Pradeep Kumar D, Security Analyst

Summary
Pradeep Kumar currently serves as a Security Analyst at LearningLynks India Pvt. Ltd. &
freelancing for fortune 500 companies. His work mainly focuses on Designing, Implementing
Various Network & Security Products, conducting Security Audits, Vulnerability Assessment,
Penetration Testing and Security Trainings for premier clients. He has over 10 years’
experience in Global Infrastructure services including Planning, Designing & Implementing
Networks, Datacenters, information security systems. He is responsive, organized and excellent
problem solver. He has conducted in-house training for prestigious clients that include
Vodafone, BT, Accenture, Wellsfargo, Amdocs, TCS, IBM, TCL. He also has been invited as a Guest
Speaker by various universities and professional forums.

EDUCATION

MASTER OF COMPUTER APPLICATIONS// 2002 – 2005

S.V. UNIVERSITY, Tirupati

CERTIFICATIONS

 Cisco Certified Internetwork Expert (Security)-Written

 EC-Council Certified Security Analyst (ECSA # ECC947966)
 Computer Hacking Forensic Investigator (CHFI #ECC945821)
 EC-Council Certified Ethical Hacker (CEH #ECC938003)
 Red Hat Certified Engineer ( RHCE #805007739229258)
 Check Point Certified Security Engineer ( CCSE # CP000093867 )
 Check Point Certified Security Administrator ( CCSA # CP000093867 )
 Fortinet Certified Network Security Professional ( # FORT031092 )
 Fortinet Certified Network Security Administrator ( # FORT031092 )
 Paloalto Certified Network Security Expert ( PCNSE7 # QFC7DEGKK1F4Q7YD )
 SkyBox Certified Security Engineer ( # 1598049638 )
 Solarwinds Certified Professional
 Qualys Certified Specalist
 F5 LTM,GTM
 ITIL V3
 ITSM
Detailed Experience & Expertise
Role: Sr.Network Security Engineer
Client:Confidential

 Managed a team of Global Infrastructure Services Responsible for handling network

infrastructure that includes Firewalls, Proxies, Routers & Switches, Load balancers
 Expertise Knowledge on Checkpoint, PaloAlto & Fortinet Firewalls, FS Load balancers,
Routing & Switching Technologies, Bluecoat Proxies, Riverbed Wan Optimization &
SIEM
 Responsible for managing and providing end to end security device services for 350+
customers across the globe
 Responsible for providing architectural expertise in the planning, designing and
implementing of network firewalls, application firewalls, intrusion detection and
prevention systems and virtual private network software/hardware.
 Responsible for implementing complex, secure networks on a case by case basis that
revolves around business and technology needs of the customer.
 Handling troubleshooting calls on various network incidents and root cause analysis.
 Upgrading all FS LTM/GTMs from 1 O.x to 11.x
 Deployed various Palo Alto NGFWs for Corporate Infrastructure and responsible for
continuous improvements of their configurations.
 Designed efficient SIEM, IDS/IPS rules to effectively asses the security infrastructure,
and take corrective action against malicious traffic
 Sound Knowledge on various network monitoring tools like Solarwinds, Splunk

Project-1
Implementing Security Gateway Solution for a datacenter
Role: Team Lead
TeamSize: 5

 Responsible for the design and implementation of full network and security stack for
the project. Starting from delivery of network equipment's, handled racking & stacking,
build of devices like firewalls, proxies, FS LTM, Bluecoat Proxy & Proxy AV from the
scratch.
 Configured Juniper SRX5800, EX8200s, EX4500s, EX4200s, from scratch to match
design.
 Implemented FS Viprion 4000 Series
 Configured various advanced features such as Profiles, monitors, iRules, Redundancy,
SSL Termination, Persistence, SNATs, HA on
 FS BIGIP appliances SSL termination and initiation, Persistence, Digital Certificates
 Executed various migration/upgrade projects across FS LTM & GTM
 Configured Hub & spoke implementations with all branches from datacenter
 Deployed Bluecoat proxySG600 as Reverse proxy
 Successfully completed project within the timeline.
 Monitored performance of network and servers to identify potential problems and
bottleneck.
Project-2: Implementing Fortigate firewalls for a tier4 Datacenter
Role: Teamlead
Team Size:2

 Deployed 2 38000 Fortigate Firewalls in HA Mode

 Deployed 20+ 1000 devices for customer Servers located in datacentre
 Integrated with Active directory & implemented Single sign-on features
 Configuring Policy and Rules to access resources and internet fortinet
 Generated CSR & Imported Certificates from verisign
 Configured SSL/SSH inspection with install certificate
 Configured VDOM & setup IPS +IDS & Load balance & Failover redundant links
 Configured Bandwidth Management policies
 Implemented Forticlient profiles in all 1000 firewalls
 Configured OLP Profiles to protect sensitive data

Project-3: Endpoint Security Services Transition

Role: Teamlead
Team Size:3

Objective was to complete Endpoint Protection Services Transition with agreed milestones and
timelines in alignment with the contract. Understanding current environment, run book
creation, SOP creation and Handover to Steady State.

Technology:
Sophos Endpoint Protection and DLP for 8K+ devices.

Project-4: WAPT of a leading bank applications & Network

Role: Teamlead Team Size:5

Description: Performing WAPT of banking Applications & API’s

 Worked on Vulnerability Assessment and Penetration Testing (VAPT) in accordance

with OWASP Top 10 framework for various applications·
 Propose Solutions available on vulnerability detected and also provide feedback on
closing these vulnerabilities including any references
 Analyzed the performance test report for adherence with the NFRs and SLAs; provided
suitable solutions to fine-tune the performance of the application under test if
applicable·
 Preparation of WAPT plan and report documentation

Project-5: Firewall & WAF Deployment for a Industrial Client

Role: Teamlead Team Size:3

Description: Implementing Paloalto NextGen Firewall as an Enterprise Gateway & Imperva

WAF as a Web Application Firewall

 Published Microsoft OWA, Activesync Behind Imperva Gateway

 Integrated Imperva Gateways with Imperva MX
 Implemented App-ID based policies in Paloalto Firewalls
 Implemented HA Between 2 Paloalto PA-5280 Series
 Configured Routes, Policies, Integration with AD, Radius Servers & 2FA
 Imported CA Certs into Paloalto & enabled Decryption Profiles
 Integrated Syslog, SNMP, redirected logs to Arcsight SIEM
Soc Projects Handled

 Web Application Security Assessments and Audits

 Vulnerability Assessments
 Network Security Assessments and Audits
 Security Audits for Databases, Operating systems, Server Systems, etc
 Provide technical leadership to the enterprise for the Information security program.
 Mentor and train others in information security in addition to training for other
technical groups.
 Assess threats, risks, and vulnerabilities from emerging security issues. Publish
Security Updates newsletter for technical groups.
 Configurations review s for network devices, and other technologies
 Computer Forensics and Investigation on Hacking Incidents, Phishing emails, research
on Phishing emails etc.

Key Skills
Firewalls: Juniper SRX, Netscreen, Checkpoint, Fortinet, Sonicwall, Cyberoam, Paloalto,
Watchguard, Barracuda NGFW, Sophos, Cisco ASA, Pulsesecure, Cisco Meraki MX, Stormshield,
Gateprotect,Hillstone,Forcepoint
IDS/IPS: Sourcefire, Tippingpoint, Mcafee, Paloalto
IAM/IDM: Cyberark, Forgerock, Forescout, Venafi, Centrify, Secureauth, pingidentity,
Web Gateways: Bluecoat, Websense, Zscaler, Mcafee, Barracuda
Load Balancers: F5, Citrix Netscaler, Kemp, FortiADC, Barracuda
Monitoring: Nagios, Splunk, Solarwinds, Cacti, PRTG
Mobility: Airwatch, Mobileiron, Blackberry, Netmotion
SIEM: Qradar, Arcsight, Allienvault, Logrhythm, Fortisiem, RSA Netwitness
Endpoint: SIEM (Logrhythm), Sophos Endpoint, Sophos Safeguard, Sophos Mobile Control,
Symantec Endpoint Protection, Symantec Data Centre Security, Full Disk Encryption. Mcafee
EPO, Mcafee Virus Scan, Move, Device Control, Checkpoint, Carbonblack, Forescout
Wan Optimization: Riverbed, Silverpeak, Ipanema
DNS/DHCP: Infoblox, Bluecat, Solarwinds, Fusionlayer
Web Application Firewall: Imperva, Fortiweb, F5 ASM, Barracuda, Ironport, Radware,
Akamai kone
Threat Intelligence: Fireeye, Mcafee, DarkTrace, Cybereason, Cylance, Carbonblack
Exploitation: Metasploit,Coreimpact,Saint, immunity Canvas
Web application testing: Acunetix, Rational appscan, burpsuite, ZAP, Beef
Vulnerability Assessment: NESSUS, Qualys Guard, Nexpose
Forensics: Encase, FTK, Deft7, Helix, SIFT Workstation, FIRE
Wireless: Aircrack, kismet, Netstumbler, Airsnort, Aruba, Ruckus, Cisco Meraki
Compliance: ISO 27001, ISO27000, PCIDSS, COBIT
Policy Optimization: Skybox, Algosec, tuffin
SD-WAN: Silverpeak, velocloud, Infovista

Core Competencies

• Earned Solid reputation for root cause analysis, resolving complex issues, and ensuring
Continuity of services.
• Recognized for technical expertise, multi-tasking skills, and ability to work independently or
in a team environment ensuring all projects run smoothly and efficiently to meet or exceed
specifications.
• Maintain current knowledge of technology developments to plan for upgrades and make
business decisions.
• Reliable and adaptable, learn new systems and concepts quickly.
• Able to represent a company with a professional appearance and manner.
• Good troubleshooting abilities with strong interpersonal skills

Recent Trainings List

Technology Client
Checkpoint CCSA,CCSE Aricent Technologies, Hyderabad
Fortinet FCNSA, FCNSP, BCCPA, BCCPP, TCL, Chennai
Bluecoat Director, Reporter
F5 LTM,GTM,ASM TCS, Kolkata
Vcloud Director HP, Bangalore
Fortinet FCNSA,FCNSP, Qradar SIEM Aricent technologies, Hyderabad
Fondation
Digital forensics, Skybox Security ADP, Hyderabad
Mcafee EPO,Virusscan Enterprise TSYS, Pune
Network Security & Intrusion Detection NSTL (Naval sciences technology
System laboratories), Vishakhapatnam
Fortinet FCNSA, FCNSP Nevales IT Solutions, Bangalore
Dell-Sonicwall Administration Srinivasa Hatcheries Limited
F5-Viprion, LTM Scope International
Checkpoint CCSA, Troubleshooting Wipro, Chennai
ArcSight ESM Admin, Analyst & Logger Genpact, Hyderabad
Checkpoint CCSE+ TCS, Gurgaon
Cyberoam UTM Expert Capitol Float, Bangalore
Palo alto Essentials-201 & 205 TCS, Hyderabad
Fortinet FCNSA, FCNSP, FortiManager, British Telecom, Gurgoan
FortiAnalyzer,
Fortinet FCNSA, FCNSP, FortiManager, Accenture, Bangalore
FortiAnalyzer
Juniper- SRX Firewall Administration Vodafone-Pune
Skybox STSP
Ironport Web Security, Email Security OCS Infotech, OMAN

Nessus Implementation TCS, Chennai

Sophos UTM Expert, Qradar SIEM Bank of South SUDAN

Foundation, SIEM Advance
Troubleshooting
Juniper Security Colt, Gurgoan
Logrhythm Admin & Analyst Colt, Gurgoan
Zscaler ZCCA-IA, ZCCP-IA Global Knowledge, Dubai
Citrix WAF, ADC OCS Infotech, OMAN
Mcafee ENS 10 Administration, Web Getronics, UK
Gateway, NIPS
Whitehat Sentinel Stryker, Gurgoan
Centrify IAM,IDM
Barracuda ADC, WAF, Proxy Wipro, Webex
Sophos SafeGuard, Endpoint IBM, Bangalore
Velocloud SD-WAN OCS infotech, OMAN
Cylance Protect+Threatzero AGC Networks Dubai
Technology Client
Fortinet NSE-4 ( FCNSA & FCNSP) IBM, Bangalore
F5 LTM,GTM,ASM OCS Infotech, Oman
Sophos UTM Architect
Paloalto Administration & Expert Wellsfargo, Bangalore & Hyderabad
( EDU-201, 205 )
Arcsight Admin & Analyst Genpact, Hyderabad
Venafi VSA,VSP17 Paramout Systems, Dubai
QualysGuard Vulnerability Management Wellsfargo
Fortinet FCNSA,FCNSP Amdocs, Gurgoan
Cisco Meraki MX Firewall Geotronics, UK
Fortiweb, FortiAuthenticator OCS Infotech, Oman
Fortinet NSE4,5,6 Geotronics, UK
Paloalto 201 & 205
Sophos UTM architect
Ethical Hacking & VAPT Synechron, Pune
Brocade vADC, WAF Colt, Singapore
Fortinet NSE4, NSE5 Banglalink, Bangladesh
Solarwinds Orion
Sophos SafeGuard, Endpoint, Koenig Solutions,Bangalore
Mobilecontrol
Paloalto Administration & Expert National Microfinance Bank, Tanzania
Fortigate NSE-4
Bluecoat BCCPA, BCCPP Eclerx, Pune
Riverbed WAN 200, NPM, NOS Softech systems, UK
Pulse Secure Policy Secure & Connect AGC Networks, Dubai
Secure
Sonicwall Administration Honeywell, Hyderabad
Imperva Securesphere, WAF, DAM Wipro, Mumbai
Fortigate NSE-4 Wipro, Pune
Network Security, VAPT Stryker, Gurgoan
Forescout Counteract US Airforce
Radware Appwall, Alteon Level 1 &2 Getronics, UK
Fortigate NSE4 Ministry of Electricity, IRAQ
Paloalto 210, 311 Kronos, Noida
Fortigate NSE4,NSE5 OMAN Tank Terminal, OMAN
Symantec Endpoint Protection,Full disk Koenig Solutions, Delhi
Encryption
Fortigate NSE-4 Central Statical Agency, Ehiopia
Algosec Security Management British Telecom, Gurgoan
Barracuda WAF, NG Firewall Information Network Security Agency,
Ethiopia
 Forgerock IAM, IDM TCS,Chennai
FortiMail, Fortisandbox Central Bank of Sudan, Sudan
Blackberry workspaces( Watchdox), Wipro, Cochin
Blackberruy UEM
F5 APM,AFM Tsys, Pune
Ethical Hacking EIQ Networks, Hyderabad
Paloalto Administration & Expert Unisys, Bangalore
Netmotion Mobility VPN TCS, Kolkata

Infoblox Core DDI,Advance DDI Wipro, Webex

Pfsense Reavidence Systems, Hyderabad
Barracuda WAF Wipro, Webex
Paloalto Administration Accenture, Bangalore
Fortiweb, FortiSIEM IQE semiconductors, Newjersey, USA
Array ADC, WAF OCS Infotech, OMAN
Imperva WAF Wipro, Chennai
Paloalto Administration & Troubleshooting Revenue Authority, Uganda