Security Consultant

- In depth understanding and experience in Security protocol technologies.
- Experience designing, deploying and supporting dynamic routing protocols
- Good understanding on solution designing and implementation of Force scout NAC solution.
- In depth understanding and experience in working with Bluecoat proxy
- In depth understanding and experience in Sophos proxy
- Capable in handling the proxy issues and additional deployment according to business requirement.
- Experience in designing the proxy
- Good hands on exposure on Remote Access VPN - Cisco ASA.
- Provide production network deployment, configuration, support and upgrades of Cisco/ Palo Alto Firewall and Bluecoat proxy.
- Expertise in Cisco ASA along with the context base platform.
- Expertise in PaloAlto and capable in troubleshoot the high critical issue and implement new requirement according to business need.
- Experience in AWS cloud setup.
- Experience in Firewall/AV (Trend) within AWS cloud.
- In depth understanding on Antivirus (Trend AV) solution and deployment
- Expertise in troubleshoot on AV and understanding the security risks policy and providing remediation plan against the threats.
- Hands-on experience working with F5 Load Balancers- APM
- In depth understanding in troubleshoot on F5 APM and ability to address complex issues
- Thorough understanding of modern service provider TCP/IP data networks using standards and technologies. Experience configuring and managing Cisco ASA Firewalls
- Experience of managing large scale security network infrastructure and Data Centres kind of network.
- In depth knowledge of configuring and troubleshooting Cisco/Palo Alto firewalls, like ACL, Remote Access VPN, IPSEC VPN, SSL VPN, NAT, PAT, Clustering, End point security assessment
- Worked on Network Performance Monitoring and Troubleshooting
- Communicate effectively, both orally and in writing, including conveying technical subject matter clearly and concisely.
- Design & Implementation of Data Centre Firewall security
- Perform RCA for Major Incidents related to his / her tower Follow quality / security process defined for the engagement.
- Responsible for implementation and administration of network security hardware and software, enforcing the network security policy and complying with requirements of external security audits and recommendations
- Experience of large DC Network security architecture migration would be an added advantage.
- Day to day administration of L3 and escalated calls and provide resolution.
- Be proactive to anticipate issues or situations which impact service quality, as part of Problem management and Capacity Management functions
- Contributes to knowledge tools and communities, and ensures project learning's are documented, responsible to update the runbook.
- Able to work under pressure in a high-paced customer service environment, and able to prioritize multiple tasks effectively


Security NAC
• Subject matter expert (SME) for Cisco Identity Services Engine (ISE) solution, helping maintain stable operations while enhancing the service.
• Good Understanding on NAC Solution designing and implementation on Force Scout
• Understand the security architecture, implementation and improving security solution for Network Access Control.
• Configure and lead the configuration, policy creation, policy tuning in Cisco ISE solution.
• Extensive experience with Cisco Identity Service Engine solution in monitoring mode and enforcing mode, security posturing, compliance assessment.
• Continually assess security controls for deficiencies and drive remediate and improvement efforts.
• Experience with designing and deploying Cisco ISE (Network Access Control) infrastructure, creating new device profiles for 802.1X and MAB.
• Experience with establishing network access restrictions using Cisco SGT (Scalable Group Tags).
• Experience with 802.1x, WPA2 Enterprise, authentication and access controls in a mobile environment, and with mobile device security.
• Experience with working in a large enterprise environment, the associated challenges and their inherent security strengths and weaknesses.
• Experience with Cisco switches in configuring, troubleshooting and optimizing Network Access Device (NAD) configurations to ensure proper ISE functionality.
• Experience in EAPOL, EAP and PEAP authentication protocol.
• Experience on User and Machine Authentication – Certificate Based and LDAP/AD based.
• Stablishing a baseline ISE security rules/policies working with other service lane members
• Implementing redundant/HA Cisco ISE solution
• Radius and TACACS+ authentication and authorization methods
• Integrating Cisco ISE solution with enterprise PKI architecture
• Implement ISE solution for campus LAN, wireless, remote access and guest network environments
• Integrating ISE with enterprise patching and anti-virus solutions
• Understanding of Radius and TACACS authentication with Cisco ISE
• Understanding of remote access VPNs with PKI authentication
• Understanding of 802.1X authentication process
• Understanding of Cisco ISE remediation process
• Understanding of Cisco guest access authentication process

- In depth understanding and experience in Security protocol technologies.
- Experience designing, deploying and supporting dynamic routing protocols
- Good understanding on solution designing and implementation of Force scout NAC solution.
- In depth understanding and experience in working with Bluecoat proxy
- In depth understanding and experience in Sophos proxy
- Capable in handling the proxy issues and additional deployment according to business requirement.
- Experience in designing the proxy
- Good hands on exposure on Remote Access VPN - Cisco ASA.
- Provide production network deployment, configuration, support and upgrades of Cisco/ Palo Alto Firewall and Bluecoat proxy.
- Expertise in Cisco ASA along with the context base platform.
- Expertise in PaloAlto and capable in troubleshoot the high critical issue and implement new requirement according to business need.
- Experience in AWS cloud setup.
- Experience in Firewall/AV (Trend) within AWS cloud.
- In depth understanding on Antivirus (Trend AV) solution and deployment
- Expertise in troubleshoot on AV and understanding the security risks policy and providing remediation plan against the threats.
- Hands-on experience working with F5 Load Balancers- APM
- In depth understanding in troubleshoot on F5 APM and ability to address complex issues
- Thorough understanding of modern service provider TCP/IP data networks using standards and technologies. Experience configuring and managing Cisco ASA Firewalls
- Experience of managing large scale security network infrastructure and Data Centres kind of network.
- In depth knowledge of configuring and troubleshooting Cisco/Palo Alto firewalls, like ACL, Remote Access VPN, IPSEC VPN, SSL VPN, NAT, PAT, Clustering, End point security assessment
- Worked on Network Performance Monitoring and Troubleshooting
- Communicate effectively, both orally and in writing, including conveying technical subject matter clearly and concisely.
- Design & Implementation of Data Centre Firewall security
- Perform RCA for Major Incidents related to his / her tower Follow quality / security process defined for the engagement.
- Responsible for implementation and administration of network security hardware and software, enforcing the network security policy and complying with requirements of external security audits and recommendations
- Experience of large DC Network security architecture migration would be an added advantage.
- Day to day administration of L3 and escalated calls and provide resolution.
- Be proactive to anticipate issues or situations which impact service quality, as part of Problem management and Capacity Management functions
- Contributes to knowledge tools and communities, and ensures project learning's are documented, responsible to update the runbook.
- Able to work under pressure in a high-paced customer service environment, and able to prioritize multiple tasks effectively


Security NAC
• Subject matter expert (SME) for Cisco Identity Services Engine (ISE) solution, helping maintain stable operations while enhancing the service.
• Good Understanding on NAC Solution designing and implementation on Force Scout
• Understand the security architecture, implementation and improving security solution for Network Access Control.
• Configure and lead the configuration, policy creation, policy tuning in Cisco ISE solution.
• Extensive experience with Cisco Identity Service Engine solution in monitoring mode and enforcing mode, security posturing, compliance assessment.
• Continually assess security controls for deficiencies and drive remediate and improvement efforts.
• Experience with designing and deploying Cisco ISE (Network Access Control) infrastructure, creating new device profiles for 802.1X and MAB.
• Experience with establishing network access restrictions using Cisco SGT (Scalable Group Tags).
• Experience with 802.1x, WPA2 Enterprise, authentication and access controls in a mobile environment, and with mobile device security.
• Experience with working in a large enterprise environment, the associated challenges and their inherent security strengths and weaknesses.
• Experience with Cisco switches in configuring, troubleshooting and optimizing Network Access Device (NAD) configurations to ensure proper ISE functionality.
• Experience in EAPOL, EAP and PEAP authentication protocol.
• Experience on User and Machine Authentication – Certificate Based and LDAP/AD based.
• Stablishing a baseline ISE security rules/policies working with other service lane members
• Implementing redundant/HA Cisco ISE solution
• Radius and TACACS+ authentication and authorization methods
• Integrating Cisco ISE solution with enterprise PKI architecture
• Implement ISE solution for campus LAN, wireless, remote access and guest network environments
• Integrating ISE with enterprise patching and anti-virus solutions
• Understanding of Radius and TACACS authentication with Cisco ISE
• Understanding of remote access VPNs with PKI authentication
• Understanding of 802.1X authentication process
• Understanding of Cisco ISE remediation process
• Understanding of Cisco guest access authentication process