Infrastructure, Cyber Security, NOC & SOC Consultant/Architect with proven track record in delivering complex design, deployment, integration and migration projects. Quick adopter of new technologies and customer environments. Deliver projects with minimum supervision

About Me

Certifications

CISSP
CISA
PCI-QSA
AWS Solution Architect
Juniper JNCIE-SEC
VMware vSAN
VMware NSX
Fortinet NSE
Cisco CCNA

Key Skills

Infrastructure

  • Highly experienced in delivering complex infrastructure solutions, including RFI/RFP responses, High/Low Level Designs (HLD / LLD), Network Implementation Plan (NIP), Migration / Acceptance Test Plan (ATP) and Network Ready for Use plans (NRFU), on-site / remote deployments
  • Experience with multi-vendor design and deployment for a range of infrastructure solutions like servers/computing, virtualization, networking, storage, OS and applications
  • Experience with hosting / cloud models including on- premise, co-location, IAAS, PAAS, SAAS, private, public and hybrid clouds on AWS, Azure, Leaseweb. Experience with design and distribution of applications on multiple clouds based on availability, performance, cost and compliance requirements
  • Multi-vendor networking experience on Cisco, Juniper, Arista, HPE, etc. Good understanding of protocols on all OSI layers including STP, LAG, LACP, Port-Channel, VPC, VLANs, ARP, ICMP, VRRP, HSRP, TCP/IP, RIP, OSPF, BGP, DNS, HTTP, FTP, SMTP, POP3, IMAP and remote access VPN protocols
  • Multi-vendor storage experience with Dell EMC, NetApp, VMware, Cisco, TrueNAS in block and file modes. Experience with storage protocols including NFS, iSCSI, CIFS, FC. Good understanding of objects storage like AWS S3 & Ceph
  • Solid understanding of NFV, SDN, VxLAN, VTEP. Experience in design and deployment of VMware NSX-V and NSX-T
  • Excellent experience in multiple Linux flavors, including Ubuntu, Raspbian, RedHat, CentOS. Can do basic scripting and task automation in Bash, Perl, PHP and Python.
  • Experience in LAMP stack with Apache, mysql, PHP, etc.
  • Experience in deployment and administration of Windows Servers with Active Directory, DHCP/DNS and Group Policies

Cyber Security

  • Experienced in various regulatory compliance standards like PCI-DSS, ISO 27001, CIS Critical Security Controls, NCA-ECC, experience with gap assessments and remediations
  • Experienced in pre-sales activities in translating customer requirements / RFPs into complex design proposals followed with presentations and POCs
  • Experience with multi-vendor design and deployment for a wide range of cyber security products including EDR / NDR, next-gen firewall, IPS, WAF, SSL off-loader, email gateway, SIEM, proxy, identity management, VPN gateways, PKI, etc.
  • Expertise with multi-vendor firewalls from Palo Alto, Juniper, Fortinet, Sophos in both physical and virtual environments
  • Experience with several commercial cyber security products including Splunk, IBM QRadar, LogPoint, Palo Alto XSOAR, Group-IB Threat Hunting Framework, FortiSIEM, FortiMail, FortiWeb, FortiAuthenticator, McAfee, Symantec solutions

Security Operations Center (SOC)

  • Designed, deployed, integrated multiple SOCs, and delivered solutions & services including SIEM, SOAR, XDR/EDR/NDR, threat intelligence, data ingestion & enrichment, behavior analytics, incident response platform, vulnerability monitoring, sandbox, and compliance management with complex API integrations and automation workflows
  • Development of aggregated dashboards, integration with service management platforms and mobile notifications
  • Deployed open source systems like ELK stack clusters (Elasticsearch, Kibana, Logstash, Filebeat), Hive SIRP (security incident response platform), MISP and OpenCTI threat intelligence, Shuffle SOAR, Wazuh vulnerability / compliance monitor, Zeek network monitor, Suricata IPS, etc.
  • SOC and DFIR lead for team of 8 SOC analysts

Network Operations Center (NOC)

  • Tested & deployed 50+ open source Infrastructure apps including BIND DNS, Univention UCS identity & access management, Postfix / Dovecot mail servers, NGINX reverse proxy, HA-Proxy load balancer, RADIUS servers with google 2FA, Snipe-IT CMDB, Nextcloud file sharing, FreeNAS, etc.
  • Deployed and integrated several commercial & open source monitoring and alerting applications including Cisco DCNM, PRTG, multi-tier Zabbix, Grafana, Prometheus, Nagios, OTRS service management and integration with cloud based tools
  • Delivered managed services including monitoring and support of customer multi-vendor IT infrastructure including network, storage, security, computing, virtualization, DHCP/ DNS, email and voice / unified collaboration platforms

Technologies

  • Network, Compute, Storage
  • Virtualization, AWS / Azure
  • Linux & Microsoft
  • Cyber Security Solutions
  • NOC /SOC Design & Operations

Skills Summary

  • Prepare RFP / RFI Responses
  • Solution Design
  • HLD / LLD Documents
  • Migration Plan
  • Implementation Plan
  • Deployment & Execution
  • Operations & Troubleshooting
  • Assessment & Optimization
  • Incident Response

Courses & Training

  • Digital Forensics & Incident Response (Moscow)
  • MDR SOC Analyst (online)
  • ISO 27001 Auditor (Jeddah)
  • VMware NSX (online)
  • Azure Fundamentals (online)
  • JNCIE-ENT Bootcamp (Amsterdam)
  • JNCIE-SEC Bootcamp (Amsterdam)
  • IBM BladeCenter Networking (UK)
  • PCI-DSS QSA (Puerto Rico)
  • TippingPoint IPS (UK)
  • Juniper Netscreen (UK)

Summits & Expos

  • VMworld (Barcelona)
  • NetApp (Berlin)
  • Juniper (Prague)
  • Infosecurity Europe (London)

Interests

  • Playing Tennis
  • Music Production
  • IoT & Home Automation