Senior system engineer
Vmware
Total years of experience :10 years, 6 Months
Handling multi CDN (Akamai, Imperva & CloudFront) and Nginx proxy in IT operation.
Onboarded 100s of diverse application, optimized and secured them via CDN and proxy.
Collaborated with multiple application teams, to help understand their needs and cater to them.
Successfully automated bulk CDN resource management optimizing LOE by 99%.
Successfully automated proactive origin certificate monitoring for CDN origin resources, helping stop application being DOS ed due to certificate expiry.
Collaboratively automated application onboarding process, increasing efficacy by 60%.
Successfully automated zero-day vulnerability patching on Imperva and Akamai WAF drastically improving the time duration to patch.
Consulting and Troubleshoot wide variety of products like Delivery, Acceleration and Security products of Akamai CDN.
Products include BOTMAN, DDOS service (PROLEXIC), CACHING (Ion, Terra Alta, WAA, DSD), Certificates (CPS), DNS (Fast DNS), Load balancing (Global Traffic Manager), Web Application firewall (WAF) etc.
Daily work includes live network and application layer attack mitigation by creating custom signatures on SNORT and WAF after in-depth analysis.
WAF -Web Application Firewall, DDOS Mitigation, Bot-Manger, Radware Defense-Pro, NetScaler, SNORT, Linux.
Knowledge in scripting languages like Python and bash.
Strong knowledge in cyber and information security concepts.
Knowledge in tools like Metasploit Framework, Nmap, Armitage, Nessus, Nikto, Web-Shell, Wireshark, Burp Suite, Tcpdump.
Various protocols knowledge like TCP, IP, UDP, SSL, TLS, HTTP, DNS.
Creating signatures using regular expression, Snort rules and Responder Policies to mitigate the attacks towards customer.
Working knowledge on web application vulnerabilities like cross-site scripting - XSS, SQL injection, command injection, LFI, RFI, PHP injection, CSRF, HTTP header anomalies and OWASP top 10.
Collect and analyze logs for post attack information and troubleshooting to mitigate future attacks and provide RCAs
Work independently with our customers' technical teams on post-sales technical issues.
Work closely with and manage issue-specific cross-functional teams composed of Engineering, Operations, Sales, Professional Services, and Account Management representatives
Managing Zone/Hostname mapping of customers as per DNS records
Working with analyzing logs using tools in over 200000 servers
Escalating the bugs to engineering to Dev team and working to fix the issue within the SLA.
Writing KB articles for fixing scenario-based issues and best practices for configuration, helping customers fix issues on their own
Accountabilities:
•Cisco firewalls (ASA/PIX/ASA 5500X) and security modules (IPS/CSC etc) including NAT, Static/Dynamic Routing, Failover, AAA Authentication, Access control using ACLs, Modular Policy Framework, CDA, Site to site VPN, AAA.
•IOS Firewall involving CBAC (Context Based Control) and ZBF (Zone Based Firewall).
•IPS based solutions - IPS modules (ASA and Cisco IOS based) and dedicated IPS sensors (4200s)
•Understanding of the various types of attacks and the various ways to mitigate attacks using the inbuilt features on Cisco Devices like MPF configuration on Cisco ASA/PIX.
•Wccp and websense proxy .
•Handling escalations of L1 center, and working directly with Tier 2 escalation team/Developers in case complex troubleshooting is required
•Recreate issues faced by customers in my testing LAB whenever required on cases and filed bugs/caveats if found
Routing & Switching
•Working knowledge of Cisco Routers and Switches.
•Hands on experience with Network Monitoring tools involving SNMP, Syslogs, Netflow, captures (wireshark) etc.
•Routing protocols RIP / OSPF / EIGRP
•HTTP, TCP/IP, FTP, TFTP, DNS, DHCP, IPV4/IPV6
Accountabilities:
•Provide technical support for any queries related to British telecom’s broadband and other products.
•Troubleshooting and configuring BT router, Adapters, Access point, BT Wi-Fi and email.
•Round-the-clock technical support and problem resolution for customers and computer software and peripherals