Surendra Narang
Details
Palo Alto Networks
Principal Information Security Engineer
Works on deploying security controls/tools in Palo Alto internal infrastructure and cloud.
Responsible for auditing and deployment of PaloAlto Networks product Next Generation features in the internal infrastructure of Palo Alto Networks.
Reviewing third-party vendors connectivity design and approval from the Infosec team.
Reviewing new design and architecture deployment in IT infrastructure of Palo Alto Networks.
2019 : 2021
Palo Alto Networks
Senior Information Security Engineer
Roles and Responsibilities :
• Responsible for designing, deployment and management of security solutions for public and private cloud and data center infrastructures like Layer-7 firewalls, UTM devices
• Work closely with GRC team related to certain compliance environments for regular ongoing audits e.g. PCI, SOC2.
• Responsible for tracking the progress of remediation of security findings and help other team with mitigation projects.
• Responsible for reviewing the technical security controls from COBIT/NIST framework and implement across Network.
• Worked on multiple big projects/initiatives like deployment of internal cloud for internal multi tenancy, replacement of old technologies in data center and replace with latest solution e.g. deployment of layer-7 firewalls.
• Responsible for deploying secure connectivity between cloud , data centers, SOHO and business partner as organization security policy.
• Responsible for performing internal security assessments and plan for mitigation accordingly by working with respective teams.
• Conduct risk assessments and collaborate with internal team to provide recommendations regarding critical infrastructure and network security operations enhancements.
• Responsible for drafting technical manuals, process documents, network security documentation, developing compliance reports for internal teams.
2015 : 2019
Shutterfly Inc.
Senior Information Security Engineer
Worked as Network and Information Security Engineer
Roles and Responsibilities :
• Desiging and deploying of security infrastructure for new Data Center.
• Management of Security Infrastructure devices firewalls, UTM, NIDS/NIPS, VPN and VA scanning
tools.
• Works with application teams closely for migration of applications from Legacy DC to New DC.
• Performing Vulnerability scanning and Penetration Testing using tools like Qualysguard, Nessus
• Works with applications teams to remediate vulnerabilities identified in VA and Pentest using tools like Qualysguard
• Works closely with team responsible for implementation of ISE.
• Configuration of new Cisco Routers, Nexus and Catalyst Switches, ASA Firewalls for project related activities.
• Management of MPLS network for connectivity of Data Centers.
• Troubleshooting and problem resolution for major Routing, Switching, Firewall and security (NIDS, VPN) related issues of data center and remote sites.
• Implementation of Change request on Network Infrastructure which includes Cisco Routers, Switches, ASA Firewalls.
• Responsible for management of LAB which includes all network and security devices.
2013 : 2015
World Wide Technology and Pacific Gas and Electric Company
Network and Information Security Specilaist
Worked for Multiple clients for consultation, Designing, Implementation and management of Network and Security Solutions. Some of well-known organization are Kimberly Clark, EA Sports, General Motors and Virgin Altantic Airlines
Roles and Responsibilities :
• Designing and implementation of secure connectivity VPN solutions for third party business partners at various zones including DMZ, Extranet (Various Business Partners and 3rd party).
• Planning, designing, Installing and Configuring of Cisco Routers (1700, 1800, 2500, 2600, 3200, 3600, 3700, 3800 and 7200, 7609) & Cisco L2 & L3 Switches (2900, 3560, 4500 & 6500).
• Installing & configuring firewalls like Checkpoint NG & NGX, Cisco ASA & Pix, and PaloAlto.
• Configuring and implementing Routed and Routing protocols including : TCP/IP, RIP2, OSPF, EIGRP, BGP, MBGP and MPLS.
• Demonstrated Security Assessment (VA / PT), Auditing and Analysis that provided due diligence and compliance.
• Designing & implementing Cisco 3-tier LAN Network Architecture (Core, Distribution and Access).
• Configuring STP, RSTP, VLAN, VTP, SPAN port and Port binding.
• Possess in-depth knowledge of implementing and troubleshooting of different type of VPN solution like IPSEC, DMVPN, GETVPN, GRE over IPSEC, RUVPN, and SSL VPN on CISCO devices (ASA/PIX and Routers) , Checkpoint (UTM and IP 690) appliance and Watchguard UTM appliances.
• Experience of implementation and management of network and security solution for Cloud environment.
• Worked closely with Service Management teams to design an effective DR plan for TCS clients. Also involved in consultation practice for existing DR plan which include review and redesign.
• Designed and Implemented Security solution for cloud computing environment at perimeter level and VMware V-shield firewall solution at server level to provide the total security solution for agencies making infrastructure at cloud DC.
2007 : 2013
Tata Consultancy Services
Network and Information Security Analyst
About
• Over all 15 + years of experience in IT Security . Started Career as Network and Security administrator moved in to consulting, specializing in Information and Network security and gained expertise in planning, implementation, consulting and management of security solutions with main focus on Network Security.
• Experience in making security assessment, designing, implementation and management of security solutions at enterprise level.
• Extensive hands-on experience in Planning, designing of Enterprise Firewalls architecture and implementing in distributed environment i.e. configuring & troubleshooting –Cisco PIX, ASA, FWSM, Checkpoint, PaloAlto, Juniper Watchguard Firewalls.
• Extensive experience of designing vulnerability intelligence database/knowledgebase for effective mitigation and reporting and aligning it with existing vulnerability scanning, penetration testing, security incident, risk register, security advisory, patch management
• Past successes have stemmed from my skills in creative problem solving, teamwork and collaboration, and a firm commitment to allow subordinates and peers to be led without losing their autonomy.
• LAN experience includes design, installation, configuration, and management of Cisco catalyst switches
• Possess in-depth knowledge of implementing and troubleshooting of different type of VPN solution like IPSEC, DMVPN, GETVPN, GRE over IPSEC, RUVPN, and SSL VPN on CISCO devices (ASA/PIX and Routers) , Checkpoint (UTM and IP 690) appliance and Watchguard UTM appliances.
• Possess in-depth knowledge of implementing NIPS solution in different modes on CISCO devices, Checkpoint Modules. Experience in configuring and fine tuning of signatures on NIDS based on organization security policy
• Demonstrated Security Assessment (Vulnerability Assessment / Penetration Testing) using tools like Qualysguard, Nessus , NMAP, Auditing and Analysis that provided due diligence and compliance.
Profile Photo
