders.
  • Sustained optimal sender score on two IPs, enhancing inbox delivery and corresponding metrics while improving delivery metrics from 70% to 85%.

Education

Master of Science - Computer And Information Sciences

Cleveland State University
OHIO, UNITED STATES
12.2023

Bachelor of Science - Information Technology

Jawaharlal Nehru - Technological University
India
03.2017

Skills

  • Windows Server
  • JIRA
  • OWASP ZAP
  • Burp Suite
  • Nessus
  • Qualys
  • Incursion Tracking
  • Disaster Recovery Planning
  • Scripting Languages
  • Network Security Management
  • Vulnerability Assessment
  • Network Troubleshooting
  • Incident Logging Oversight
  • Firewall Management
  • SIEM Provider Management
  • Penetration Testing
  • Application security
  • Firewall Installation
  • Linux
  • Git
  • GitHub
  • Bitbucket
  • Splunk
  • Freshdesk
  • ZOHO
  • Intrusion Detection
  • Patch management

Certification

  • Certified Ethical Hacker at EC-Council
  • Certified Palo Alto Networks Certified Network Security Engineer
  • Certified Associate Developer Python at MongoDB University
  • Certified RPA advanced Developer at UiPath

Timeline

Senior Network Security Engineer

BP - Beyond Petroleum
01.2023 - Current

Network Security Engineer

One America
05.2022 - 12.2022

Network Security Engineer

Select Engineering Systems
12.2020 - 12.2021

JR Network Security Engineer

Skybridge Global solutions Pvt Ltd.
05.2016 - 12.2020

Master of Science - Computer And Information Sciences

Cleveland State University

Bachelor of Science - Information Technology

Jawaharlal Nehru - Technological University
Raja Sekhar