Palo Alto & Cisco Firewalls, F, Cloud Security
Work-Experience : - Years of total IT experience with significant experience in managing group of professional to deliver IT Security services for client based environment.
Type of Experience :
- Administer and support F appliances throughout the organization.
- Configure and support application security policies via the F ASM and APM security modules would be an added advantage.
- Creating implementation plans, LTM, GTM, and ASM configurations, TMOS code upgrades, and deployment of new load balancing builds for F load balancing technologies.
- Requesting and installing PKI server certificates.
- Experience writing and troubleshooting iRules.
- Excellent understanding of LTM configuration (VIPs, Persistence, SNAT, SSL, etc.).
- Ability to troubleshoot connection issues and services on F appliances.
- F Traffic Management Operating system, CLI commands, and Route Domains.
- Candidate must be good with Palo Alto, Cisco firewalls and Multi-Domain Security Management
- Expertise in Site-to-Site VPN for all platform- Cisco ASA, Firepower, Palo Alto, VPN Concentrator, etc.
- Experience should include security policy development, security education, Network Penetration testing, Application vulnerability assessments, risk analysis and compliance testing.
- Knowledge of IT Security technologies, Operating Systems, Database, routing and switching, and endpoint security solutions
- Knowledge of information security standards (, ISO / ), rules and regulations related to information security and data confidentially (, FERPA) and desktop, server, Application, database, Network security principals for risk identification and analysis.
- Exposed to best practice design & Implementation methodology
- Identifies ,isolates and resolves network security problems
- Experience with Problem and Change Management processes and applications.
- Excellent written and verbal communication skills. Technical Certification are advantage
- Excellent leadership skills and teamwork skills. Results oriented, high energy, self-motivated.
- Palo Alto policy management (making changes to the ACLs, Objects, policies)
- ASA policy management (making changes to the ACLs, Objects, policies)
- Exposure to Palo Alto & Cisco Firewall products .
Certifications
Certifications in IT Security will be preferred (CISCO CCIE security)F Certified Big-IP Administrator (F-CA) will be an added advantage.Certification like CISSP will be an added advantage.Areas of Responsibility
Validating the initial request and finding the basic information (ex : IP Addresses, Port number, Application owners, contact details)Knowledge of troubleshooting tools, such as : tcpdump, ssldump, openssl, QKView, logs, curl, Wireshark.F OS upgrades, backup and restores.Managing F appliances in HA configurations.Scheduling call for gathering Peer IP, NAT IP, Real IP (IP involved in the encryption domain), Protocols and Service Port information for building tunnel.Filling up the information / details received on the VPN form and collecting the BAA / other standard security documents (if needed)Coordinating with Network operations team related to routing the NAT IP, vendor end IP / s which are involved in the tunnel.Preparing the scripts / config to building the tunnel.Raising CRQ and following up of approvals from change managers, Perimeter Governance team, Site leadership, Application Owners and Change Management teamImplementing the tunnel change on the firewall along with Network data team for routing the vendor NAT IPS on CSH side.Scheduling call with vendor and requester for troubleshooting the connectivity related issues between the tunnel peers.Involving CSH and vendor side Application team, Server team along with vendor end technical person (Network / Security).Hypercare support, validation calls & Closure