A System specialist offering five years of progressive experience in Information Technology. Network Security specialist with over three years of progressive experience in Audit and Risk assessment of enterprise Unix, Windows NT and Cisco/3Com architectures.
Experience in Designing and Implementing Internet security products and accessing the Network and Application security based on BS7799 standard Audits/ Risk assessment and analyzing the network sturdiness using Open Source methodology for Penetration testing (Ethical Hacking).
My current role demands skills in Project Managment, Audit and Risk Assesment, guiding the team in developing and mainatining a secure setup. Special skills relating to Enterprise Information Security issues; risk analysis, policy development, incident management, data forensics, and Internet security utilizing open source and off-the shelf solutions and tools for audits, risk assessment, penetration testing and counter intelligence.
#Firewall
*Checkpoint FW1 4.0/4.1/NG, Nokia IP330, Cisco PIX, Netscreen, Guantlet, CA eTrust and Symantec Enterprise Firewall.
#Intrusion Detection
*Real Secure, CA eTrust and Cisco IDS
#Content Inspection & URL filtering
*CA Content Inspection, Surfcontrol, Websense, Symantec Igear and Trend eManager
#Anti Virus
*Norton, Mcafee, eTrust Antivirus and Trend Micro Interscan Viruswall.
#Policy Compliance
*Symantec ESM
#PKI
*Entrust PKI 5.0, RSA Keon 5.0, iPlanet CMS, eTrust PKI 1.0/2.0
#LDAP
*iPlanet, Critical path and Netscape
#Authentication
*RSA Secure ID, Rainbow iKey tokens
#DNS
*F5 DNS, Microsoft DNS
#Sniffer
*Ethereal, TCP Dump, LanGuard, Sniffer
#DNS Query tools
*Nslookup, Sam Spade, Whois, dig
#Scanning tools
*Nmap, Super Scan, Lan Guard, Wups, ISS, Port scan, Strobe, Ping sweep, Net Scan, Win Scan
#Vulnerability Assesment Tools
*ISS Scanner, Cybercop, Retina, Nessus, Web Inspect, Languard, App Detective, Sara, Saint, CGI Scanner, Trinux, Fire, Whisker, Site Scan, etc
#Network Enumeration tools
*Cheops, Queso, Nmap, Net cat, Solar Winds, Tele Sweep, War Dialer, Phone Sweep
#Network Managment tools
*HP OV, Whatsup Gold, Solarwinds
#Bandwidt Managment
*Packet Shaper
#Log Analyzer
*Netforensic, Solarwinds, Webtrends
#Raw Packet transmission tools
*Firewalk, Hping, Pacgen, Nemisis, etc
#Router
*Cisco, 3Com, Intel
#Switch
*Cisco, 3Com, Intel
#Hub
*D-Link, Cisco, 3Com, Intel
*Platforms*
#Operating System
*Sun Solaris 2.7/2.6, AIX 4.3.3, HP UX 11.0, DG - Unix, SCO UnixWare, AOS/VS 7.73, Windows NT 4.0 Server/Workstation, Linux Red Hat 6.2, 7.2, 7.3.
#Hardware
*Sun Enterprise 250, Sun Sparc II, DG � Aviion 8500/5500/4600, Digital Alpha 2000/4000, DG Main frame series MV-15000/4000, IBM Netfinity series, Siemens Primergy, Intel based Systems.
#Software
*Sun Management Center 2.1.1, Sun Enterprise SyMon 2.0, Solstice Disk Suite 4.1/4.2, Solstice Admin Suite, Workshop Compiler C/C++/SPARC 5.0/4.2
Enterprise Security
================
Skill Set
*IS Audit/ Risk assessment and Hardening of different flavors of Unix and Windows systems.
*Design and implementation of secure firewall architecture and integrating secure architecture with Web/Mail content filtering, proxy servers and virus control solutions.
*Implementation of Real Secure Network and host based Intrusion Detection Systems.
*Developing secure email solution, data encryption, digital certificates, etc utilizing iPlanet CMS,
*Entrust PKI, RSA Advanced Keon and eTrust PKI
*Enabling two factor authentication utilizing iKey, RSA Secure ID and Biometrics
*Assisted in design of secure architecture solutions
Network Engineering and Security
===========================
Skill Set
*Penetration Test (Open Source Methodology)
*Designing and Analyzing a Secure Network Architecture
*Developing and designing a Secure LAN/ WAN based switched and routed networks.
*Cisco switch and router security review, configuration and network hardening.
*Network management and packet sniffer analysis.
*Protocols include TCP/IP and SSL.
Systems Engineering
================
Skill Set
*Implementation of HA Reliant clustering on SCO UnixWare 2.1.3
*RAID configuration utilizing Solstice On-line Disk Suite (ODS)
*RAID configuration utilizing IBM Serve RAID and NFS configuration.
*Sun Solaris installation, NFS configuration and System administration.
*SCO UnixWare installation and system administration.
*Linux installation and system administration of Linux.
*Windows NT installation, implementation of Windows clustering and system administration.
Web Engineering and Security
========================
Skill Set
*iPlanet, Apache and IIS Web servers hardening.
*Content management solutions.
*SSL implementation utilizing PKI
Software Development
==================
Skill Set
*C Programming on Unix/Dos platform.
Technical Qualification:
B.E. ELECTRONICS from Dr. Babasaheb Ambedkar Marathwada University (Government College of Engineering & Tech. Nanded.) with 68.20 % (DISTINCTION)
DIPLOMA(ELECTRONICS & COMM.) from Board of Technical Examination (Anjuman Polytechnic) with 63.91 % (FIRST CLASS)
Training Attended:
1. Check Point Firewall-1 CCSA and CCSE from Ramco Systems, Chennai
2. Trend Micro Products Administration and Implementation from Trend Micro, Mumbai
3. RSA System Administration and Engineering from RSA, Mumbai
4. System Administration SA I on Solaris 2.6 from Micro Univ, Mumbai
5. Onward training workshop on Novell Security Solutions from Novell, Mumbai
6. Six Sigma from WIPRO, MUMBAI
7. Presentation Skills from WIPRO, MUMBAI
8. Consulting Skills from WIPRO, BANGALORE
9. Leadership Skills Program from WIPRO, BANGALORE
10. A Course on Industrial Management from INDIAN MINISTRY OF INDUSTRY, Small Scale Industries Development Organization, Nanded
Certifications and Commendations
*RSA Certified System Engineer SecurID 2002
*Certification in Network Technical Support Brain bench in year 2002
*Unix system Administrator Brain bench in year 2000 *Excellent performance for the year 1999-2000 at PCS Industries Ltd.
Professional experience:
1. Accenture, Designation: Team Leader from June 2003 Till Date
Responsibilities
#Management Consulting
*Security Policies (Review and Implementation)
*Security Consulting based on BS7799 standards.
*Project Management
*Facilitation Management
#Audit and Risk Assessment
*Information Security Policy and Technology Recommendation Report
*Manual reviews of the network elements like Routers, Switches, RAS, Firewalls, etc.
*Run automated vulnerability assessment tools and carry out Manual Review of various Operating Systems like Windows and Unix
*Manual Review of the application like Web Servers.
*Analysis of the data gathered during the study phase as per BS7799 standards and review the same with the customer
*Recommend appropriate best practice and fix.
2. Wipro Infotech, Designation: Consultant (Technical Specialist) from Nov 2000 Till May 2003
Responsibilities
#Management Consulting
*Security Policies (Review and Implementation)
*Security Consulting based on BS7799 and Cobit standards.
*Project Management
*Facilitation Management
#Penetration Testing (Ethical Hacking)
*Testing and execution of the Open Source tools
*Discovery & Foot printing of the client network
*Service and OS enumeration of the setup
*Vulnerability Scanning and Analysis
*Exploitation of the Application/OS/Network weaknesses to elevate the access
*Carrying out Denial of Service Attack
*Carry out Impact & Risk Analysis
*Design and Recommend solutions
*Post consulting support
#Audit and Risk Assessment
*Information Security Policy and Technology Recommendation Report
*Manual reviews of the network elements like Routers, Switches, RAS, Firewalls, Cache Engines, and Local Director etc.
*Run automated vulnerability assessment tools and carry out Manual Review of various Operating Systems like NT and Unix
*Manual Review of the application like Web Servers (IIS/iPlanet), DNS, Sendmail.
*Analysis of the data gathered during the study phase as per BS7799 standards and review the same with the customer
*Recommend appropriate best practice and fix.
#Architect Security Solutions.
*Carry out footprint analyzes of client network.
*Define secure architecture that meet the identified control needs of customer environments by justifying various threat manifestation scenarios;
*Security software evaluation and selection.
*Designing Practice report and comprehensive Internet Security Architecture implementation plan
*Designing Security Solutions
#Security Product Implementation and Specialization.
*Design, Implement and deploy new Intranet & Internet related security solutions for the customers based on the requirements projected by the marketing team viz. Firewall, VPN, Content Inspection solutions and IDS etc.
*Handing over the tested solutions to the operations and the customer support engineers for onsite and back end installation along with the Systems Engineering docket.
*Post Implementation Support
*Troubleshooting critical problems escalated from the operations and the customer during and after the deployment of security solutions.
#Imparting Training
*Developing material for and delivering numerous courses to classes of all sizes on a range of topics
#Business Development
*Participation in pre-sales by Providing clarifications/suggestions/solutions to customers
#Manage customer expectations/satisfaction
*Soliciting client input, discussing approaches and solutions
*Providing feedback regarding scope, timing, cost deliverables and resources
*Anticipate major issues customers might face and effectively work towards resolving the same
*Develop strong customer relationship with appropriate contacts to ensure on going customer satisfaction
3. PCS Industries Ltd., Designation: Hardware Engineer from Sep 1999 to Nov 2000
==============================
Responsibilities
*System Administration, Network administration, Hardware/Software Installation and Maintenance of various Servers.
*Trouble shooting/Problem diagnostics utilizing various diagnostic tools.
*Installation/Configuration of RAID and Concatenation on Sun SPARC Servers utilizing Solstice Disk Suite 4.0/4.2.
*Configuration of RAID V CLUSTERING using SCO Reliant on UnixWare 2.1.3.
*Disk mirroring and management using DG Mirror/ UX Managing clustered servers.
*Serve RAID configuration on IBM Netfinity Servers for Sun Solaris and Windows NT.
4. Kothari Consultants, Designation: Hardware Engineer from May 1998 to July 1999
==============================
Responsibilities
*Installation/Maintenance of Intel based systems (P II, Pentium, x486) and DMP.
*Penetration Test (Open Source Methodology)
1. Role: Project Manager, Client: Doha Bank, Qatar
2. Role: Project Manager, Client: Macronix International Co. Ltd, Taiwan
3. Role: Technical Consultant Client: Thames Water, United Kingdom
*IS Audits/ Risk assessment, Designing of IS Policy, Designing of Secure Network Architecture
1. Role: Consultant, Client: Scottish Parliament, Scotland
2. Role: Consultant, Client: Indian Oil Corporation Ltd., New Delhi
3. Role: Consultant, Client: Asianet Satellite Communications Ltd. (Asianet Satcom), Trivandrum
4. Role: Consultant, Client: Marico India Ltd., Mumbai
5. Role: Consultant, Client: ICICI Ltd., Mumbai
6. Role: Consultant, Client: Hughes Tele .COM, Mumbai
7. Role: Consultant, Client: School Net India Pvt. LTD, Mumbai
8. Role: Consultant, Client: Home Trade, Mumbai
*MSS, Design and Implementation of Secure Architecture
1. Role: Project Manager, Client: HDFC, Mumbai
2. Role: Technical Consultant, Client: Unit Trust of India, Mumbai
3. Role: Technical Consultant, Client: Ambit-RSM, Mumbai
4. Role: Technical Consultant, Client: Castrol India Private Ltd., Mumbai
5. Role: Technical Consultant, Client: ONGC, Deharadun
6. Role: Technical Consultant, Client: Epicenter, Mumbai
7. Role: Technical Consultant, Client: Daimler Chrysler India Private Ltd., Pune
8. Role: Technical Consultant, Client: Crisil.com, Mumbai
9. Role: Technical Consultant, Client: Siemens, Mumbai
10. Role: Technical Consultant, Client: SEBI, Mumbai
*Technology Presentation, Product Demonstration and Training
1. Role: Technical Consultant, Client: Ministry of IT, Government of India., New Delhi
2. Role: Technical Consultant, Client: Daimler Chrysler India Private Ltd., Pune
3. Role: Technical Consultant, Client: ICICI Ltd., Mumbai
4. Role: Technical Consultant, Client: Marico India Ltd., Mumbai
*Enterprise/ System and Network Implementation/ Support
1. Role: Implementation Engineer, Client: Bank of Baroda, Mumbai
2. Role: Implementation Engineer, Client: Stock Holding Corporation of INDIA, Mumbai
3. Role: Customer Support Eng., Client: Rashtriya Chemical Fertilizer, Mumbai
4. Role: Customer Support Eng., Client: Union Bank of India, Mumbai
5. Role: Customer Support Eng., Client: State Bank of India, Mumbai
6. Role: Customer Support Eng., Client: Dena Bank, Mumbai
7. Role: Customer Support Eng., Client: NOCIL, Thane
8. Role: Customer Support Eng., Client: INDAL, Thane
Pin 400 080, India
