IT Security Solution Specialist
Public Services and Procurement Canada (PSPC)
Total years of experience :9 years, 4 Months
• Provide Cybersecurity expertise to implement best practices, delivering comprehensive program updates focusing on high-level risks, threats, and mitigation strategies
• Provided architectural solution for log retention in Azure platform
• Educate business users to raise awareness of cybersecurity risks and encourage proactive collaboration in maintaining a secure environment
• IT planning initiatives to ensure that security measures are incorporated into strategic IT plans and that service expectations are clearly defined
• Understanding and connecting threats to the risks of the organization to provide appropriate capabilities and services following ITSG-33 Security Control Framework
• Provided assistance on creating Concept Of Operation (CONOPS) documents for both Azure and AWS platform by following PBMM Regulatory compliance
• Created documents for mitigation approach for Sentinel platform in AWS cloud environment
• Contributed in writing Security Design Pattern for PaaS Based Information System Solutions
• Manage the organizations adherence to relevant cybersecurity regulations. .
• Developing a cloud based SIEM and Log Management solution concept of operations (CONOPS) including the necessary use cases. The document consists of current state, requirements, SIEM Architecture Solution
• Creating the requirements for vendor support during installation and training for the department. Vendor evaluation includes Azure Sentinel, IBM Qradar, Splunk, Log Rythm
• Developing a Statement of Requirements (SOR) suitable for GoC contracting purposes to include required vendor installation support and CDA CIS staf training.
• Assess security controls associated to processing, storing and transmitting sensitive information, provided to, and/or produced by the Department, according to the organizations and central agencys risk strategy to protect the confidentiality, integrity, and availability of information.
• Identify Audit requirements following ITSG-33 and NIST 800-53 framework
• Interview business stake holders and identify Risks and Gaps
• Assess Security initiatives and provide recommendations
• Assist with evaluating network zoning flows of trafic flows
• Security Assessments of Applications and server code upgrades
• Evaluating Internal Security Controls based on Corporate Security Policy Standard
• Aligned security standards, frameworks and security services with the overall business and technology strategy.
• Deliver the security solutions based on business, operation, technical and security requirements, as well as IT strategies
• Contribute to security and vulnerability analysis and risk assessments and identifying mitigation options
• Assess the technology solutions for compliance to the organization Cyber Security standards
• Liaise between information technology decision and with the organizations technology and business strategy.
• Lead in picking right SIEM Solution product and assist in deployment strategy
• Involved in Qradar SIEM deployment strategy
• Actively participated in Cyber Security management incidents
• Configured and monitored vulnerability tool (Nesus)
• Involved in recent Cyber incident and provided guidance to respective teams on mitigation approach
• Involved in threat modeling approach to Cyber security risk measurement and reporting
• Participated in Development of business continuity program
• Involved in security controls of Crown Jewel assets
• Providing guidance on improving Cyber Security posture
• Involved in internal audit based on ITSG-33 and NIST 800-53 Compliance and Threat Risk Assessment
• Evaluate the design, configuration, and efectiveness of the existing network security protection tools
• Assist in the review and development of network security standards and policies
• Creation of threat assessments and assistance in identifying protection requirements for various capabilities or products
• Contributed to the development of the overall Cyber Security Solution Architecture processes, tools and standards
• Provide guidance to operational teams on performance, capacity and/or operational concerns
• Develop monitoring, metrics and reporting to provide ongoing justification for network protection controls
• Planning for future network design enhancements to move toward zero trust, including a modern experience for remote access
• Security review and assessment of new firewalls
• Provide technical support and implementation services as required
• Provided cost efective solutions in a timely manner
• Laisse between information technology decision and with the organizations technology and business strategy.
• Determines security requirements by evaluating business strategies and requirements.
• Gathered, prioritized, analyzed and consolidating business requirements via interacting with the end users of one/multiple services and various project/program stakeholders
• Reviewed infrastructure requirements, including data center, network and security, and developed infrastructure recommendations to support those requirements
• Created Work Intake Form (WIF) for solution implementation
Executed administrative and project tasks, such as firewall rule requests, incident response and AWS Cloud related projects within the SOC department
•Involved in AWS Cloud migration project from on premise to cloud platform resulting in a successful software API migration of 100s of server application
•Managed day-to-day firewall change requests for implementation to maintain client’s requests quota. Supported vendors are Juniper, Tufin, Checkpoint, Cisco FTD, ASA, Palo Alto, ZScaler
•Troubleshot outages and after changes traffic issue
•Logged monitoring for Palo Alto, Cisco ASA, Checkpoint and Fortigate firewalls
•Used Panorama to implement, monitor and troubleshoot firewall rules and Pulse Secure VPN
•Worked on AWS and Zscaler cloud migration and support request
•Code/Patch upgrade on Cisco FTD devices
•Collected logs and performed log analysis using Arcsight
•Worked with change management regarding any change or incident issue
•Performed testing according to test plans, monitored and reported the results, and worked with clients on problem resolution
•Supported members of the team in achieving project/business objectives and providing satisfactory client services
• Executed administrative and project tasks, such as firewall rule requests, incident response and AWS Cloud related projects within the SOC department
• Involved in AWS Cloud migration project from on premise to cloud platform resulting in a successful software API migration of 100s of server application
• Managed day-to-day firewall change requests for implementation to maintain clients requests quota. Supported vendors are Juniper, Tufin, Checkpoint, Cisco FTD, ASA, Palo Alto, ZScaler
• Troubleshot outages and after changes trafic issue
• Logged monitoring for Palo Alto, Cisco ASA, Checkpoint and Fortigate firewalls
• Used Panorama to implement, monitor and troubleshoot firewall rules and Pulse Secure VPN
• Worked on AWS and Zscaler cloud migration and support request
• Code/Patch upgrade on Cisco FTD devices
• Collected logs and performed log analysis using Arcsight
• Analyzed malicious activity to determine weaknesses, methods of exploitation and efects on systems and information
• Analyzed SIEM log files to identify and collected samples related to security incidents
• Worked with change management regarding any change or incident issue
• Performed testing according to test plans, monitored and reported the results, and worked with clients on problem resolution
• Supported members of the team in achieving project/business objectives and providing satisfactory client services
• Responded to RFPs for potential clients and provided architectural support resulting winning bids and client satisfaction for the Bid management and Complex solution group
• Provided consulting on and assessed log integration of client sensitive data to its SIEM solution for the purpose of security, log retention and compliance
• Involved in evaluating Hybrid cloud solution for the Telus customer
• Selected and evaluated security solutions or enhancements to existing security solutions to improve overall protection levels
• Solutions include SIEM (Arcsight & Splunk), Palo Alto firewall, Cisco ASA, Web Application Firewall (F5 ASM)
• Analyzed SIEM log files to identify and collected samples related to security incidents
• Executed several projects and security architecture tasks, such as Wifi Access Point Security, Data Encryption resulting completion of warehouse security project as well as customer PII data security for the internal security group
• Solutions include Palo Alto firewall, Web Application Firewall (F5 ASM), Big Data (Hadoop)
• Identity Access management (IAM), 2Factor Authentication and others.
• Developed, maintained, test, and troubleshoot web application firewalls (F5 WAF) and rulesets.
• Involved in several projects and managing projects expectations
• Involved in firewall change requests on Checkpoint and Palo Alto firewalls
• Worked with security audit team and involved in vulnerability assessment and discussed testing techniques. Involved in Audit frameworks compliance project such as PCI-DSS and ISO 27001/27002
• Worked with external partners and internal business stake holders providing support and guidance
• Involved in rule remediation project for security risk analysis
• Delivered on time Security Solutions in Data Center Migration Project resulting client satisfaction for transition and transformation (T&T) group
• Migration methods involved net new built and lift and shift approach for hardware and software
• Delivered Security solutions based on ISO 27001/27002 compliance security framework
• Created Technical Solution Document (TSD) following TOGAF methodology
• Provided solution including Firewalls, IDS/IPS, F5 Bypass devices
• Integrated other security services including SIEM (ArcSight, Qradar), FireEye and Ironport
• Assessed existing environment and implement proposed security solution
• Worked with security vendors to provide appropriate solution to the clients
• Analyzed firewall logs and determine deficiencies and potential risk to the clients environment and advise mitigation proposal
• Created Security documents (policies, guidelines and procedures).
• Vulnerability assessment and creating firewall rule base (Checkpoint, Cisco ) for Internet facing firewalls, and other DMZs
• Configured F5 and FireEye boxes for integration at the new data center
• Redesigned F5 WAF rules in firewall refresh project
• Architected and led team on high level projects to consolidate our third Party VPN connectivity
• Oversaw the deployment, integration and configuration of all new security solutions and of any enhancements to existing security solutions in accordance with industry best practices and the companys security policies.
• Followed and supported Business Continuity Plan
• Actively participated in Incident Response Management
• Provided solution in developing security standards for corporate security audit
• Worked with IT security governance for solutions to ensure compliance with the corporate Security Policy including identity and access management
• Assisted incident response management team to analyze the incident, prepare a plan of action to resolve the issue and worked closely with project managers and customers
• Analyzed malicious activity to determine weaknesses, methods of exploitation and efects on systems and information
• Analyzed SIEM log files to identify and collected samples related to security incidents
• Performed Threat Risk Assessment (TRA) with other teams
• Created and developed transition build documents for operation teams for diferent projects
URL removed due to policy violation. Please contact support for further information.