Security Administrator
Integra Software Services Pvt Ltd
Total years of experience :2 years, 6 Months
• Coordinating with concern vendor to fix issues, upgrade, renewnal etc.
• Handles all end users and their issues tickets with respect to network security within the agreed SLA.
• Proactively monitoring & creating alerts of all the perimeter devices(Firewall, IPS & DLP) via Qradar SIEM.
• Managing complete SIEM architecture end to end solution.
• Implementation of Security intelligence and advisories, searching for latest threats and vulnerability to patch them and integrate related feeds which includes CnC URLs, Domains hashes to SIEM.
• Incident reporting and management for various incident/security alerts triggered by SIEM tool.
• Monitoring and analyzing the netflow and qflow.
• Preventing data breaches around the network products using DLP software.
• Hands on experience with detecting the data around organization by using Forcepoint.
• Monitoring the data on both online & Offline network by installing DLP agent on client computers.
• Configuring, managing & protecting all products via Qradar security management console.
Checkpoint R77.30 Gaia, Sonicwall & Fortigate)
•Creating local user accounts in different permissions.(Read only, superadmin, etc)
•Creating object or host, groups, address ranges in firewall.
•Creating new rule or policy and pushing through security gateway.
•Configuring clusters to achieve load sharing and high availability.
•Creating NAT objects(Static, Dynamic & Manual)
•Configuring blades like IPS (Intrusion prevention system blades) and scheduling a automatic update.
•Proactively monitored all type of firewall logs using event management and gateways & IPS updates.
•Configuring IPSec VPN, Site to site VPN & SSL VPN.
•Troubleshooting the firewall via CLI.