Prafulla Tawade

ROLE: - MSIS Engineer

Description:

          Working as Security Engineer and Analyst in Managed Security Infrastructure Services (MSIS) Project

Implemented the Infrastructure required for delivering MSIS as a Service for clients.

• Integrating Client Devices into SIEM Tool (RSA)
• Integrating Checkpoint, Juniper and Cisco Firewall and other products into Algosec for CM
• Preparing firewall configuration and compliance standards required for Algosec
• Implementing VPN, Policy Based routing on Checkpoint firewall, Natting for end to end connectivity between MSIS infrastructure and client devices.
• Performing POC and consulting Services for a prospect clients with all MSIS deliverable e.g. different firewalls, IPS, HIPS, URL filtering, Cisco ISE.
• Design network security solution for a prospect clients.
• Performing Changes into client device and Handling Incidence network device
• Supporting onsite engineer and coordinating with OEM on complex incident

Managing and maintaining Security Infrastructure setup of NCDEX, NCDEX AUL and NCDEX Spot.

Security Infrastructure of NCDEX Site:- Checkpoint firewall with Nokia platform, Bigfix for patch management and compliance report, Mcafee AV, Mcafee DLP, Proventia IDS with realsecure, Manage engine for Event log analyzer, Juniper firewall.

Security Infrastructure of NCDEX DR-Site: - Checkpoint firewall with Nokia platform and Mcafee AV, DLP

Security Infrastructure of NCDEX Spot: - Checkpoint firewall with Alteon platform.

Vendor Management: - Managing SOC team having 5 members of 3i-Infotech along with Support vendors and OEM’s for carrying out day to day activity and resolving any support and operational issue.

Conducting and coordinating other activities such as mock testing, POC, VAPT and etc;

Working towards the Policies and procedure for NCDEX.

Client: Oriental Bank of Commerce Oct 09 April 2011

Roles and Responsibilities:

Managing Team of 4 Engineer as a Team Leader and Responsible for any security related issue for Oriental Bank of Commerce.

Responsible for Managing, Monitoring and administration of Information Security on 24*7* 365 for entire Bank including Primary Datacenter, Disaster Recovery Site and Near Line Site

Ensuring confidentiality, Integrity, and Availability of all Security devices

Security Devices Managed and Monitored: - CS-Mars, (PIX 515, 525, 535), ASA 5550, (Cisco IPS 4270, 4215), CSA, CSM, Checkpoint R65

Roles and Responsibilities:

Joined Support and Implementation Team of HCL Comnet and have Implemented Various Security Products and also supported the Issue related them

Projects Implemented and Supported

Client: TCE Consulting Engineering

Implemented Checkpoint UTM in standalone mode and configured policies as per requirement.

Client: NSE

Implemented Proventia IPS in cluster with the required policies

Implemented Cisco NAC in out of band mode (now called as Cisco ISE)

Client: Kotak Securities

Implemented Cisco ASA for SSL VPN Load Balancing with AD Integration and Cisco CSA as Endpoint Security

Client: Shoppers Stop

Implemented Checkpoint Secure Platform in cluster

Client: Tata-AIG

Implemented Checkpoint Nokia in Cluster and configured as per required policies

Client: Power Exchange

Implemented Checkpoint UTM, Mcafee Enterprise Antivirus solution and Proventia IPS

Conducted POC of Cisco NAC

Client: SHCIL May 07 to Oct 08

Roles and Responsibilities:

Daily Administration

• Monitoring of network links and Security devices on Daily Basis at Beginning of the day to ensure null impact on Business activities.
• Granting users Internet access with the limitation on URL's as per the SHCIL policy.

IDS and IPS Administration

• Implemented IPS, NIDS and HIDS for E-Stamping and SHCIL network.
• Updating IDS with latest pattern of signature and done the marking of the same as per the SHCIL requirement on regular basis, also minimising the alerts by taking appropriate action

Checkpoint Firewall Administration

• Implemented Checkpoint NGR55 on solaris with stonebeat for cluster management.
• Managing and maintaining check point R55 and R61 on Solaris and Nokia IP 380 in cluster respectively.
• Configuring user with appropriate authentication rule (User, Client, Session) for accessing resources.
• Configuring user for VPN for secure remote resource access.

URL Filtering (Surfcontrol and Websense) and Proxy Administration

• Implemented Surcontrol and websense with the proper Configuration.
• Managing and Maintaining Live and Backup Surfcontrol and Proxy.
• Modifying srufcontrol and Websense rulebase as per the SHCIL policy on regular basis

Trend Micro Suite Administration

• Implemented Trendmicro server across the 200 branches considering all network parameters, with multiple server and update agent for minimising network link utlization.
• Implemneted IMSS and IWSS for Mail Spaming and Webpage Scanning.

Firewall Administration

-    Nortel Alteon NSF 6616 in cluster

-    Checkpoint Firewall R55

-    Checkpoint R54 on Nortel Alteon ASF 5614 in Cluster at DR Site

IDS Administration

Monitoring trading and Internet traffic using Internet Security Systems Intrusion Detection system for any Threats.

• Conducting corporate Training for Networking Level 1& Level 2, CCNA, CCNP, CCSA

• Handling network and server based issues for clients

• Conducting training for RHCE, CCNA, CCNP, Windows NT, 2k, 2k3 and CCSA.
• Conducting corporate Training for CMS Employees & corporate clients for Networking Level 1&2, CCNA, Windows 2k3 level 1, Windows NT and CCSA.

Engineering

Diploma

Higher Secondary

Primary School

Checkpoint Certified Security Administrator

Checkpoint Certified Security Expert

Cisco Certified Network Administrator

Cisco Certified Network Professional

Juniper network certified specialist

Juniper network certified Associate

Certified Information System Security Professional